Information notice regarding the processing of personal data

 

Thank you for your interest in Macrosight by visiting macrosight.co.

Please read this document carefully before accessing the website macrosight.co.

 

Preamble

Through this ” Privacy Policy “, Macrosight informs you about its practices regarding the way of collection, registration, storage, use and processing of personal data provided by the Visitor/User, including any type of data transmitted when it decides to subscribe to the newsletter.

The processing of personal data is carried out by the operator “INDIELAB SRL”, a legal entity with its registered office in Brasov, Bdul. Garii Nr. 30A, Bl. 225, Sc. D, Ap. 38, Romania, registered in the Trade Register under number J08/2004/2015, having CUI RO35304614 (hereinafter referred to as “Macrosight“).

The visitor can browse the Site without providing personal data. However, in some specific cases, in order to be able to offer the services requested on the Site, it is necessary to provide such data. In this sense, Macrosight undertakes all the necessary steps to process its personal data, in accordance with the principles established by the data protection legislation applicable in Romania and the General Regulation on the protection of personal data.

The safety of personal data is of the utmost importance to Macrosight, that is why we treat every aspect of the protection of this data with seriousness and commitment.

Note: Macrosight occasionally updates the Privacy Policy. All updated versions of the Privacy Policy are valid from the time of their publication on the Website. Macrosight encourages Visitors and Users to periodically access and read the Privacy Policy to be aware of the updated version. It is important that the Visitor/User read the Privacy Policy before accessing the Website.

 

Identification data of Macrosight

The site is operated by INDIELAB SRL, a legal entity with its registered office in Brasov, Bdul. Garii Nr. 30A, Bl. 225, Sc. D, Ap. 38, Romania, registered in the Trade Register under number J08/2004/2015, having CUI RO35304614 (hereinafter referred to as “Macrosight“), having the capacity of personal data operator.

References to Macrosight in this Privacy Policy mean the legal entity INDIELAB SRL.

Macrosight contact details are available here (https://macrosight.co/#contact).

 

Table of Contents Privacy Policy

To be read easily, this Privacy Policy adopted by Macrosight is structured in the following chapters:

 

Chapter	Chapter title
1	The categories of personal data processed
2	The method of processing personal data
3	Purpose of personal data processing
4	Disclosure of personal data
5	International transfers of personal data
6	Links to external websites
7	Links to the Site provided by third parties
8	Provision by the User of other people’s personal data
9	Duration of personal data processing
10	User Rights
11	Security of personal data
12	Questions, complaints, complaints
13	Legal basis
14	Changes to the Privacy Policy

 

To understand the meaning of some terms used in the Privacy Policy adopted by Macrosight, Visitors/Users are asked to consult the following definitions:

” Cookies “	means a small file usually made up of letters and numbers; it is downloaded, with your consent, into the memory of an electronic device used for Internet browsing (smartphone, tablet, etc.), when the user accesses a certain website;
		” Macrosight “	means the operator responsible for data processing within the meaning of the GDPR Regulation, namely INDIELAB SRL, a legal entity with its registered office in Brasov, Bdul. Garii Nr. 30A, Bl. 225, Sc. D, Ap. 38, Romania, registered in the Trade Register under number J08/2004/2015, having CUI RO35304614.
” Personal data “	means any information relating to an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more many specific elements, specific to his physical, physiological, genetic, psychological, economic, cultural or social identity;
“Data Subject” or “User“	means that natural person (including the agent of an entity) who accesses and uses the Site for any purpose (eg viewing presentations of the services and/or products offered by Macrosight, subscribing to the newsletter) and which, from the perspective of the GDPR Regulation, may be an identified or identifiable natural person (directly or indirectly, in particular by reference to an element identification: name, identification number, location data, an online identifier, or to one/more specific elements, specific to his physical, physiological, genetic, psychological, economic, cultural or social identity). The person concerned can be the applicant for a service offered by Macrosight, as well as any other natural person whose personal data is transmitted to the Operator (for example, a customer or potential customer, a candidate for a certain available position, a user of the Operator’s website, etc.).
“Processing of personal data“	means any operation or set of operations performed on personal data or sets of personal data belonging to the Data Subject, with or without the use of automatic means, such as collection, recording, organization, structuring, storage, adaptation or modification, extract, consult, use, disclose by transmission, disseminate or otherwise make available, align or combine, restrict, delete or destroy.
” GDPR Regulation “	means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) known as GDPR (General Data Protection Regulation).
” Responsible for data protection “	the address to which requests for information regarding the processing of personal data by Macrosight can be sent: ([email protected]).
” Site “	means the website macrosight.co.
” Third Party “	means a person, entity or group of persons and/or entities that is not and has not been declared a member, employee, affiliate or subsidiary of Macrosight.
” Visitor “	means a person who uses the Site without registering or becoming a member thereof; this person can access generally available functionality and content without the need to provide personal information or login, has access to basic features of the Site (for example viewing public content, using limited functions and exploring the interface). However, there are restrictions on certain facilities and benefits, which may only be available to Users. Visitors can experience the Site to familiarize themselves with its functionality and content before deciding to register or become a User.

