1 How to contact us

2 What does our Information Note cover?

3 Why and how do we process your personal data?

4 Who is responsible for processing your personal data?

5 From whom and how do we collect your personal data?

6 What are our legal bases for personal data processing?

7 In what situations do we process your personal data?

8 Do we use automated profiling processes and automated decisions?

9 About the purposes for which we process our personal data

10 How long do we keep personal data?

11 Do we reveal your personal data?

12 Do we transfer your personal data outside of the EU or EEA?

13 Are your personal data safe?

14 Are we certified and have adhered to a code of conduct?

15 What are your rights?

16 How can you exercise your rights?

17 Do you have the right to file a complaint?

18 Can you choose privacy settings?

19 Will you be informed about changes to privacy policy?

20 Explanations of terms and phrases used in this information note

1 How to contact us
Av.Coltuc Marius

Calea Rahovei, 266-268, corp 60, et.2, room 06, sector 5, Bucharest.

ROMANIA

contact@uemarket.eu

2 What does our Information Note cover?

2.1

Our note: 2.1.1 has been effective since: 01.03.2018
2.1.2 is published on: 01.03.2018
2.2

Our notice of information applies to: 2.2.1 our site: uemarket.eu
2.2.2 our e-mail.
3 Why and how do we process your personal data?
3.1 We collect your email to register an account at uemarket.eu.

3.2 We collect the username to register an account at uemarket.eu as a precautionary measure when someone writes in the forum (username is a nickname that the registered person will use when writing in the forum to not be obvious to caregivers I read the message that is the identity of the person who wrote it).

We collect your occupation to personalize the content uemarket.eu, and to customize the type of discussion in the uemarket.eu forum that will be displayed to you as a priority. At the same time, we collect your profession when choosing to register in the uemarket.eu professional directory, in which case the profession will allow uemarket.eu readers to identify the area of ​​expertise and contact you for issues related to your specialization.

We collect your professional headquarters if you choose to open a consultant profile at uemarket.eu, identifying your personal location will allow uemarket.eu readers to know which of the consultants are located in the territory they are interested in. At the same time, we will be able to use the county you’ve been told to show readers, in some sections of the site, consultants who are located in the territory they are interested in.

3.5 We use the content of the messages you wrote in the uemarket.eu forum or the comments posted on the uemarket.eu articles because this content is necessary to allow those who want to respond to this content to view the question and provide an answer. Collecting and displaying these texts of your written messages in the uemarket.eu Forum is the result of an action by which you choose to make this public date manifestly and the processing of this data will be based on our legitimate interest in responding, to avoid deleting answers if the people who have formulated have invested effort and time to give them, and to maintain the integrity of forum discussions.

3.6 We collect birthday to hate you many years after your birth.

3.7 We collect your ID from the strictly required cookies placed by uemarket.eu to allow you to log in, keep your log in as you navigate through the pages of our site as well as to allow you to access premium uemarket utilities ..

3.8. We collect video or audio from courses in order to sell it in the registered form, by virtue of our legitimate interest in monetising in a variety of ways the materials produced by us. By enrolling in the course and implicitly by accepting this set of terms and conditions, the participant agrees that Inteligo may use the files, video or audio material created by the staff or contractors. Intelligent on lecture periods, without the need for a special request for a participant’s acceptance.

4 Who is responsible for processing your personal data?
4.1 We

Decide why your personal data is processed,
Decide how your personal data is processed, and
we are responsible for processing your personal data.
4.2.1 We have a personal data protection officer.
Contact details are: Av.Coltuc Marius Calea Rahovei, 266-268, body 60, et.2, room 06, sector 5, Bucharest.
5 From whom and how do we collect your personal data?
5.1

We collect your personal data: 5.1.1 directly from you.
5.2

We collect your personal data: 5.2.1 electronically, using a web form.
5.2.2 electronic
by storing information on your equipment, or
accessing information stored on your equipment,
reading information from your equipment.
5.3

When you provide us with your personal data, your supply is: 5.3.1 Allowed and voluntary. You can provide them free: name, email, phone, content of forum posts, professional headquarters, profession, date of birth
5.3.2 Allowed and mandatory. You need to provide them with: billing data
5.4 If you fail to provide us with your personal data and this supply is voluntary, then this can not affect you.

