- Data protection notification
UPGROW DIGITAL SRL (hereinafter referred to as “UPGROW DIGITAL” or “We” or “us”) appreciates your visit to our web pages and mobile applications (also referred to as “Online Offers”) and your interest in our company and products.
- UPGROW DIGITAL respects your privacy
The protection of privacy during the processing of personal data, as well as the security of all business data is an important concern for us. We maintain the confidentiality of personal data collected during your visit to the Online Offers and process them only in accordance with legal regulations.
Data protection and information security are included in our corporate policy.
- The controller
UPGROW DIGITAL is the controller responsible for processing your data; the exceptions are highlighted in this data protection notice.
Our contact details are as follows:
Spring Street no. 10, Bacău, Bacău county, CP 600218,
CUI: 43151902, Nr. Reg. Trade: J4 / 1300/2020
- Collection, processing and use of personal data
4.1 Categories of data processed
The following categories of data are processed:
- Communication data (e.g. name, phone, email, address, IP address)
- Main contractual data (eg contractual relations, contractual or product interest)
- Customer history
- Contract accounting and payment data
- Planning and regulatory data
- Transaction data
- Provision of information (from third parties, eg credit institutions or public registers)
Personal data represents all information relating to an identified or identifiable person and includes, for example, names, addresses, telephone numbers, e-mail addresses, main contractual data, contract accounting and payment data, which are an expression of identity of a person.
We only collect, process and use personal data (including IP addresses) when there is a legal basis for it or you have given your consent to the processing or use of personal data relating to this matter, for example, through registration.
4.3 Data processing objectives and legal basis
We and our service providers process personal data for the following purposes:
- Provision of these Offers online (Legal basis: justified interest on our part for direct marketing, to the extent that this is in accordance with data protection law and competition law).
- Providing these Offers online and performing a contract under our contractual terms (Legal basis: performing a contract).
- Providing these Offers online and performing a contract on our contractual terms, including regularization. Regularization may include the sale of receivables. (Legal basis: the execution of a contract and / or our justified interest in the efficient management of receivables related to their sale).
- Determination of disturbances / disturbances and for security reasons. (Legal basis: fulfillment of legal obligations to ensure data security and justified interest in resolving disruptions / disturbances and security of our offers).
- Self-promotion and promotion by others, as well as market research and analysis within the scope of the legal permit (Legal basis: justified interest on our part for direct marketing, insofar as this is in accordance with data protection legislation and competition law).
- Customer or product surveys by mail (Legal basis: our justified interest in improving products / services). Note: If we instruct a market research institute to conduct surveys, this institute will only act on the basis of the task received and will comply with our guidelines.
- Opinion polls for customers or products conducted by e-mail and / or telephone, if you have expressly agreed to this. (Legal basis: agreement). Note: If we instruct a market research institute to conduct surveys, this institute will only act on the basis of the task received and will comply with our guidelines.
- Sending an e-mail or SMS / MMS newsletter, with the consent of the recipient. (Legal basis: agreement).
- Assuring and claiming our rights. (Legal basis: justified interest on our part in ensuring and claiming our rights).
4.4 Log files
Each time you use the Internet, your browser transmits certain information that we store in so-called log files.
We only save the log files for a short period of time to determine disruptions and security reasons (for example, to clarify attack attempts) and then delete them. Log files to be managed as evidence are excluded from the deletion rule until the incident is fully resolved and may be forwarded to the investigating authorities on a case-by-case basis.
Log files are also used for analysis purposes (with or without full IP address). See the Web Analysis module.
In particular, the following information is saved in the log files:
- The IP address (internet protocol address) of the terminal that is used to access the online Offers;
- The web address of the website from which the Online Offer was accessed (so-called source URL or targeting URL);
- The name of the service provider used to access the online Offer;
- The name of the files or information accessed;
- Date and time, and duration of recovery;
- The amount of data transferred;
- Operating system and information about the internet browser used, including installed add-ons (for example, Flash Player);
- Http status code (for example, “Request failed” or “File not found”).
This online offer is not intended for children under 16 years of age.
4.6 Data transfer
4.6.1 Data transfer to other controllers
Personal data is transmitted to other controllers mainly only when necessary for the performance of a contract, if we or a third party has a legitimate interest in the transfer or if you have given your consent. Details on the legal basis can be found in the section Processing Objectives and Legal Basis (Article 4.3). Where data is transferred to a third party on the basis of a justified interest, this is explained in this Data Protection Notice.
In addition, data may be transferred to other controllers when we are required to do so in accordance with applicable legal regulations or administrative or legal orders.
