I Future NXT SRL is an organization that manages information about individuals, I Future NXT SRL, including all companies in the group and its affiliates, must comply with the relevant data protection laws of the countries in which it operates. All the “data protection” or “data privacy” laws (as sometimes mentioned) govern how organizations collect, use and share personal data, and how they grant individuals data rights their personal.
This policy sets out the key principles regarding data protection and how I Future NXT SRL strives to comply with these principles. There are additional policies / indications / provisions that cover more detailed information on some important topics and should be read in conjunction with this policy. In addition, each member of the I Future NXT SRL Company, staff (as defined below) will undertake mandatory and regular data protection training.
Your personal data may be provided by you within the various sections of the Site, in particular in the following situations: When you create an account in the “Careers” section or when you fill out the Site contact form, the application form of a personalized offers, customer / merchant referral form, or the “Careers” form.
The data provided by you must be real, accurate and up-to-date, and you must have the right to provide them. You are therefore responsible for the data you provide on the Site, both to us and to any third party that may be damaged by the provision of the data.
The site may also collect certain information about your navigation and interactions with its various sections. We will store or access information and cookies in your terminal equipment (computer, phone, tablet, etc.) only under the conditions described in the appropriate Cookies section.
THE CONSEQUENCES OF THE INFRINGEMENT OF DATA PROTECTION LAW AND THESE POLICIES
Violation of data protection legislation may result in sanctioning measures against I Future NXT SRL by the Data Protection Regulator.
The following definitions of the terms used in this document are taken from Article 4 of the GDPR:
Personal Data: Means any information about an identified or identifiable individual (the “Target Person”) that can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, data location, an online identifier, or one or more elements specific to the physical, physiological, genetic, psychic, economic, cultural or social identity of the individual.
Processing: Means any operation or set of operations performed on personal data or personal data sets with or without the use of automated means such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consulting , use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction of data.
DPO: Means the Data Protection Officer, namely the person responsible for data protection.
BASIC PRINCIPLES ON THE PROCESSING OF PERSONAL DATA
There are eight basic data protection principles that I Future NXT SRL respects when managing personal data about others:
– transparency about what it does with the data and why it uses it;
– data security ;
– we collect dates and we are processing them lawfully ;
– we keep all the dates updated, accurate and complete;
– We never store the data longer than necessary, and we have implemented data retention periods, whenever there is no mandatory retention period provided by law;
– we respect the legal rights of data subjects regarding their personal data;
– we do not transfer the data abroad without taking the data transfer measures, and not before informing the data subject.
EQUITY AND TRANSPARENCY
Personal data are processed legally, fairly and transparently against the data subjects. This is the basic principle and means that we use personal data only to the extent that the persons entrusting them to I Future NXT SRL and have been informed of the use.
In order to comply with this principle of fairness and transparency, I Future NXT SRL provides information on data processing to any natural person whose personal data are being processed.
These notifications are provided when collecting personal data and should explain the following main topics:
– What kind of data will be collected;
– For what purpose they will be used;
– Who they will be shared with (if the case);
– If transfers are to countries outside EU;
– How long they will be kept and
– What are the rights of individuals regarding to their personal data.
– Indication of contact channels through which the data subjects can exercise these rights.
If during the course of the activity I Future NXT SRL identifies a new purpose for the use of personal data for reasons other than those contained in previous notices, the data subjects will be notified prior to any use for a new purpose, about change.
I Future NXT SRL understands to carry out all the processing activities for a well-defined purpose and related to its activity, but also circumscribed to an appropriate legal justification as follows:
– subscribing to the I Future NXT LLC newsletter, through which we will send new product or service releases for commercial promotions and campaigns by I FutureNXT SRL independently or in co-operation with one or more partners, useful information about specific topics etc .;
– managing customer relationships, partner merchants, and users of products and services through my account section;
– providing responses when completing the contact form;
– participation in competitions and campaigns organized online by I Future NXT SRL
– managing the applications received through the “Careers” section;
– Performing site navigation analyses and user interactions with the Site.
THE CONSENT OF THE PERSON CONCERNED
Obtaining the consent of the person whose data we are about to be collected and processed is another legal basis provided by the GDPR, and I Future NXT Ltd. attaches to it a great importance in respect of this principle.
Personal data will be used only when it is absolutely necessary and relevant to a particular process task or project task. This requirement applies to all staff members of I Future NXT SRL.
If the use of personal data cannot be avoided, the Company I Future NXT SRL will only use the minimum data necessary for the fulfilment of that purpose.
ACCURACY OF DATA
Data protection legislation requires personal data to be kept accurate, complete and up-to-date.
However, the requirement to maintain the quality and integrity of data is not only a requirement for data protection but also a commercial requirement.