5.5 If you fail to provide us with your personal data and this supply is mandatory then it may affect you: You will not be able to benefit from the services we sell, because their sale is related to the registration and declaring tax details.

5.6

Mandatory provision of personal data is: 5.6.1 a legal requirement.
5.6.2 a contractual requirement.
5.6.3 a requirement for entering into a contract.
6 What are our legal grounds for processing your personal data?
6.1

We process: 6.1.1 “non-sensitive” personal data.
6.1.2 “sensitive” personal data.
6.2

The legal basis for processing your “non-sensitive” personal data is: 6.2.1 your consent.
6.2.2 a contract to which you are a party.
6.2.3 a request from you before entering into a contract. The request justifies the processing of your personal data.
6.2.4 the need to comply with a legal obligation to which we are subject.
6.2.5 interest
our legitimate, or
legitimate third party.
We process your personal data based on interests that are
legitimate
real, and
present.
Processing your personal data is necessary for the legitimate interests we are pursuing.
Our legitimate interests can be removed by
your interests and
your fundamental rights.
We protect you properly
interests and interests
rights and freedoms.
We provide a link to a document that explains that our legitimate interest has priority over
your interests, or
6.3

The legal basis for processing your “sensitive” personal data is: 6.3.1 that processing refers to personal data that you clearly disclose.
7 In what situations do we process your personal data?
7.1

We collect personal data: 7.1.1 of buyers and / or customers.
7.1.2 Readers, site users, community members, registered consultants, event participants
7.2

We are: 7.2.1 an enterprise.
7.3

We process your personal data from: 7.3.1 the private sector.
7.4

We process your personal data in a situation involving: 7.4.1 an activity that is
professional, or commercial.
7.4.2 an offering activity ofgoods, or services.
7.4.3 an online activity.
7.4.4 a contract or relating to an entry into a contract.
7.4.5 your personal data, provided directly as a buyer or client.
8 Do we use automated profiling processes and automated decisions?
8.1 We use your personal data to automatically evaluate aspects of your personality.

Automatic evaluation

may include an analysis of your features.
may include predictions about your behavior.
it is made exclusively by computer.
is done without human involvement.
will be referred to hereinafter by reference to the term “fully automated profiling”.
8.2 We use your personal data to make automated decisions about you.

Automatic decisions

may include “complete automatic profiling” of you.
are made only by a computer.
are made without human intervention.
are hereinafter referred to as “fully automated decision-making processes”.
8.3 Our “fully automatic” decisions are based on your “automatic profiling”.

8.4

We base our “fully automated decision” process on the following processing logic: 8.4.1 If a reader accesses items in a particular category, we will consider that his area of ​​interest is related to that category of articles and we will try to we personalize the content based on that analysis in the future.

8.5 Our “fully automated” decisions have no impact on

your rights, or
your legal status.
Our “fully automatic” decisions have no significant significant significant impact on

the circumstances of your situation,
your behavior, or
your choices
8.6

The legal basis for our processing of “fully automated” decisions about you is: 8.6.1 a processing for
our legitimate interests, or
legitimate interests of a third party.
8.7

Your personal data that our system relies on when making “fully automated decisions” are: 8.7.1 “non-sensitive” personal data.
8.8 Our “fully automated” decisions can not affect you.

9 About the purposes for which we process personal data
9.1 We process your personal data for the purposes described in Section 3.

