Torus Pharma Company SRL Privacy Policy

Privacy Policy

This Confidentiality Policy defines the way in which we, Torus Pharma Company SRL, collect, store and use your personal data when you access or interact with our website www.toruspharma.eu and form where we obtain or collect your data.
This Confidentiality Policy shall come into force as of 25 May 2018.

1. Summary


This section summarizes the manner in which we obtain, store and use your data. The sole purpose of this summary is to provide an overview of the confidentiality policy. This section is not a full description and the additional chapters in this document need to be read for additional information.

The new EU law on data protection, GDPR (“General Data Protection Regulation”) came into force on 25 May 2016, but it shall come into force as of 25 May 2018.

The protection of your data is important to us, so we pay special attention to protecting the privacy of the visitors accessing the website www.toruspharma.eu, according to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”).

Please take a moment to carefully read this Confidentiality Policy, so as to understand the manner in which your information (“personal data”) will be treated.

The Confidentiality Policy explains the practices of SC Torus Pharma Company SRL, with regards to the application of the GDPR provisions, as well as the rights you are entitled to with regards to the manner in which your data is collected, processed and stored, through the website and to the offline interaction with our employees.

SC Torus Pharma Company SRL shall always process the personal data in compliance with the GDPR, as well as with the regulations on personal data protection, specific to each country SC Torus Pharma Company SRL operates in.

What is personal data?

“Personal data” means any kind of information identifying you directly (e.g., your name) or indirectly (e.g., alias, such as a sole identification number). This means that personal data comprise information such as the email address, the domicile, the mobile number, the username, the profile pictures, the personal preferences and the purchase habits, the user-generated content, the financial information and the information regarding the financial statement. This could also include digital identifiers, such as your computer’s IP or the MAC address of your mobile device, as well as cookie files.

Sensitive personal data

“Sensitive personal data” is data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, genetic data, biometric data processed solely to identify a human being, health-related data, data concerning a person’s sex life or sexual orientation.

In case you willingly send sensitive personal data, we shall construe such willful dispatch as your explicit consent to process your sensitive personal data according to article 9 paragraph (2) letter (a) of the General Data Protection Regulation. We will use and process your sensitive personal data for the purpose of providing the requested services.

What is personal data processing?

“Processing” shall mean any operation or set of operations performed on the personal data or on the personal data sets, with or without the use of automated means, such as the collection, registration, organization, structuring, storage, adaptation or change, extraction, consultation, use disclosure by transmission, dissemination or provision, in any way whatsoever, harmonization or compilation, restriction, erasure or destruction.

Data Controller: SC Torus Pharma Company SRL

Data processing principles

SC Torus Pharma Company SRL undertakes to abide by the personal data protection principles (hereinafter referred to as the “Principles”) stipulated by GDPR, in order to make sure that all data are:

  1. Processed correctly, lawfully and transparently;
  2. Collected for clearly specified, explicit and legitimate purposes;
  3. Suitable, relevant and limited as compared to the purposes for which they are processes;
  4. Accurate and updated;
  5. Maintained in a format that does not allow for the concerned persons’ identification for more time than required for the purpose of the processing;
  6. Processed according to the rights of the concerned party, in a manner that ensures suitable processing security, so that the data is full, confidential and available.

 

The manner in which we collect or obtain data about you:

  • If you provide the data to us (e.g.: in case you contact us by filling out the form at https://www.toruspharma.eu/contact/.
  • When you access our website, certain data are collected via cookies.
  • The data we collect: surname, name, telephone number, email, cookie data (type of device used, web browser, the manner in which you accessed our website (the pages you viewed), the geographical location you accessed our website from (according to the IP address).
  • How we use your data: for business and administrative purposes (especially in order to be able to contact you and process the requests you place on our website,, in order to enhance your user experience, develop advertising campaigns that suit your interest in certain sections of our website. The email address you provide in the application will not be used in order to send newsletters.
  • The disclosure of users’ data to third parties: in case you consent to a firm order, your data shall be provided to third parties, for order processing purposes. The personal data on the tax documents are processed by third parties (accounting company) in order to abide by the legal tax obligations.
  • Are the users’ data sold to third parties? (other than the sale or purchase of the business/company): No
  • What is your data retention period: not more than necessary, depending on our legal obligations (e.g., in order to maintain accounting archives), without, however, exceeding 5 years.
  • How do we secure your data: via technical and organizational solutions, such as: the use of SSL technology on our website, cloud storage of your data (secured servers, on the territory of the EU or of suitable states), restriction of the access to your data (virtual storage systems shall only be accessed based on a username and password and the employees processing your personal data shall not have access to the database, the access to the physical archives being possible only in the presence of an authorized company representative). Your data is not stored on hardware media within the company (e.g., computers, USB sticks, external hard disks).
  • Use of cookies: our website uses essential, functional, analytical cookies (Google Analytics) and targeting and marketing cookies (Google Adwords, Facebook Pixel).
  • The transfer of your personal data outside the European Economic Area: we will only transfer your personal data outside the European Economic Area if we are bound to do so and subject to your consent.
  • The use of the automated decision-making and profiling systems: we use automated collected data processing processes, for marketing purposes: the data collected via Google Adwords and Facebook Pixel cookies, in order to deliver banner advertising, on various partner websites, on the basis of information such as accessing certain pages on our website and your actions on such pages (e.g. click on certain buttons).
  • Your rights regarding your personal data
    • you are entitled to access your data and to receive information regarding the use thereof
    • you are entitled to request the update and/or supplementation of information
    • you are entitled to request the erasure of the data
    • you are entitled to restrict the use of the data
    • you are entitled to receive the data in a portable format
    • you are entitled to oppose the processing of your data
    • you are entitled to withdraw your data processing consent
    • you are entitled to turn to a supervisory authority
  • Sensitive personal data: we do not collect what is generally referred to as “sensitive personal data”. For further information, please see the main tab entitled “Sensitive personal data”.

2. Our Company Details


Our website data controller is SC Torus Pharma Company SRL, with its registered office at 51 Calea Dorobantilor, 1st floor, apt. 3. Registered with the Trade Register under no. J40/7825/2013, CUI RO 31885689. You may contact the data controller by mail, at the address of the registered office or by e-mail at office@toruspharma.eu
You may contact the data protection officer by mail at the address 51 Calea Dorobantilor, 1st floor, apt. 3, or by e-mail at opd@toruspharma.eu.
If you have questions regarding this confidentiality policy, please contact the data controller.

3. What kind of information we collect when you visit our website


We collect and use the information from the website visitors according to this section and to the section entitled Disclosure and additional uses of your data.

Information on the Web server log

We use a third party server to host our website. The server registers all the IPs accessing it in the access log. This server is located in Romania. For security reasons, we cannot disclose, as part of this Policy, our hosting service provider.

The use of the information in the website server log for IT security purposes

We do not access our server log data, and the hosting collects and stores the server logs in order to guarantee the IT network security. This includes the analysis of the logs, in order to help identify and prevent the unauthorized access to our network, the distribution of malware codes, the forecasting of DDOS and other cyber-attacks, by detecting unusual or suspicious activities.
Legal processing grounds: observance of the legal obligations we are subjected to (article 6 paragraph (1) letter (c) of the General Data Protection Regulation).
Legal obligation: the registration of our website access using server log files is a technical measures meant to guarantee a suitable security level, in order to protect the information collected from our website according to article 32 paragraph (1) of the General Data Protection Regulation.

The use of the information in the website server history to analyze the use of the website and enhance our website

We use the information collected from our server log to analyze the manner in which our users interact with our website and its features. For instance, we analyze the number of visits and sole visitors we receive, the visit date and hour, the visit location and the operating system, the browser used and the type of device employed.
We use the information collected from the analysis of this information to enhance our website. For instance, we use the collected information to amend the information, the content and structure of our website and of the individual pages, depending on what attracts most users and the time spent on some of our webpages.
Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).
Legitimate interest: to improve our website users’ experience and become acquainted with the website users’ preferences, so that our website better meets their needs and desires.]

