This GDPR compliance has been prepared pursuant to the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR“).
The aim of this Privacy Policy is to offer you, as a visitor of Deltatel S.R.L. website (the “Website”), an overview over the manner in which your personal data is processed by us and your rights under the applicable data protection legislation in connection with the use of our Website. Please note that the personal data processing operations performed through the Website exclusively refer to persons over the age of 16. Therefore, by using the Website you confirm that you are at least 16 years old.
Table of Contents
- Information regarding the data controller
- Definitions and Principles
- Data Processing Purposes and categories of Personal Data processed
- Transfers of Personal Data and Data Recipients
- Storage Period
- Your Rights
- Data Security
- Updates and Changes
1. Information Regarding the Data Controller
The data controller for the personal data processing operations performed within the use of the Website services is:
DELTATEL S.R.L. (“Deltatel” or the “Controller”)
Address: 11 Gheorghe Lazar Street, 300081, Timisoara, Timis County
Phone number: +40 256 270 425
Contact information of the Data protection officer/Privacy Responsible:
2. Definitions and Principles
“Personal Data“: means any information which relates to an identified or identifiable natural person. Among these are, for example, name, e-mail address or telephone number;
“Processing“: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“Controller”: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Processor”: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“Recipient”: means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
Deltatel processes your personal data in accordance with the GDPR principles, as follows:
“Lawfulness, fairness and transparency”: the personal data is processed fairly in relation to the data subject, based on a legal basis provided by GDPR at Art. 6, and the data subject is informed on the processing as requested by Art. 13 and Art. 14 GDPR.
“Purpose limitation”: the purpose for which we process the personal date is specific, explicit, and legitimate. We do not collect and use data for other purposes than the ones we informed the data subject about.
“Data minimization”: we process the minimum amount of personal data we need; the personal data we collect are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
“Accuracy”: personal data processed is accurate and where necessary kept up to date. We do not retain old and outdated data in our system.
“Storage limitation”: we established and documented the necessary retention period for the personal data we collect and process for specific objectives. After the retention period is met, the personal data shall be deleted, destroyed, or anonymized.
“Integrity and confidentiality”: we handle personal data in a manner ensuring appropriate security, which include protection against unlawful processing or accidental loss, destruction or damage.
“Accountability”: as data controller, we are responsible for proving compliance with the principles of the GDPR mentioned above.
3. Data Processing Purposes and Categories of Personal Data processed
The Website enables you (i) to find out more information about our Company and services we provide in various areas.
For the use of the Website, you must provide certain Personal Data, that we shall process in order to be able to assist you with the requested matter. If additional information may be voluntarily shared, these are indicated as being “optional“.
3.1 Usage data
As is true of most other websites, we may also collect information that your browser sends whenever you are using our Website.
This Usage Data may include information such as the IP address, region, browser type, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, and other usage data.
It is our legitimate interest (Art. 6 (1) f) GDPR) to understand how customers, potential customers and visitors use the Website. This assists with providing more relevant products and services, with communicating value to our visitors, and with providing appropriate staffing to meet visitor and customer needs.
3.2 Links to other websites
Our Website may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. In such cases, we strongly advise you to review the Privacy Policy of every site you visit.
In this respect, we emphasize that Deltatel has no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
3.3 Cookies
At the same time, the Website uses both session ID cookies and persistent cookies as part of its interaction with your browser. For more information on the use of cookies and when your prior consent is required, please refer to our Cookie Policy available at https://deltatelgroup.com/cookies-policy/.
4. Transfers of Personal Data and Data Recipients
4.1 Recipients
Services providers: We may employ third party companies and individuals to perform Website-related activities, to ensure data storage or to assist us in analyzing how our Website is used. These third parties may access your Personal Data only to perform these tasks on our behalf and are compelled not to disclose or use it for any other purpose.
Also, where these recipients qualify as data processors, they will be contractually bound to respect the same obligations in what regards the protection of Personal Data as that incumbent to us and shall implement adequate technical and organizational measures for the protection of personal data, at least at the same level as those implemented by the data controller.