Our purposes for which we process personal data are

real
present, and
legitimate.
9.2 We do not process your personal data for secondary purposes that are incompatible with the primary purposes for which your personal data is originally collected,

without your prior consent,
without there being a legitimate interest in this, and
without a legal basis.
9.3 We inform you before processing your personal data for secondary purposes

First of all, if we initially collect your personal data for a primary purpose, and
if our secondary purpose is incompatible with the primary purpose.
10 How long do we keep your personal data?
10.1.1 We limit the length of time that your personal data is stored to what is required for our processing purposes.
10.1.2 We review the need to keep your personal data up to date: Every year, we analyze data collected and processed to filter, sort and maintain processing only for data where the purpose of the processing is current.
10.1.3 We delete your personal data within a specified timeframe: We delete your data at one year from the date your relationship with us ends (the applicable newsletter clause, from the moment the reader no longer access the content of our newsletters).
We delete your data at the time you request this, except for the data whose delivery and processing is required by a legal provision, which we delete within the prescribed time limit (billing data in 5 years).
10.2 If the retention of your personal data is required for the purposes specified by law, we may retain your personal data.

11 Do we reveal your personal data?
11.1 We disclose your personal data to recipients.

11.2

The legal framework on which the disclosure of your personal data to recipients is based is: 11.2.1 your consent.
11.3 If we will disclose your personal data to a recipient in the future, then we will inform you

the moment of disclosure and
recipient’s name.
12 Do we transfer your personal data outside the EU or EEA?
12.1 We do not transfer your personal data

in countries outside the EU or EEA, or
to international organizations.
13 Are your personal data safe?
13.1 We keep your personal data safe

with appropriate technical measures,
with appropriate organizational measures,
with an adequate level of security,
against unauthorized processing,
against illicit processing,
against accidental or unlawful loss,
against accidental or unlawful destruction;
against accidental or unlawful damages.
13.2

We have implemented measures to: 13.2.1 discover security breaches.
13.2.2 document the causes of the security incident.
13.2.3 document which personal data are affected by the security incident.
13.2.4 document the actions (and reasons for actions) to remedy the breach of security.
13.2.5 limit the consequences of the security incident.
13.2.6 Recover personal data.
13.2.7 return to a normal state of processing of personal data.
13.3

If we have a reasonable degree of certainty that a security breach has occurred in your personal data, then: 13.3.1 report the security incident to our company management.

13.3.2 designate a person responsible for
to consider whether the breach of security may have unfavorable effects for you,
to inform the relevant staff in our organization,
to determine the extent to which notification of the security incident is required by the Supervisory Authority, and
to determine whether we need to communicate information about the security incident.
13.3.3 Investigating the security incident.
13.3.4 We try to prevent the security incident from leading to
accidental or unlawful destruction of personal data,
accidental or unlawful loss of control of personal data,
accidental or unlawful loss of access to personal data,
the accidental or unlawful alteration of personal data,
unauthorized disclosure of personal data, or
unauthorized access to personal data.
13.3.5 we make every effort to mitigate the immediate risk of injury.
13.3.6 notify the Surveillance Authority of the security incident if the breach is likely to result in a high risk for the rights and
13.3.7 we inform you of the breach of security
if the violation is likely to lead to a high risk for your rights and freedoms,
as soon as possible,
via suitable contact channels, e.g. by e-mail, SMS, prominent banners on our site, postal communications, prominent advertisements in the media, etc.
We are not obliged to inform you directly if
we have taken steps to make your personal data incomprehensible to anyone who is not authorized to access them,
immediately after the security incident, we have taken steps to ensure that the high risk for your rights and freedoms is no longer possible, or
would involve disproportionate efforts. In such a case, we will inform you through public networks.
14 Are we certified and have adhered to a code of conduct?
14.1 We do not use an approved certification body to certify compliance with the law, for the sole reason that in Romania there is no such certified body yet. But we are working on developing market capabilities to create such a mechanism.

14.2 We have not adhered to an approved code of conduct that demonstrates that we comply with the law when processing your personal data, for the sole reason that there is no such code approved by the Romanian Oversight Authority. But we’re working on developing a code in the online advertising and media market, which we’re trying to build well enough to cover these markets. As soon as this code is in place, we will adhere to its principles.