Cookies

Cookies are data files that are sent from a website to a browser in order to register user information for various purposes.
We use cookies on our website, including essential, functional, analytical and targeting cookies. You may refuse some or all cookies we use on our website by changing your browser settings, but in case you do so, the website might not operate properly or some of its features may not be available. For additional cookie information, including on changing your browser settings, see www.allaboutcookies.org.

4. What kind of information we collect when you contact us


We collect and use the information from the people contacting us according to this section and to the section entitled Disclosure and additional uses of your data.

Email

When you send messages to the e-mails posted on our website, we collect your e-mail address and any other information you might provide in that e-mail (such as your name, your phone number and the information included in any e-mail signature lines).

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: In order to answer the questions and messages we receive and keep records of the correspondence.

Legal grounds for processing: required in order to draft a contract or to initiate the contract commitment process upon your request. (article 6 paragraph (1) letter (b) of the General Data Protection Regulation).

Reason for which it is required under a contract: in case your message concerns the provision of services or the enforcement of measures upon your request before we provide our services (e.g., the provision of information on such services), we will process your information to do that).

Transfer and storage of your information

We use a third-party email client to store the emails you send to us. Our email supplier is MICROSOFT OUTLOOK. Their confidentiality policy is available here: https://privacy.microsoft.com/en-us/privacystatement

The emails you send to us shall be stored on the webmail servers protected by HTTPS encryption (also known as SSL or TSL). The webmail servers are located in the European Economic Area or in suitable states (e.g. USA).

Contact form

When you contact us using the contact form, we collect the name, email and phone number. Moreover, we collect any other information you might provide to us when you fill out the form (e.g., details on your health condition).

In case you do not provide the mandatory information in the contact form, you will not be able to send the contact form and we will not receive your request.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: in order to answer the questions and messages we receive and keep records of the correspondence.

For additional information on the precaution measures taken upon the transfer of your data outside the European Economic Area, see the section in the confidentiality policy below entitled the Transfer of your data outside the European Economic Area.

 

Telephone number

When you contact us by phone, we collect your phone number and any other information that you may provide during your conversation with us. We do not register phone calls.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: in order to answer the questions and messages that we receive and to make the reservations, in case you communicate the data required for a reservation (passenger names, ID card data) by phone.

 

Transfer and storage of your information

Information on your call, such as your telephone number and the hour of your call, is processed by our telephony service provider, ORANGE. Their confidentiality policy is available here: https://www.orange.ro/gdpr/

Post office

In case you contact us by mail, we will collect all the information you provide to us in any mail communications you might send to us.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: in order to answer the questions and messages we receive and keep records of the correspondence.

Legal grounds for processing: required in order to draft a contract or to initiate the contract commitment process upon your request. (article 6 paragraph (1) letter (b) of the General Data Protection Regulation).

Reason for which it is required under a contract: in case your message concerns the provision of goods or services or the enforcement of measures upon your request before we provide our goods and services (e.g., the provision of information on such services), we will process your information to do that).

5. What kind of information we collect when you interact with our website


We collect and use the data from people interacting with certain features of our website, according to this section and to the section entitled Disclosure and additional uses of your data.

 

Information collected or obtained from third parties

This section describes the manner in which we obtain or collect information concerning you, through third parties.

Information received from third parties

The information we obtain from third parties will generally comprise your name and the data in your ID document (ID card, passport), but it will also include any additional information they might provide to us.

Legal grounds for processing: required under a contract or in order to take measures upon your request to conclude a contract (article 6 paragraph (1) letter (b) of the General Data Protection Regulation).

Reason for which it is required under a contract: in case a third party sent information about you. (such as your name and email address) in order to provide services, we will process information in order to take measures upon your request to conclude a contract with us (as applicable).