STORAGE PERIOD AND STORAGE OF DATA
We will keep your personal data for a period that does not exceed the time required to meet the purposes for which the data are processed, unless otherwise provided in the legal provisions.
– With regard to the Company I Future NXT SRL newsletter, we will keep your e-mail address in the newsletter database as long as your subscription is active; from the moment we receive your unsubscribe request, we will disable newsletters sending to your email address;
– with respect to the account created we will keep your personal data for the duration of the account and subsequently for the time required to prove the transactions made through the account;
– on the contact form and the application form for a personalized offer etc, we will keep your personal data for the time necessary to provide answers to your messages and requests and proof of correspondence with you but no longer than 1 year from their receipt;
– In the case of applications received through the “Careers” section, if we do not respond to these applications, your data will remain in the Sincron database to participate in recruitment programs to be held in the future, but not more than 2 years from the date of their collection;
– With regard to performing Site Browsing analyses and user interactions with the Site, we will keep the data on your interactions with the Site for up to 3 years.
The company I Future NXT SRL may delete your personal data when it considers that it is no longer necessary for the purposes for which it was collected.
If you want to know what cookies are going through the Cookies Policy on our Site.
SECURITY OF DATA
Another very important principle of data protection is information security and is therefore a requirement applicable to all staff members of I Future NXT SRL,
I Future NXT SRL is subject to the technical and organizational security measures imposed by law and industry standards to protect your personal data against accidental or unlawful destruction, loss, alteration, disclosure or unauthorized access, as well as against any other form of illegal processing.
We also take action to ensure that we use your personal information exactly as described in this Policy and to respect the choices you make regarding the processing of your personal data.
DIVULGATION TO THIRD PARTIES
Except as outlined below, we will not disclose without authorization any information regarding your data. Based on your explicit, unambiguous consent, provided only within the limits of the applicable law or for the purpose of fulfilling a legal obligation and / or protecting a legitimate interest, we may transmit your personal data to:
– Service providers in the following areas: marketing, administrative and transaction processing;
– other service providers, all of whom have signed agreements to maintain confidentiality of information;
– Organizations or companies that coordinate specific surveys and agree to keep the information received confidential;
– State agencies, governmental, if legislation stipulates this;
– Other authorities and bodies, in order to fulfil our legal obligations and / or to protect our legitimate interests;
– Other companies with which we can develop joint marketing programs for our products and services;
– The Trust Corporation of which I Future NXT SRL is part of.
The transmission of your personal data to the above mentioned recipients will be done only on the basis of a confidentiality commitment and to ensure an adequate level of security on their part, ensuring that personal data is kept secure.
THE RIGHTS OF INDIVIDUALS
Individuals are granted various rights through data protection laws. These rights and key actions that we need to take when they are exercised are presented below:
– The right to be informed about the way and the reason for the use of personal data;
– The right to request copies of the personal data owned by an entity (including information contained in emails, instant messages, notes, etc.);
– The right to request the correction of any inaccuracies in their personal data;
– The right to order the deletion of personal data (including definitive deletion from the Company’s systems and any systems of an outsourcing provider to which the Company has granted access);
– Right to restrict I Future NXT SRL from processing of personal data;
– The right to oppose the use of their personal data for direct marketing purposes;
– The right to portability meaning that any personal data that has been provided to I Future NXT SRL can and will be transferred to another party (for example, another banking service provider) “in a structured, commonly used and auto-readable format”; and
– The right not to be subject to a fully automated decision-making process (eg. a system-generated decision without a human contribution), if the result has a significant legal effect or a similar effect on the person concerned.
– You also have the right to submit a complaint to the National Supervisory Authority for Personal Data Processing, at 28-30 Gheorghe Magheru Blvd., sector 1, postal code 010336, Bucharest, Romania, phone: + 40318059211, e-mail: email@example.com.
If I Future NXT SRL receives a request from you in the exercise of any of the above rights, we shall respond to the request within 30 days, with the possibility of extending this period, only after informing the data subject and provided there is a reasoned justification for the impossibility of replying within 30 days.
BREACH OF DATA SECURITY
If personal data is lost, damaged, stolen or otherwise compromised, or if someone makes a complaint about how I Future NXT SRL handled personal data, it will report the violation to the National Supervisory Authority for Personal Data Processing Personally within 72 hours of finding the violation and promptly notify relevant persons if they are likely to be affected by the incident. In addition, the Company will do its best to limit damage caused by data breach.
ORGANIZATION AND RESPONSIBILITIES
The responsibility for ensuring proper processing of personal data rests with any person working for or with I Future NXT SRL and having access to processed personal data.
DPO contact information
If you have a question about exercising any of your above mentioned rights or any addressing request, you should contact your local DPO at the following email address