15 What are your rights?
15.1 We respect your rights regarding the protection of your personal data.

15.2 You have the right to access your personal data.

If you ask us to confirm whether we process your personal data or not, then you have a right that requires us to confirm that we

we process your personal data or
we do not process your personal data.
Your right to obtain confirmation from us that we process (or do not process) your personal data

does not include anonymous data.
includes only your personal data.
includes pseudonym data that may be clearly related to you.
We need to give you access to your personal data
ask us to confirm whether or not we process your personal data and
we process your personal data and
request access to your personal data.
We need to provide you with a copy of your personal information if

ask us to confirm whether or not we process your personal data and
we process your personal data and
request a copy of your personal information.
If you request additional copies of your personal data, then we can charge you a reasonable fee, which is based on the administrative costs necessary to meet your request.

You are entitled to the warranty information we have implemented to transfer your personal data to a country outside the EU and EEA if

ask us to confirm whether or not we process your personal data and
we transfer your personal data to a country outside of the EU and EEA.
15.3 You have the right to rectify your personal data.

The right to get the rectification of your personal data that is inaccurate

does not include anonymous data.
includes only your personal data.
includes pseudonym data that may be clearly related to you.
We need to rectify your personal data if

we process your personal data, and
your personal data is inaccurate, and
ask for the rectification of your personal data.
We need to complete your personal data if

we process your personal data, and
your personal data is incomplete, and
request to complete your personal data.

15.5 You may obtain from us the restriction of the processing of your personal data.

Your right to obtain restrictions on the processing of your personal data

does not include anonymous data.
includes personal data that concerns you.
includes pseudonym data that may be clearly related to you.
We need to restrict the processing of your personal data for a period of time in order to verify the accuracy of your personal data if

ask to restrict the processing of your personal data and
challenge the accuracy of your personal data.
We need to restrict the processing of your personal data if

ask to restrict the processing of your personal and personal data
processing your personal data is illegal and
you are opposed to deleting your personal data.
We need to restrict the processing of your personal data if

ask to restrict the processing of your personal and personal data
we do not need your personal data for the purpose of our processing and
ask for your personal data to make a legal complaint or
ask for your personal data to make a legal complaint or
you need your personal data to defend yourself against a legal complaint.
We need to restrict the processing of your personal data if

request restriction

processing your personal data and
object to the processing of your personal data that is necessary for the performance of a task we perform in the public interest, or
you oppose the processing of your personal data that is necessary in the exercise of an official authority entrusted to us; and
you oppose the processing of your personal data that is necessary for the legitimate interests we pursue and
please wait until your personal data processing has a legitimate reason that does not exceed your objection.
We need to communicate the restriction of processing your personal data to recipients of your personal data (if any).

We do not communicate restricting the processing of your personal data to the recipients of your personal data if the communication to the recipient

is impossible or
involves a disproportionate effort.
If we restrict the processing of your personal data, then we can

store your personal data,
process your personal data based on your consent,
process your personal data to establish a legal complaint,
process your personal data to make a legal complaint,
process your personal data to defend us against a legal complaint,
process your personal data to protect a person’s rights,
process your personal data for reasons of public interest of the Union or of a Member State.
If you obtain a restriction on the processing of your personal data, we need to inform you before the lifting of the restriction.

15.6 If we process your personal data for direct marketing purposes, including profiling (to the extent that it is related to such direct marketing), you have the right to object to the processing of your personal data for that purpose.

Your right to object to the processing of your personal data for direct marketing purposes

is a right that you have at all times.
does not include anonymous data.
includes personal data that concerns you.
does not include personal data that does not concern you.
includes pseudonym data that may be clearly related to you.
If you object to the processing of your personal data for direct marketing purposes then we must omit the processing of your personal data for that purpose.

If we process your personal data for direct marketing purposes, including profiling (to the extent that it is related to such direct marketing), then

we must explicitly notify you of this right, at the latest at the time of first communication with you, and
we must present this right in a clear and separate way from any other information.
16 How can you exercise your rights?
16.1 We invite you to communicate with us about the exercise of your rights to the protection of your personal data.