Legal grounds for processing: consent (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Consent: in case you requested a third party to disclose to us information concerning you and the purpose for which such information is disclosed is unrelated to the fulfilment of a contract or to a service we provide to you, we will process your information on the basis of your consent, requesting the relevant third party to disclose your information to us.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interests: in case a third party has shared with us information concerning you and you have not expressed your written consent with regards to such information, we will hold a legitimate interest to process such information under certain circumstances.

For instance, we will hold a legitimate interest in processing your information to fulfill the obligations deriving from the subcontract with the third party, in case the third party has concluded the main contract with you. Our legitimate interest is to fulfill our obligations as stipulated in our subcontract.

Similarly, third parties may send us information about you in case you have or you could infringe any of our legal rights. In this case, we will hold a legitimate interest in processing this information in order to investigate and monitor any such possible infringement.

In case we receive information concerning you by mistake

In case we receive information concerning from a third party and/or we do not hold a legal basis for the processing of such information, we will erase it.

The use of automated decision-making mechanisms

We use automated decision-making mechanisms on our website. We do not believe that this has any legal effects for you or similarly affects you.

You are entitled to oppose to our use of automated decision-making and profiling mechanisms described in this section. You can do that by waiving cookies and similar technologies, according to the method described in the relevant section herein. In case you do not want us to process your actual IP address (generally, the IP address assigned by the Internet Service Provider), when you visit our website, you may use a virtual private network (VPN) or a free service, such as Tor.

Additional information on the use of cookies and similar technologies (including the legal basis for the use thereof) and how to waive them is available in the cookie policy, at: http://www.consilium.europa.eu/ro/about-site/cookies/

6. The use of automated decision-making and profiling systems


The automated decision-making systems are technology-based decision-making mechanisms (via a machine) without human involvement.

The use of automated decision-making mechanisms for advertising purposes

We automate the display of advertisements comprising our goods and services on other websites you visit using cookies. For further information on the types of cookies we use, see our cookie policy, available here:  http://www.consilium.europa.eu/ro/about-site/cookies/

Implied logic: the automated display of ads to the persons who visited our website leads to the enhancement of the advertising efficiency, because the use receives ads based on his/her preferences, which may help them find the product/service they are interested in quicker.

Meaning and sought consequences: cookies will be used in order to recognize the fact that you have visited our website for advertising purposes (except for the case in which you have blocked such cookies) and they will collect information on your online behavior.

Your right to oppose: you may block this type of cookies by blocking third-party cookies using the browser settings or by installing applications of the Opt-out type on your browser, from third parties providing such solutions.

The use of profiling for the analysis of the online behavior

Our online behavior service uses information such as your location (based on your IP address) and behavior (based on the cookies) when you access the website (such as the pages you access and the pages you click). We will only process cookie information subject to your consent to have cookies saved on your computer, according to the cookie policy. The information we collect about you, once collected, is anonymous and stored on an agreed database for determined periods of time, as stipulated on the indicated link.

Implied logic: the automatic analysis and classification of information, such as the (IP-based) location, as well as the behavior and the devices of our website visitors (using cookies), helps us better understand what it is that our website visitors desire (with regards to the content of our website and our products), how to enhance our website and how to advertise and trade our services.

Meaning and sought consequences: cookies shall be used to monitor and store information on your conduct and device on our website (unless you waive such cookies through the methods indicated in our Cookie Policy). The location will be analyzed based on your IP. We may display ads based on the level of interest we receive from certain visitors and on their behavior on our website.

7. Disclosure and additional uses of your data


This section sets the circumstances under which we will disclose your data to third parties and any other additional purposes for which we might use your data.

Disclosure of your data to service providers

We use a number of third parties to provide us with the services we require to carry out our activity or to help us carry out our business and who process your information for us, on our behalf. They comprise the following:

-Telephony providers;

-Email providers;

-IT service providers, website developers, online marketing agents;

-Web hosting service providers;

-Medical service providers

 

Your information shall be shared by these service providers, where required in order to make available the service you requested, regardless of whether this request concerns the accessing of our website or the ordering of services from us.

For security and competitiveness-related reasons, we do not display the identity of all our service providers. However, if you desire additional information on the identity of the service providers, please contact us directly, through our contact form or via email and we will provide such information in case you have a legitimate interest to request this).