 

 

1.   The categories of personal data processed

Macrosight collects personal data directly from the User and/or automatically, including following the use of cookies (for more details see the Cookie Policy: https://macrosight.co/cookie-policy). Thus, the categories of personal data processed by Macrosight are the following:

1. a) information collected according to the selected cookie options (for example, browser type, IP, etc. – for more details see the Cookie Policy);
2. b) the personal data provided by the User in order to register and subscribe to the newsletter (these data including the e-mail address);
3. c) any other types of information you choose to provide to us.

In order to read the existing information on the Site, it is not necessary to provide personal data, providing it depends exclusively on the User’s option. However, for the purpose of the technical exploitation of the Site or for the use of some services (for example, subscription to the newsletter), it is necessary to provide certain personal data in order to be able to provide access to the respective functionality or to be able to deliver the goods and/ or the service. For details, please refer to the section corresponding to the operation used on the Site.

 

2.   The method of processing personal data

 

2.1. Method of obtaining and processing the User’s personal data

The personal data processed by Macrosight are generally obtained directly from the User, through direct interaction: The User will be able to directly provide his personal data to Macrosight (for example by subscribing to the newsletter).

However, there are situations in which Macrosight obtains personal data about the User, indirectly (with the help of technology): as the User uses the Site, Macrosight will be able to collect, automatically, Technical Data about the equipment used by the User, how they navigate and different patterns. Macrosight may collect this information through the use of cookies, server logs and other similar technologies.

When the User accesses and uses the Site, Macrosight will collect, record, store, use and process directly or indirectly (part of) the following personal data:

Category	Data included
Technical data	Browser type and version; location and time zone settings; operating system; operating platform; the type of device used; the unique identifier of the device (for example, the IMEI number of the device, the MAC address of the wireless network interface of the device or the mobile phone number used by the device); information about the mobile network, mobile operating system; the type of mobile browser you use and other technologies on the devices used to access the Site;
Identification data	E-mail, phone number;
Profile data	The User’s interests and preferences;
Usage data	Information about how the User uses the Site, Macrosight products and/or services

  

2.2. How does Macrosight use the User’s personal data?

In general, Macrosight will use the personal data it receives about the User, either directly or indirectly, as follows:

•   to respond to questions and/or requests of Visitors/Users;
•   for marketing purposes, but only in the situation where Macrosight has obtained the prior consent of the User;
•   to diagnose or fix technical problems;
•   to prevent and defend the Site against cyber-attacks;
•   for establishing or claiming a right in court;
•   to customize the experience on the Site;
•   to send automated messages in connection with user account registration / user email or in connection with various services/products available on the Site (this could be via email, overlay or push notification);
•   to provide access to a service or product requested by the User;
•   to respond to any request/complaint/complaint or suggestion sent by the User;

 

3.   Purpose of personal data processing

Although for the processing of all personal data Macrosight requested, in general and in advance, the express consent of the User, we note that the purpose of these operations is the following:

 