16.2

We only accept written requests because we can not handle verbal requests immediately without
we first analyze the content of the demand and without it
we will identify you first.
Your application must contain a detailed and precise description of the right you wish to exercise.

You need to provide us with a copy of an identification document to confirm your identity as, for example

an identity card or
a passport.
The document must contain

an identification number,
Country of Issue,
Period of validity,
your name,
your address, and
your birth date.
Any other data contained in the copy of the identification document, such as a photo or any other personal features, may be masked.

We will not accept other means of assuring your identity.

If you want to propose alternatives, we will evaluate them on a case-by-case basis.

Use the information in your identification document

is limited to your identity verification activity and
will not generate a storage of your personal data longer than is necessary for that purpose.
You may submit your request for the protection of your personal data to: contact@uemarket.eu

16.3

You will receive our response to your requests for the protection of your personal data at: 16.3.1 https://www.uemarket.eu/cont/
16.4 We have appointed a person in charge of handling your requests for the protection of your personal data.

16.5 We have implemented policies that ensure that a request for the protection of your personal data is

recognized, and
settled within the time limits provided by the law.
16.6

We inform you about how we deal with your claim (exercising your rights) with regard to the protection of your personal data: 16.6.1 within one month of receiving your application.
17 Do you have the right to file a complaint?
17.1 You can file a complaint with a supervisor

at your usual home in the EU and the EEA.
at your place of work in the EU and the EEA.
to the place of the alleged infringement in the EU and the EEA.
The supervisory authority must inform you within a reasonable time

the progress of the complaint and
the result of the complaint.
17.2 You can mandate an organization to file a complaint on your behalf with a supervisor.

The supervisory authority must inform you within a reasonable time limit

the progress of the complaint and
the result of the complaint.
17.3 You have the right to seek legal redress in the EU and the EEA against

an operator,
a proxy and a
a Supervisory Authority.
17.4 You may mandate an organization to exercise, on your behalf, the right

to a judicial remedy.
to compensation for damage resulting from a violation of the law on the protection of personal data.
18 Can you choose privacy settings?
18.1 At this time, you can not declare your choice of processing your personal data.

19 Will you be informed about changes to privacy policy?
19.1 If we change the privacy policy, we will publish a new version of it.

19.2 We do not provide previous versions of our privacy policy.

20 Explanation of the terms and phrases used in this information note
20.1

All terms and expressions used in this Information Note will have the meaning given below, unless otherwise specified in the Information Note.20.1.1 Personal data means any information about an identified or identifiable individual (” the person concerned “).
An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as:
a name
an identification number
location data
an online identifier
the physical identity of a natural person
the physiological identity of a natural person
the genetic identity of a natural person
the psychological identity of a natural person
the economic identity of a natural person
the cultural identity of a natural person
the social identity of a natural person
20.1.2 Sensitive personal data are – according to GDPR – called special categories of personal data.

Personal data is sensitive if processing of such personal data reveals:
the racial origin,
the ethical origin,
political opinions,
religious beliefs,
philosophical beliefs,
membership in a trade union.
Personal data is also sensitive if:
genetic data are processed for the purpose of uniquely identifying a natural person,
biometric data is processed for the purpose of uniquely identifying a natural person.
Sensitive personal data also includes:
data relating to health,
data relating to the sexual life of a natural person,
data relating to the sexual orientation of a natural person.
20.1.3 The usual personal data is – in GDPR – personal data that is not special categories of personal data. There is no exhaustive list of these personal data.
20.1.4 Pseudonymization of Personal Data means the processing of personal data in such a way that it can no longer be attributed to a particular data subject without the use of additional information, provided that such additional information is stored separately and is subject to technical and organizational measures to ensure that such personal data are not allocated to an identified or identifiable natural person.
20.1.5 Processing means any operation or set of operations performed on personal data or on personal data sets, with or without the use of automated means, such as
collect,
Register,
organization,
structuring,
storage,
the adaptation,
alteration,
extraction,
consultation
the use,
deletion or destruction
and so on
20.1.6 Restriction of processing means the marking of personal data stored in order to limit their processing in the future.
20.1.7 The purpose of the processing is the reason for the processing of personal data.
20.1.8 Profiling