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest based on: in case we share your information with these third parties in a different context than as required under a contract (or following your request to do so), we will share the information with such third parties so as to allow us to efficiently manage and conduct our business.

Legal grounds for processing: required under a contract or in order to take measures upon your request to conclude a contract (article 6 paragraph (1) letter (b) of the General Data Protection Regulation).

Reason for which it is required under a contract: we might share your information with our service suppliers, so as to be able to fulfill our obligations deriving from the respective contract or to tale the measures you have requested before concluding a contract with you.

The disclosure of your information to third parties

We disclose your information to third parties under specific circumstances, as shown below.

The provision of information to third parties, such as Google Inc. Google collects information through our use of Google Analytics on our website. Google uses this information, including the IP addresses and the cookie information for several purposes, such as improving the Google Analytics service. The information is shared with Google under aggregated and anonymous conditions. In order to find out more about the information Google uses, the manner in which it uses this information and how to control the information sent to Google, see: https://www.google.com/policies/privacy/partners/

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interests: to fulfill our contractual obligations towards Google according to Google Analytics Terms and Conditions (https://www.google.com/analytics/terms/us.html).

You can waive Google Analytics by installing the browser plugin at: https://tools.google.com/dlpage/gaoptout

 

The sharing of your information with third parties that are either related to, or associated with the operation of our business, in case we require it. These third parties comprise accountants, tour operators, air companies, insurers. Additional information for each of these third parties is shown below.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: efficient management and operation of our business.

Accountants

We share information with our accountants for tax purposes, in order to submit the relevant statements with NAFA.

Business partners

Our business partners are the companies we work with and that allow us to provide the services we cannot offer ourselves. We share information with our business partners in case you have requested services they provide (medical services or any other service representing the subject of our activity).

The disclosure and use of your information for legal reasons

The communication of possible criminal acts or threats against public safety to competent authorities

In case we suspect criminal or potentially criminal behaviors, under certain circumstances, we will need to contact a competent authority, such as the police. This could be the case if, for instance, we suspect a form of fraud or cyber-crime or in case we receive threats or ill-intended communications concerning us or a third party.

In general, we will only have to process your information to this end if you have been involved in or affected by such an incident one way or another.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: to prevent crime or suspected criminal activity (such as fraud).

 

Regarding the enforcement or the potential enforcement of our legal rights

We shall use your information regarding the enforcement or potential enforcement of our legal rights, including, for instance, the information exchange with debt collecting agencies, in case you do not pay the amounts you owe as due under the contract. Our legal right may be contractual (if we concluded a contract with you) or non-contractual (such as the legal rights we hold pursuant to copyright or tort law).

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: to protect our legal rights and to take measures in order to protect our legal rights.

Regarding a dispute or a legal or potentially legal procedure

We might need to use your information in case we are involved in a dispute with you or with a third party, for instance, to solve the dispute or as part of the mediation, arbitration, a court order or similar proceedings.

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: the settlement of disputes and possible disputes.

In order to permanently comply with the laws, regulations and other legal requirements

We shall use and process your information in order to comply with the legal obligations we are subjected to. For instance, we might need to disclose your information on the basis of a court order or of summons, if applicable.

Legal grounds for processing: compliance with a legal obligation (article 6 paragraph (1) letter (c) of the General Data Protection Regulation).

Legal obligation: the legal obligations to disclose information, as stipulated in or transposed into the legal framework of Romania (for instance, under the form of an international agreement Romania has signed).

Legal grounds for processing: our legitimate interests (article 6 paragraph (1) letter (f) of the General Data Protection Regulation).

Legitimate interest: in case legal obligations are part of another country’s laws and they have not been transposed in the legal framework of Romania, we hold a legitimate interest to abide by such obligations.

8. Data retention


This section provides information on your data retention term. Where feasible, we have set specific data retention terms. If such terms could not be set, we have established the criteria we use to determine the retention period.