Purpose	Purpose description	basis
Accessing the Site	The personal data processing activity is carried out to ensure an optimal connection, to ensure a comfortable use of the Site, to evaluate the safety and stability of the Site. Thus, the processing of personal data is carried out both in the interest of the User (in order to provide him with a fully functional Site), as well as in the interest of Macrosight (in order to continuously improve the Site and to avoid the potential losses generated by potential fraudulent actions).	In order to achieve the stated goal, we consider that, according to art. 6 of the GDPR Regulation, Macrosight has a legitimate interest in processing certain personal data of the User to analyze the usability of the Site, to ensure the general functionality of the Site, to improve the User’s experience and provide a higher quality service or to avoid cyber attacks, as appropriate.
Marketing	The processing of personal data for marketing purposes is mainly carried out to transmit personalized information about the products and/or services provided by Macrosight (to the extent that the User has subscribed to the newsletter) by means of e-mail, overlay or notification push. Through direct marketing actions, Macrosight sends interested Users a message (e-mail, overlay or push notification) containing general and thematic information about similar or complementary products/services.	Macrosight is permitted, from a legal point of view, to process the User’s data for marketing purposes: § based on the consent provided by the User to receive personalized information by e-mail and/or through the Site (overlayer, push notification). In accordance with applicable law, Macrosight will obtain the User’s consent before processing personal data for direct marketing purposes. In this case, we inform the User that he can withdraw his consent for marketing processing at any time, in which case he will no longer receive any marketing communication from us. The user has the possibility to opt out of the newsletter service at any time and free of charge ( i ) by accessing the ” Subscriptions ” section, ticking the ” Unsubscribe ” option within the newsletter or ( ii ) by sending an e-mail to the address ([email protected]) by which to expressly request unsubscription; § based on the legitimate interest to promote the products and/or services of Macrosight, by sending it to the User.
Other communications (including but not limited to the Site, email, post, telephone or SMS)	These communications will be made for a specific reason (such as, but not limited to): § to respond to the User’s requests of any type, § to inform the User about the manner in which the complaints and/or incidents arising in the interaction with Macrosight were resolved.	Macrosight’s legitimate interest is to respond to requests/questions/complaints or suggestions, to provide services at desired standards. When: § The user contacts Macrosight, especially for managing incidents, clarifying some issues, the processing is necessary for the proper execution of the contract; § The user contacts Macrosight for the management of incidents related to a product/service, the processing of personal data is done for the fulfillment of legal obligations by Macrosight.
Business Administration (“Cookie Policy”)	To improve the online browsing experience on the Site, Macrosight uses cookies that facilitate its use by Visitors and/or Users. In general, the role of cookies is to ensure a quick and easy interaction between the Visitor/User and the Site. Also, cookies are used so that the User can easily resume his activities on the next access to the previously visited Site. Basically, the cookies tell the server which pages should be shown to the User, without the User having to remember the pages he browsed or to navigate the entire Site from the beginning. We ask Users to consult the Cookies Policy to obtain detailed information (https://macrosight.co/cookie-policy).	The legitimate interest to continuously provide improved services to Visitors/Users.

 

In short, the grounds for processing personal data will generally be the following:

•   the consent given by the User for the processing of personal data;
•   processing is necessary for legislative and/or statutory compliance.

Note : In the event that Macrosight intends to subsequently process Users’ personal data for a purpose other than those mentioned above and for which they were collected, Macrosight will inform you, even before this further processing , information regarding the respective secondary purpose and any relevant information, in accordance with the provisions of art. 13 of the GDPR Regulation.

 

4.   Disclosure of personal data

In order to provide the expected level of professionalism and provide high-quality services, the User’s personal data may be transmitted by Macrosight to third parties for the purposes mentioned in section 2 (“Purpose of personal data processing”), in compliance with the law applicable as detailed below:

1. a)   suppliers: in order to provide the requested services, in some cases, we will have to transmit some of the personal data to the suppliers, and the latter have the capacity of proxies and process the data in our name, on our behalf and in accordance with our instructions (for example, software providers, IT, e-mail, accounting, etc.).
2. b)   business partners: in certain cases, Macrosight partners with other entities to provide you with products, services or offers;
3. c)   public authorities and/or institutions : for (i) compliance with legal provisions, (ii) to respond to their requests, (iii) reasons of public interest (for example, cyber attacks; national security);
4. d)   activity analysis plugins: The Site uses “plugins” from activity analysis operators. All activity analysis plugins on our website are clearly and distinctly marked: Google Analytics.