Third parties: Your Personal Data may be provided to governmental and regulatory agencies (e.g. tax authorities), courts or other governmental authorities, in accordance with the provisions of the applicable legislation and in line with art. 6 (1) (c) GDPR, as well as to external consultants acting as data controllers (e.g. lawyers, accountants, auditors, etc.), based on art. 6 (1) (f) GDPR.
4.2 Data Transfers
We may transfer your Personal Data abroad, to countries located within the EU/EEA (e.g. data storage activities performed within a service provider’s infrastructure located in EU or in IT infrastructures and systems at our sites within the EU).
In case that any data transfers shall be performed also to countries located outside EU/EEA, Deltatel will ensure that adequate guarantees are in place for the protection of the personal data to be transferred.
Thus, by executing Data Transfer Agreements based on Model Contractual Clauses (Decision of the European Commission no. 2010/87/EU and/or Decision of the European Commission no. 2004/915/EU), in accordance with art. 46 (5) GDPR or by using other adequate means for the transfer of Personal Data, we ensure that all such recipients offer an adequate level of protection for the personal data and that adequate technical and organizational measure have been implemented for the protection of Personal Data against unlawful destruction, loss, alteration or unauthorized disclosure.
5. Storage Periods
The Personal Data we are processing as described within this Privacy Policy is stored by us only for as long as it is required to perform the respective purpose for which each category of Personal Data is processed, or inasmuch as it is required for conformity with statutory or official requirements.
Therefore, the Personal Data processed for customer/visitor support shall be kept for 3 years, if no longer storage periods are required by the law or necessary for grounded purposes (e.g. pending investigations for which such data are relevant); also, we keep your personal data in relation to blogging activities during the existence of the blog or until the deletion of the comment by you.
Usage data collected by us shall be stored for 1 year if no longer storage periods are required by the law or necessary for grounded purposes (e.g. pending investigations for which such data are relevant). Also, marketing related data shall be stored for 3 years, unless the data subject meantime withdraws its consent to this processing.
Regarding the personal data processed for job applications through the Website, it will be stored for a period of 3 years or longer, if you consent to such extended period.
For the use of cookies for which your prior consent is required, you may refer to our Cookie Policy available at https://deltatelgroup.com/en/cookies-policy/ for information on retention periods.
After the retention period is met, the personal data shall be deleted, destroyed, or anonymized.
6. Your Rights
Based on the provisions of the GDPR, you have the following rights in what regards the protection of the Personal Data:
Right of access: You have the right to obtain information regarding the extent, the origin and the recipient of retained data as well as the purpose of the retention.
Right to rectification: You have the right to obtain the rectification of your incorrect Personal Data. Depending on the Processing purpose, you have the right to complete the Personal Data, where case, including by means of a supplementary declaration.
Right to erasure (“right to be forgotten”): You have the right to ask us to delete your Personal Data.
Right to restriction of processing: You have the right to request the restriction of the Processing of your Personal Data. In this case, the respective data will be marked and can be processed by us only for certain purposes.
Right to data portability: You have the right to receive your Personal Data that you have provided to us, in a structured, common and machine-readable format, and you have the right to transmit this data to another entity without objection from us.
Right to object:
You have the right to object, for reasons related to your situation, at any time, to the processing of your Personal Data by us, and we may be required to cease the Processing of your Personal Data. If you have the right to object and you exercise it, we will no longer Process your Personal Data for that purpose. The exercising of this right does not imply any cost.
This right may be invalidated in particular if the Processing of your Personal Data is necessary for the formalities related to the execution of a contract or for the fulfillment of a contract already executed.
Irrespective of any other administrative or judicial legal remedy, you have the right to file a complaint regarding the Processing of your Personal Data by us with the competent data protection authority (Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal, also known as ANSPDCP).
Please note that the above rights may be limited based on applicable national data protection law.
All informational requests, queries, objections, exercising of data protection rights or any other related issues can be sent by e-mail to
7. Data Security
We have taken appropriate technical and organizational measures to guarantee data security, in particular to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed. Such measures are periodically reviewed and updated.
Updates and changes
We may update our Privacy Policy from time to time, therefore you are advised to review this Privacy Policy periodically for any changes.
The Company will notify its customers of material changes to this statement by placing prominent notice on the Website. Changes to this Privacy Policy are effective when they are posted on this page.