Server logs: we keep the server log information for 5 years

Information regarding the services provided: when you submit a firm service order, we keep this information for 5 years as of the end of the financial period during which you have placed your order, according to our legal obligation to keep records for tax purposes.

Correspondence: when you submit an application or contact us via email for any reason whatsoever, we will keep your information for 12 months, while the information submitted via the reservation and contact forms available on the website will be kept for 12 months, after which it shall be anonymized.

Criteria based on which the retention terms are set

Under any other circumstances, we will only keep your information for as long as required, considering the following:

-The purpose(s) and the use of your information both currently and in the future (e.g., if we need to store that information in order to comply with our obligations based on a contract we have concluded with our or to contact you in the future);

-if we have a legal obligation to continue processing your information. (such as any obligations to keep records imposed by the relevant laws or regulations);

-in case we hold any legal grounds to continue processing your information (such as your consent);

-how valuable your information is (currently and in the future);

-any industrial practices agreed upon with regards to the information retention period;

-risk, cost and responsibility levels associated to the further retaining of information;

-the level of effort required in order to make sure that your information is up-to-date and accurate; and any relevant surrounding circumstances (such as the nature and the status of our relation with you).

9. Data security


SC TORUS PHARMA COMPANY SRL has adopted technical and organizational data processing measures, updated according to GDPR requirements, meant to protect your data against any attempts of unauthorized access, improper use or disclosure, unauthorized amendment, destruction or accidental loss. All SC TORUS PHARMA COMPANY SRL employees and collaborators, as well as any third parties acting on behalf of SC TORUS PHARMA COMPANY SRL are bound to observe the confidentiality of your information and the GDPR requirements, according to the provisions herein.

We implement suitable technical and organizational measures to secure your information and protect you against unauthorized or illegal use and accidental loss or destruction, including:

-the disclosure and access to your information to the minimum required extent, subject to the confidentiality limitations, where required and anonymously, whenever possible;

-the use of secured data storage servers;

-the verification of the identity of any person requesting access to your information before granting them such access;

-the use of the Secure Sockets Layer (SSL) standard to encrypt any information you might send us through any forms available on our website);

-we only transfer your data through a closed system, on the basis of a contract.

Information you send to us by e-mail

The sharing of information via internet is not entirely secure and, should you choose to share information with us via internet (email, our website or any other means), you do so at your own risk.

We shall not be held liable for any kind of expenditure, loss of profit, reputation, damages, debt or any other form of loss or prejudice you might incur or following your decision to share information with us via such means.

10. The transfer of your data outside the European Economic Area


Your information will be transferred and stored outside the European Economic Area (EEA) only as stipulated below. Moreover, we shall transfer your information outside the EEA or to an international organization in order to observe our legal obligations as stipulated under the laws we are subjected to (for instance, the observance of a court order). In case we are bound to do so, we will make sure suitable protection measures are available, and that such protection is in force.

Contact form and email

The information you send via our contact form may be transferred outside EEA and stored by our email provider – MICROSOFT OUTLOOK on their servers. The confidentiality policy is available here: https://privacy.microsoft.com/en-us/privacystatement

11. Your personal data rights


Subject to certain restrictions regarding specific rights, you shall hold the following rights regarding your data, which you can enforce by writing to us at the email address opd@toruspharma.eu:

 

  • to request access to your data and information regarding the use and processing of your data;
  • to request the correction or erasure of your data;
  • to request the limitation of use of your data;
  • to receive the information you have sent to us in a structured, commonly used and machine-readable format (e.g., CSV file) and the right to have the respective data transferred to another data controller (including a third party data controller);
  • the right to object against the processing of your data for specific purposes (for additional information, see the section below entitled “Your right to object against the processing of your data for specific purposes”); and
  • the right to withdraw your consent regarding the use of your data at all times, in case we rely on your consent in order to use or process such data. Please remember that, in case you withdraw your consent, this shall not affect the lawfulness of the use and processing of your data on the basis of your consent prior to such withdrawal.

According to article 77 of the General Data Protection Regulation, you are further entitled to submit a complaint with a supervisory authority, especially from the member state where you reside or work should you suspect an infringement of the general protection provisions in the Regulation.