The confidentiality of personal data is important to Macrosight, which is why, where possible, the transmission of personal data in accordance with the above is only carried out on the basis of a confidentiality undertaking from the recipients, whereby they guarantee that this data are kept secure and that the provision of such information is made in accordance with applicable law and policies. In any case, each time Macrosight transmits to third parties only the information strictly necessary to achieve that purpose.

Macrosight may transmit personal data to other parties with the consent or according to the User’s instructions.

 

5.   International transfers of personal data

In the context of the operations described above, the User’s personal data may be transferred by Macrosight abroad, including to countries in the European Union (“EU”) or the European Economic Area (“EEA”), to other companies, organizations or persons from third countries or to international organizations. Macrosight will ensure, within reasonable limits, that Users’ data does not leave the EEA.

It is possible that some of Macrosight’s service providers are located outside the EEA, so their processing of the User’s personal data will involve a data transfer outside the EEA. Thus, if Macrosight deems it necessary to transfer the User’s personal data to a third country, outside the EEA, this will only be done if the country provides an adequate level of protection and only to the extent that the transfers are legitimate ( based on the explicit consent of the User or other legal basis).

Although the data protection laws of these countries may differ from those of the User’s country, Macrosight will take the necessary steps to ensure that such personal data is processed in accordance with this Privacy Policy and in accordance with applicable law. In this sense, Macrosight will ensure that there is a similar level of protection, through the following safeguard mechanisms:

• Macrosight will transfer the User’s personal data to countries where it has been demonstrated by the European Commission that they provide an adequate level of security for personal data. For more details you can consult this link ( https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en );
• when Macrosight calls on certain service providers, it will be able to use certain model contracts provided and approved by the European Commission that give personal data the same protection as they have in Europe. For more details you can refer to this link ( https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en );
• when Macrosight uses certain providers in the US, it will be possible to transfer data if these states offer similar protection conditions for data shared between the EU and the US. For more details you can consult this link ( https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/eu-us-data-transfers_en ).

We ask the User to contact us at the email address ([email protected]) if they want more information about the specific mechanism used by Macrosight when we transfer personal data outside the EEA.

 

6.   Links to external websites

The Site may direct to external sites, resources or online services in order to improve the information it provides and to help the User access that information more easily. The privacy policy does not cover the websites, resources and/or online services of third parties that the User can reach by accessing the links on the Site.

The user who chooses to access a link to an external site leaves the official domain of the Site and becomes subject to the policies of that external site in terms of cookies, privacy policy and other legal aspects. There is a possibility that Third Parties may collect or share data about the User. Compliance with the applicable data protection and accessibility requirements of external websites, which can be accessed through links on the Site, is not under the control of Macrosight and constitutes the explicit responsibility of the external websites in question.

Therefore, Macrosight shall not be responsible for the availability of such external websites, nor for the content, advertising, goods, services, information or other materials available on or through such websites, for the functionality or performance of such websites -s or for the infringement of any intellectual property rights or other rights, which occurs through these sites. It is the responsibility of the Third Parties who administer the respective sites to ensure compliance with any legal regulations imposed on them.

The user is fully responsible when he clicks on such links and declares that he assumes any kind of damage (direct or indirect that may occur). Macrosight encourages Users to review the Privacy Policy as well as the terms of use of any website before providing personal data to them.

 

7.   Links to the Site provided by third parties

This Privacy Policy does not cover the applications and websites of other third parties that the User can reach by accessing the existing links on the respective applications and / or websites.

At the same time, Macrosight is not responsible for any kind of link distributed by third parties that refer to the Site. When a User accesses an external link, third parties may collect or share data about them. Macrosight does not control these third party websites and is not responsible for their privacy, security and cookie policies.

The user is fully responsible when he accesses the link from the external website and understands that he assumes any kind of damage (direct or indirect) that may occur.

 

8.   Provision by the User of other people’s personal data

If the User provides the personal data of other natural persons, Macrosight asks that User to communicate this before it is processed (as described in this Privacy Policy).