(1) must be an automatic form of processing, including
Automatic Exclusive Processing (referred to in Article 22 of GDPR) and
Partially automatic processing (if a person is involved in processing personal data does not necessarily mean that processing is not profiling)
(2) must be carried out with regard to personal data; and
(3) the goal of profiling should be to evaluate personal aspects related to a natural person, in particular to analyze or make predictions about individuals.
Note that simply rating or categorizing people automatically based on characteristics such as their age, gender, and height could be considered automated profiling, regardless of the predictive purpose.
20.1.9 Decisions based solely on automatic processing
(1) means making decisions by technological means without human involvement; and which
(2) is based on personal data
provided directly by the persons concerned (such as answers to a questionnaire); or
observed about people (such as location data collected through an application), or
derived or deduced, such as the profile of the person who has already been created (e.g., a credit score). can be made with or without profiling; profiling can take place without making automated decisions.
20.1.10 Operator means a natural or legal person, a public authority, an agency or other body which, alone or with others, establishes the purposes and means of processing personal data; where the purposes and means of processing are laid down by Union or national law, the operator or the specific criteria for designating it may be laid down in Union or national law.
20.1.11 Entitled means the natural or legal person, public authority, agency or other body processing personal data in the name and on behalf of the operator.
20.1.12 Recipient means the natural or legal person, public authority, agency or other body to which personal data is disclosed, whether or not it is a third party. However, public authorities to whom personal data may be communicated in a particular investigation under Union or national law shall not be considered as recipients; the processing of such data by the respective public authorities complies with the applicable data protection rules in accordance with the purposes of the processing.
20.1.13 Third Party means a natural or legal person, a public authority, an agency or body other than the data subject, the operator, the person empowered by the controller and the persons under the direct authority of the operator or person empowered by the operator to process data personal.
20.1.14 Representative means a natural or legal person established in the Union, designated in writing by the operator or the person empowered by the operator pursuant to Article 27, representing the operator or the person empowered to do so in respect of their respective obligations under this Regulation .
20.1.15 Supervisory authority means an independent public authority set up by a Member State pursuant to Article 51 of the GDPR.
20.1.16 Mandatory corporative rules means policies on the protection of personal data to be respected by an operator or a person empowered by an operator established in the territory of a Member State in respect of transfers or sets of data transfers personnel to an operator or person empowered by the operator in one or more third countries within a group of undertakings or a group of undertakings involved in a joint economic activity.

20.1.17 Privacy Shield
The EU-US Privacy Shield was set up by the US Department of Commerce and the European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from European Union to the United States in support of transatlantic trade. On 12 July 2016, the European Commission approved the EU-US Privacy Shield as appropriate to allow the transfer of data in accordance with EU law.
20.1.18 Commission Determination Decisions
The European Commission has the power to determine, on the basis of Article 45 of the GDPR, whether a non-EU country offers an adequate level of data protection either through internal legislation or through the international commitments it has concluded.
The effect of such a decision is that personal data may come from the EEA (EU and Norway, Liechtenstein and Iceland) in that third country without any further protection.
The European Commission has so far recognized an adequate level of protection for Andorra, Argentina, Canada (trade organizations – PIPEDA), Faroe Islands, Guernsey, Israel, Man Island, Jersey, New Zealand, Switzerland, Uruguay and the USA to Privacy Shield).
20.1.19 Violation of personal data security means a security breach that accidentally or unlawfully leads to the unauthorized destruction, loss, modification or disclosure of personal data transmitted, stored or otherwise processed; or to unauthorized access to them.
20.1.20 An enterprise means a natural or legal person carrying on an economic activity, irrespective of its legal form, including partnerships or associations which regularly carry out an economic activity.
20.1.21 “Business group” means an undertaking exercising control and the undertakings controlled by it;
20.1.22 International Organization means an organization and its subordinate bodies governed by public international law or any other body established by an agreement concluded between two or more countries or pursuant to such an agreement.