To this end, the Romanian supervisory authority is: www.dataprotection.ro

Verification of your identity in case you request to access your information

In case you request to access your data, we are bound under the law to make use of all reasonable measures in order to verify your identity before granting you such access.

These measures are designed to protect your data and to minimize the identity theft or the general risk of unauthorized access to your data.

How do we check your identity

In case we hold suitable information about you on file, we will try and check your identity based on this information.

If we cannot identify you based on such information or in case we do not hold sufficient information about you, we might request copies or certifications of certain documents, in order to be able to confirm your identity before we can grant you access to your data.

We will be able to confirm the exact information we need to check your identity depending on your specific circumstances and on the time when you submit such a request.

 

Your right to object to the processing of your data for specific purposes

You hold the following rights with regards to your data, which you can enforce by writing to us at opd@toruspharma.eu:

  • to object to the use or processing of your data by us for public interest purposes or for our legitimate interest, including “profiling” (the analysis or prediction of your behavior based on your information); and
  • to object to the use or processing of your data for direct marketing purposes (including any profile we might involve in relation to this direct marketing).

You can also exert the right to object to the use or processing of your data for direct marketing purposes:

  • by clicking the unsubscribe link in the lower part of any marketing email we might send to you and following the instructions displayed on your browser page, after you click the respective link;

For more information on the manner in which you may object to the use of the data collected via the cookie modules and similar technologies, see the section entitled “How to accept or refuse cookies” in our cookie policy, available here: https://www.toruspharma.eu/dezvaluirea-si-utilizarile-suplimentare-ale-datelor

12. Amendments to our confidentiality policy


We periodically update and amend our confidentiality policy.

Minor amendments to our confidentiality policy

In case we bring minor amendments to our confidentiality policy, we will update the Confidentiality policy with a new enforcement date mentioned in the introductory part thereof. Your information will be processed based on the practices stipulated in the new Confidentiality Policy issue, as of the effective date thereof.

 

Major amendments to our confidentiality policy or to the purposes for which we process your information.

In case we implement major amendments to our confidentiality policy or we intend to use your data for a new purpose or for a different purpose than the one we initially collected it for, we shall notify you by email (if possible) or by posting an announcement on our website.

We will provide information on the respective amendment and on the purpose thereof and any other relevant information before we start using the information for the new purpose.

Whenever required, we shall obtain your prior consent before we use your information for a different purpose than the one we initially collected it for.

13. Minors’ confidentiality


Because we commit to the children’s safety and confidentiality in the online environment, we do not knowingly contact or collect information from people below the age of 18. The website does not knowingly request information of any kind from people below the age of 18. Submitting a quotation request/reservation on our website will not entangle any financial obligations on your side, and tourism service contracts may only be concluded by people above the age of 18.

Relations with other controllers

Depending on the context, we might be in a situation where we absolutely need to provide information to a higher level, both globally and internally or externally, to our partners or to those to whom we transfer data in compliance with the aforementioned Regulation, in order to make sure the services we provide are as professional as possible. The information controller by SC TORUSPHARMA COMPANY SRL could be transferred, sent or stored and processed in the EU or in other countries than the country you live in, for the purposes prescribed in this policy. These data transfers are required in order to allow us to provide high quality services, as well as in order to be able to further provide you with our materials according to the best professional standards. We use standard contractual clauses approved by the European Commission and rely on the suitability decisions of the European Commission with regard to certain countries, as applicable, in so far as the transfers of data from the EEA to the United States of America and to other countries.

14. Copyright


SC TORUS PHARMA COMPANY SRL holds copyright or rights of use over the content of the www.toruspharma.eu website, including, without limitation, logos, abstract representations, trade symbols, static images, dynamic images, text and/or multimedia content.

The client/purchaser is not allowed to copy, share, publish, transfer to third parties, amend and/or alter, use any content in any other context than the one originally intended by SC TORUS PHARMA COMPANY SRL

Issue updated on 24.05.2018