 

9.   Duration of personal data processing

The User’s personal data is kept by Macrosight for the entire period of achieving the purposes detailed in this Privacy Policy, if a longer retention period is not required or permitted by applicable law. In this regard, we note that, in general:

• Macrosight will process personal data for the purpose of fulfilling contractual obligations, throughout the validity period of the legal relationships generated by this context;
• Macrosight will process the data for marketing and commercial purposes until the User decides to unsubscribe/cancel the subscription to the newsletter;
• Macrosight will process the User’s data for the purpose of accessing the Website and managing the business (cookies) until the User changes the settings of the device, browser or cookie modules, so that our permission to accomplish this.

To determine the appropriate retention period for personal data, Macrosight considers the value, nature and sensitivity of the personal data, the potential risk of harm caused by unauthorized use or disclosure of the personal data, the purposes for which the personal data was processed personally and if Macrosight can achieve these purposes through other means and applicable legal requirements.

According to the legal provisions applicable at the moment, Macrosight is obliged to keep basic information about customers, members, contractual partners and sponsors (including Contact Data, Identity Data, Financial and Transaction Data) for 5 (five) years after they no longer have legal tax relations with Macrosight.

In expressly regulated situations, Macrosight stores personal data for the period required by law.

Macrosight constantly reviews the need to keep the User’s personal data, and to the extent that the processing is no longer necessary and there is no legal obligation to keep this data, Macrosight will delete/destroy this data as soon as possible and in a so that they can no longer be recovered or reconstituted.

If the User’s personal data are printed on paper, they will be destroyed in a way that ensures their complete elimination, and if they are saved on electronic media, they will be deleted by technical means to ensure that the information cannot be recovered or reconstructed later.

 

10. User Rights

 

10.1. User Rights

The user benefits from a series of rights provided by the GDPR Regulation, namely:

1. a)   the right to be informed about the processing of personal data: The user has the right to know the following information (i) the identity and contact details of the operator, (ii) the purposes for which the personal data are processed, as well as the basis legal processing, (iii) categories of data collected, (iv) data recipients, (v) data transfer, (vi) data storage period, (vii) what are his rights, etc., according to art. 13 and 14 of the GDPR Regulation. This right is respected by drawing up this Privacy Policy;
2. b)   the right of access to personal data : The user can expressly request, according to art. 15 of the GDPR Regulation:

•   confirmation of the fact that Macrosight processes (or not) personal data and, if so, to allow access to said data and to provide information about it;
•   a copy of his personal data held by Macrosight;
•   information about the User’s personal data, such as the data that Macrosight has, that it uses, to whom it discloses it, if it transfers it abroad and how it protects it, how long it keeps it, what rights it has, how it can formulate a complaint etc.;

1. c)   the right to withdraw consent when the processing of personal data was based on his consent and there is no other basis for processing. We draw attention to the fact that the withdrawal of consent by the User does not affect the data processing carried out up to that point;
2. d)   the right to rectify inaccurate, incomplete or erroneous data: the User has the right to contact Macrosight and request any modification of his personal data or may request the correction of his personal data that Macrosight holds about the User, according to art. 16 of the GDPR, so that they comply with reality;
3. e)   the right to deletion (“the right to be forgotten”): according to art. 17 of the GDPR Regulation, this right allows the User to request Macrosight to delete personal data about the User and not to process them in the future, in certain determined circumstances, when:

•   they are no longer necessary to fulfill the purposes for which they were collected or processed; or
•   The user has withdrawn his consent on the basis of which the data processing takes place based on his consent and there is no other basis for the processing; or
•   The user exercises a legal right to object to processing; or
•   Macrosight has a legal obligation to do so; or
•   there is no other basis for the processing of his personal data (for example: if the personal data was collected illegally; when the deadline for storing personal data has expired; when the User has exercised the right to object or when the processing of personal data is carried out based on consent and the User has withdrawn consent).

Macrosight is not obliged to comply with this request if the processing of the User’s data is necessary to comply with a legal obligation; or establishing, exercising or defending a right in court, as well as in other circumstances, but these two are the most likely.