4.6.2 Service providers (general)
We have hired external service providers for tasks such as sales and marketing services, contract management, payments, scheduling, data hosting and helplines. We have carefully chosen these service providers and regularly evaluate them, especially with regard to the efficient management and protection of saved data. All service providers are required to ensure confidentiality and to comply with legal requirements.
4.6.3 Payment service providers
We use external payment service providers.
4.7 Shelf life, retention periods
We mainly store your data as long as it is necessary to provide our online offers and associated services as long as we have a legitimate interest in storing them (for example, we may still have a legitimate interest in mail marketing when performing a contract. ). In all other cases, we will delete your personal data, except for the data that we need to store in order to fulfill legal obligations (for example, we are obliged to provide documents such as contracts and invoices for a certain period of time, as a result of the periods withholding tax according to the tax and commercial code).
5.1 General data
Cookies are small text files saved on your computer when you visit an online Offer. If you access this Online Offer another time, your browser transmits the content of the cookies to the respective provider and thus allows the re-identification of the terminal. Reading cookies allows us to optimally configure our online offers for you and makes it easier for you to use them.
5.2 Disabling and deleting cookies
If you choose to block cookies, your browser has a blocking option. This cookie is for the sole purpose of allocating your objection. Disabling cookies may disable individual features of our web pages. Please note that for technical reasons, a blocking cookie can only be set for the browser that was used to set it. If you delete cookies or use a different browser or terminal, you must block them again.
Preferences do not apply to cookies that are set during your visits to third party websites by other providers.
Your browser allows you to delete all cookies at any time. To do this, see the support features of your browser. However, this may cause some individual functions to be unavailable.
In addition, you can manage and disable third-party cookies on the following web page:
As we do not operate this website, we are not responsible and cannot influence the content and availability.
5.3 General presentation of the cookies we use
In this section you can find an overview of the cookies we use.
5.3.1 Absolutely necessary cookies
Certain cookies are required in order to safely provide our online offers. This category includes, for example:
Cookies that identify or authenticate our users;
Cookies that temporarily store certain information entered by the user;
Cookies that store certain user preferences (for example, searches or language settings);
Cookies that store data to ensure unobstructed playback of video or audio content.
5.3.2 Analytical cookies
We use analytical cookies to record the usage behavior (for example, advertising banners accessed, searches performed) of our users and to evaluate it from a statistical point of view, in order to provide a pleasant and relevant browsing experience.
5.3.3 Advertising cookies
5.3.4 Conversion cookies
Our conversion tracking partners set a cookie on your computer (“conversion cookie”) when you arrive at our website through an advertisement from that partner. These cookies generally expire after 30 days. If you visit certain pages that we host and the cookie has not yet expired, we and our respective conversion tracking partner may see that a particular user has accessed the ad and been directed to our page. The information collected through the conversion cookie is used to create conversion statistics and determine the total number of users who accessed that ad and were directed to a page with a conversion tracking tag.
5.3.5 Tracking cookies in association with social plugins
- Web analytics
We need statistical information about the use of our online offerings in order to make them easier to use, to conduct large-scale measurements, and to conduct market research.
In this regard, we use the web analytics tools described in this section.
User profiles created by these tools using analytics cookies or analyzing log files do not contain personal data. The tools either do not use IP addresses at all or immediately restrict them to data collection.
The tools provide processed data only to processors that are subject to our directives and not for our own purposes.
Below you will find information about what each tool offers and how you can refuse to collect and process data through that tool.
Please note that in the case of tools that use blocking cookies, the blocking function affects a device or a browser and is thus valid for the terminal or browser currently in use. If you use multiple terminals or browsers, you must perform the lock on each device and each browser.
6.1 Google Analytics
Google Analytics is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). We use Google Analytics with the additional feature provided by Google to anonymize IP addresses. In the meantime, Google is already shortening IPs within the EU in most cases, but only in exceptional cases in the United States, and in both regions it saves only the short form of IP addresses.
You may refuse to collect or process your data using the following link to download and install a browser plugin: http://tools.google.com/dlpage/gaoptout?hl=en
- Social plugins
In our online offers we use the so-called social plugins from different social networks; these are described individually in this section.
While using plugins, your browser establishes a direct connection to the servers of that social network. This provider receives information that your browser has accessed from our Online Offers site, even if you do not have a user account with that provider or are not currently logged into your account. The log files (including IP addresses) are, in this case, transmitted directly by your browser to that provider and can be stored there. Your provider or servers may be located outside the EU or the EEA (for example, in the United States).
Plugins are individual extensions provided by social networking providers. For this reason, we cannot influence the extent of the data collected and stored by them.