1. f)    the right to restrict the processing of personal data: the User may request, according to art. 18 of the GDPR Regulation, restricting the processing of his personal data for a certain period, in certain situations, respectively:

•   if the User disputes the accuracy of his personal data, but for a period that allows the operator to verify the accuracy of the data;
•   if the User disputes the legality of the processing of his personal data, and he does not agree to the deletion of personal data, but instead requests the restriction of their processing;
•   if Macrosight no longer needs the User’s personal data for the purpose of processing;
•   when processing the User’s personal data for direct marketing purposes;

1. g)   the right to data portability (” the right to transmit the data we hold about you to another operator “): The user can request Macrosight, pursuant to art. 20 of the GDPR Regulation, to have his personal data transmitted to him. Also, the User has the right to request the transmission of these data to another operator if they were processed on the basis of consent or the processing was carried out by automatic means;
2. h)   the right to opposition : The user can request Macrosight to stop processing his personal data, under the conditions of art. 21 of the GDPR Regulation. Macrosight no longer processes personal data, unless Macrosight demonstrates that it has legitimate and compelling reasons that justify the processing and that prevail over the interests, rights and freedoms of the data subject, or that the purpose is to ascertain, exercise or defend a right in instance;
3. i)    the right not to be subject to a decision based solely on automated processing, including profiling;
4. i)    the right to go to justice;
5. k)   the right to file a complaint with a Supervisory Authority.

The rights listed above are not absolute, with certain exceptions.

Also, in order to exercise the mentioned rights, the User is asked to send a written, dated and signed request to the email address : ([email protected]) or to the postal address (Brasov, Bdul. Garii Nr. 30A, Bl. 225, Sc. D, Ap. 38, Romania), to the attention of the data protection officer. In order to exercise the rights mentioned, the User does not have to pay any fee.

Each request received from the User will be analyzed by Macrosight in order to decide whether it is justified or not. To the extent that the request is justified , Macrosight will facilitate the exercise of the rights claimed by the User. If the User’s request is unfounded , Macrosight will reject it and inform the User both of the reasons for the refusal and of his right to file a complaint with the competent Supervisory Authority and/or of his right to go to court.

Thus, within no more than 30 (thirty) days, calculated from the date of receipt of the request, Macrosight will provide the User with a response with information on the actions taken or, where appropriate, on the reasons why (not ) the requested measures can be taken. Also, according to the GDPR Regulation, the said response period can be extended by no more than two months in the situation where it is necessary, taking into account the complexity and the large number of requests received or the impossibility of identifying the User in a timely manner, following that Macrosight to inform you about this, if applicable.

Therefore, in order to be able to respond to the User’s possible requests (by which he wants to exercise certain rights), Macrosight will be able to request additional information in order to be able to confirm the User’s identity. If the User does not respond to our requests, and after reasonable efforts made by Macrosight it is found that the User cannot be identified, then Macrosight is not obliged to comply with such a request.

Note: In order to comply with a request for access to personal data, Macrosight will take all reasonable steps to verify the identity of the Data Subject/User.

 

11. Security of personal data

Macrosight takes the necessary measures to process personal data, in conditions of security, legitimacy and legality, while also implementing appropriate technical and organizational measures to ensure data integrity and confidentiality, according to the GDPR Regulation.

In this sense, Macrosight treats the security of personal data seriously, taking necessary measures to protect and prevent their unauthorized access, modification, disclosure or destruction. This entails internal reviews ( i ) of data collection, storage and processing practices, but also ( ii ) of cyber and physical security measures to protect and prevent unauthorized access to personal data storage systems used by Macrosight.

Macrosight has implemented the following technical and organizational security measures for the User’s personal data:

•   dedicated policies: Macrosight adopts and constantly reviews its internal practices and policies for the processing of personal data (including physical and electronic security measures), in order to protect the systems from possible unauthorized access or other possible threats to their security. These policies are subject to constant checks to ensure that we comply with legal requirements and that the systems are working properly;
•   data minimization: Macrosight ensures that the User’s personal data it processes is limited to only those necessary, appropriate and relevant for the purposes stated in this Privacy Policy;
•   restricting access to data: Macrosight tries to restrict access to the personal data it processes to the minimum necessary: employees, collaborators and other people who need to access this data to process it and carry out a service. Macrosight partners and/or collaborators are subject to strict confidentiality obligations (either by contract or by mandatory legal provisions);
•   specific technical measures: Macrosight uses technologies to ensure the security of sensitive data, always trying to implement the best solutions. Also, Macrosight makes periodic back-ups to be able to recover them in the event of an incident. Macrosight has implemented periodic audit procedures regarding the equipment used. However, Macrosight points out that no website, no application and no internet connection is completely secure and untouchable;
•   ensuring the accuracy of the User’s data: in some situations it is possible for Macrosight to ask the User to confirm the accuracy or timeliness of the data to be sure that it reflects reality;
•   staff training: Macrosight constantly trains and tests its employees and collaborators on legislation and best practices in the field of personal data processing;
•   data anonymization: where possible, Macrosight tries, as much as possible, to anonymize and/or pseudo-anonymize the personal data of the User it processes, so that it can no longer identify the persons to whom it refers.

Although Macrosight makes constant efforts to ensure the security of the data that the User entrusts to it, there may be events/incidents/security breaches. In these cases, Macrosight will strictly follow the security incident reporting and notification procedure and will take all necessary measures to restore the situation to normal as soon as possible.

Macrosight recommends Users to adopt, in turn, certain security measures, such as:

•     installation of antivirus, anti-spyware and firewall; updating these programs regularly;
•     do not leave the devices on which you use the Site unattended;
•     report any fraud involving the user account;
•     log out of your existing user account on the Site when not in use;
•     keep passwords strictly confidential and use strong passwords, i.e. avoid obvious combinations of letters and numbers;
•     be vigilant online and learn how to spot unusual activity, such as a new App/Site address or phishing emails asking for personal information.

 

12. Questions, complaints, complaints

If the User wishes to address to Macrosight questions, claims, complaints or other issues related to the processing of his personal data or if he wishes to exercise any of the rights mentioned in the “User Rights” section, the User will have to send a written request, dated and signed at the following email address ([email protected]).

To the extent that he does not have electronic means or does not wish to use them, the User can formulate a written request to be sent to the postal address of the registered office of Macrosight, located in Brasov, Bdul. Garii Nr. 30A, Bl. 225, Sc. D, Ap. 38, Romania.

Within no more than 30 (thirty) days, calculated from the date of receipt of the request, Macrosight will provide the User with a response with information on the actions taken or, where applicable, on the reasons why the requested measures can (not) be taken. According to the GDPR Regulation, the mentioned response period can be extended by a maximum of two months in the situation where it is necessary, taking into account the complexity and number of requests, and Macrosight will inform you about this aspect, if necessary .

The information is provided free of charge, unless it is clearly unfounded or excessive, especially due to its repetitive nature, in which case the provisions of art. 12 of the GDPR Regulation (charging a fee, refusing to comply with the request, etc.).

If the User is not satisfied with the way in which his request was resolved by Macrosight, he can submit a complaint to:

•   The Romanian authority for the protection of personal data, called the “National Supervisory Authority for the Processing of Personal Data” (in short ” ANSPDCP “) which can be contacted at one of the following addresses:

–     headquarters: bdul. General Gheorghe Magheru no. 28-30, Sector 1, postal code 010336, Bucharest, Romania;

–     telephone +40.318.059.211 / +40.318.059.212;

–     e-mail: [email protected] ;

•   The relevant EU national data protection authority: https://edpb.europa.eu/about-edpb/about-edpb/members_en .

Note: In order to comply with a request for access to personal data, Macrosight will take all reasonable steps to confirm and verify the identity of the Visitor/User.

 

13. Legal basis

For even more details, the User can consult the following legal basis:

•   Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation ) ;                                                     
•   Law no. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector.

 

14. Changes to the Privacy Policy

This Privacy Policy may be modified by Macrosight, in accordance with changes in data policy legislation or based on changes to its services or organization. When Macrosight makes changes to this Privacy Policy, it will publish and display the updated form on the Site.

Macrosight encourages Users to periodically access and read the Privacy Policy available on the Site in order to always be aware of its updated version.

 

Last update of the Privacy Policy : 26.07.2024