You can find the purpose and scope of the social network’s continued collection, processing and use of your data, as well as your privacy rights and settings, by consulting the social network’s data protection notifications.
If you don’t want social network providers to receive and, if necessary, store or use your data, you shouldn’t use those plugins.
By using the so-called two-click solution (provided by Heise Medien GmbH & Co. KG) we protect you from the implicit recording and processing of your visit on our web pages by social networking providers. When using our website, which contains such plugins, they are initially disabled. Plugins will only be activated when you click the provided button.
7.1 Facebook plugins
Facebook is operated at www.facebook.com by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA and at www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). You can find an overview of Facebook plugins and how they look here: http://developers.facebook.com/plugins; Find information about data protection on Facebook here: http://www.facebook.com/policy.php.
7.2 Google+ Plugins
Google+ is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). You can find an overview of Google plugins and how they look here: https://developers.google.com/+/plugins. Find information about Google+ data protection here: http://www.google.com/intl/de/+/policy/+1button.html.
- External links
Our online offerings may include links to third party websites – suppliers not associated with us. Once you access the link, we have no influence over the collection, processing and use of personal data transmitted by accessing the link to a third party (such as the IP address or URL of the site where the link is located). we cannot, of course, monitor the behavior of third parties. We do not assume any responsibility for the processing of such personal data by third parties.
Our employees and the companies that provide services on our behalf have an obligation to ensure the confidentiality and compliance with applicable data protection legislation.
We take all necessary technical and organizational measures to ensure an adequate level of security and to protect your data managed by us, in particular against the risks of destruction, manipulation, loss, unlawful or unintentional modification or disclosure or unauthorized access. Security measures are constantly being improved, in line with technological progress.
- Users’ rights
To exercise your rights, please use the details provided in the Contact section. In this case, make sure that the person can be clearly identified.
Right to information and access:
You have the right to obtain our confirmation of the processing or non-processing of personal data and, if so, access to such data.
Right to correction and deletion:
You have the right to rectify your personal data incorrectly, without undue delay. For the purpose of processing, you have the right to complete incomplete personal data, including by providing an additional statement.
This does not apply to data required for invoicing and accounting or subject to the statutory retention period. If access to such data is not required, its processing is restricted (see below).
You have the right to delete personal data from our databases and from the server. Requests are sent to the e-mail address firstname.lastname@example.org, mentioning in detail what personal data you want to be deleted.
You have the right to request – provided that the legal requirements are met – that your data processing be restricted.
Refusal to process data:
You have the right to refuse the processing of data by us at any time. We will no longer process personal data unless we prove compliance with the legal requirements to provide demonstrable reasons for further processing, beyond your interests, rights and freedoms or for the establishment, exercise or defense of legal action.
Direct marketing rejection:
In addition, you may refuse the processing of personal data for direct marketing purposes at any time. Please note that for organizational reasons, there may be an overlap between your refusal and the use of that data in order to run the ongoing campaign.
Refusal to process data on a legal basis of “justified interest”:
In addition, you have the right to refuse the processing of personal data at any time, provided that the legal basis of the justified interest is applicable. In this case, we will cease the processing of your personal data, unless we can demonstrate compelling legitimate reasons, in accordance with the legal requirements, for the processing, which prevail over your rights.
Withdrawal of agreement:
If you have given your consent to the processing of data, you have the right to withdraw your consent with immediate effect. The lawfulness of the data processing before the revocation of the agreement remains unchanged. Requests are sent to the e-mail address email@example.com.
10.1 Data portability:
You have the right to receive the data you have provided to us in a common, structured format that can be read by software – if technically possible – to request the transfer of such data to a third party.
10.2 Right to lodge a complaint with the supervisory authority:
You have the right to lodge a complaint with a supervisory authority. You can contact the competent supervisory authority in your home or country or the responsible supervisory authority in our case. See below:
National Authority for the Supervision of Personal Data Processing
B-dul G-ral. Gheorghe Magheru 28-30
Sector 1, postal code 010336
Phone: +40.318.059.211; +40.318.059.212
- Amendments to the Data Protection Notice
We reserve the right to change our security and data protection measures if necessary as a result of technical progress. In such cases, we will amend the Data Protection Notice accordingly. Therefore, please follow the current version of the Data Protection Notice, as there may be changes.
If you want to contact us, you can find us at the address presented in the “Controller” section.
For the exercise of rights and for suggestions and complaints regarding the processing of your personal data, as well as for the withdrawal of the agreement, we recommend that you contact our data protection commissioner within the company:
- Date of entry into force: 25.05.2018