PRIVACY POLICY

LAST REVISION: 01.10.2022

Welcome to Kondiment! Thank you for your interest in our services and products. We value the importance of protecting your personal information and recognize the needs and rights of each user with regard to their privacy in the online medium. That is why we are committed to processing your data responsibly and in accordance with the GDRP provisions.

1. ABOUT KONDIMENT

1.1.The data operator is SC KONDIMENT Worldwide S.R.L. (hereinafter "Kondiment"’’"), a company headquartered in Bucharest, Str. General Gheorghe Manu, no. 7, District 1, registered with the Trade Registry (ORC), under no. J40 / 2418 / 27.02.2014, having fiscal code (RO) 32853995.

2. INTRODUCTION

2.1.According to the GDPR provisions, effective from 25.05.2018, any company providing services and / or products to any customer in the European Union and the European Economic Area must align with the new implementations regarding personal data processing. Kondiment is not liable for any loss or leakage of information caused by third-party security errors or issues.

2.2.The processing of personal data refers to any operation or set of operations such as the collection, recording, storage, organization, extraction, use, transmission, adaptation, disclosure, modification or destruction in any way of the data of a natural person.

3. WHAT IS PERSONAL DATA?

3.1. Personal data is that information relating to an identified or identifiable natural person called the person concerned or data subject (an alive individual that can be identified, directly or indirectly, by specific factors such as physical, physiological, genetic, psychological, economic, cultural or social identifiers). Other personal information that may lead to the identification of a person can also be considered personal data.

3.2. Personal data can be anonymized (no longer containing identification elements), encrypted or pseudonymized (replaced with a code). Public data may be considered personal data, except when it has been made public by the data subject / person concerned.

3.3. Examples of standard personal data:

  • Your name and surname;
  • Your email address;
  • Internet Protocol (IP) address;
  • Cookie identifiers. 

3.4.However, Kondiment acknowledges that there is in fact no such thing as a complete list with examples of personal data, and that is why our team is always willing to consider any information that you deem personal.

4. WHAT DATA DOES KONDIMENT PROCESS?

4.1. Kondiment collects data directly (when you visit our website or subscribe to our newsletter), indirectly (when you enter the contact information in our CRM system), and from third parties (Google and Facebook).

4.2. Data processed by Kondiment, collected through contact or newsletter forms, Google Analytics and / or Facebook Insights, may include, but are not limited to, the following:

  • Information about your company / organization - name of legal entity, address, contact details, industry;
  • Information about your resume / CV - name and first name of the person concerned, address, contact details, professional experience, qualifications and diplomas;
  • Information about your social media accounts (natural person) - public data on your social network accounts, as well as your content (images, videos, symbols, hashtags, etc.);
  • Your habits and behavior on our website;
  • Likewise, every time you visit our website, your browser sends us some information that we store. This may include your computer's IP address, operating system, browser type and version, geographic location, the pages you've visited on our website, the time spent on each of those pages, the date of your visit, mobile device and other statistics.

4.3. You can rest assured that the information we collect is not used to identify visitors on our website, and Kondiment never sells your data to third parties.

5. YOUR CONTENT ON SOCIAL MEDIA

5.1. You can share content on social networks, such as pictures with you, comments, hashtags, videos, and other recordings. Kondiment may decide to distribute all or part of this content together with your public profile on our website (for example, when you leave comments on a blog page) and your consent is by default.

5.2. You have the right to refuse this data processing and to withdraw your consent regarding the collection and use of your data for the above purpose. Please contact us in writing (via e-mail or in the post) or by phone to communicate this decision, and we will stop processing your data for this purpose as soon as possible.

6. USE OF THIS WEBSITE BY MINORS

6.1. This website can be accessed by people aged between 13 and 16 only with parental consent. According to GDPR rules, Kondiment cannot process personal data for users under the age of 13. We reserve the right to request additional information and evidence for both age and parental consent confirmation. Kondiment may also refuse processing of data and access to this website for minors without prior notice and in any circumstances Kondiment considers it necessary.

7. RETENTION OF YOUR PERSONAL DATA

7.1. Kondiment reserves the right to retain your personal data for a maximum of 5 years (from your last access on www.kondiment.com) or for longer or shorter periods only if required by law or there are legal circumstances that require these practices. If there are no legal grounds for keeping and storing your data, you may request the partial or total erasure of your information. Please read Clause 9 of this legal document for more details.

8. WHY DOES KONDIMENT PROCESS YOUR PERSONAL DATA?

8.1. All collected and processed data is performed for specific purposes. These may result from technical requirements, contractual requirements, or explicit client requests. For technical reasons, certain data could be collected and stored during your visit on . These may include the date and duration of your visit, the visited webpages, the browser’s ID and the type of operating system used, and the website you are visiting us from.

8.2. If you subscribe to our newsletter, the following information is collected: name, surname, email address and industry you are working in. In this case, we may use your email address for promotional purposes.

8.3. If you sign up for our newsletter, we will save the IP address of your IT system assigned by your Internet service provider (ISP) and the registration date and time. We save this data to track the (potential) abuse of the email address of a data subject (person concerned), as well as for our own legal protection. You can unsubscribe from our newsletter at any time by sending an email at [email protected].

8.4. We mention that your data will only be used anonymously for statistical analysis.

8.5. In order to continuously improve our offers, we save and analyze pseudonymized online usage data from the online medium. The legal basis is Article 6 (1) (f) from GDPR.

8.6. Inasmuch as we request the agreement to process your personal data, it serves as a legal basis under Article 6 (1) (a) from GDPR.

8.7. For the processing of personal data required for the performance of a contract with you, the contract forms the legal basis under Article 6 (1) (b) from GDPR. Article 6 (1) (b) from GDPR also applies to the processing operations that are necessary for the execution of preliminary measures, for example if you ask about our products or services.

8.8. If our company is subject to legal requirements that necessitate the processing of personal data, for example, in order to fulfill its fiscal responsibilities, the processing is based on Article 6 (1) (c) from GDPR.

8.9. If you click on a link that redirects you to an external page, you will exit www.kondiment.com. Therefore, Kondiment is not liable for the content, services or products offered on the linked website, nor for the confidentiality and technical security on the associated website.

9. WHAT IS “THE RIGHT TO BE FORGOTTEN”?

9.1. The right to data erasure (“the right to be forgotten”) is the right of the natural person to request the company (in this case, Kondiment) to destroy their personal data as soon as possible unless a law or competent authority opposes this procedure, and only when there are good reasons such as:

  1. Data is no longer necessary to the company;
  2. The person concerned withdraws his or her consent and opposes the processing of their data. Please note that if the services have been provided and invoices have been issued, the identification data entered on the invoice will be archived for 10 years, according to the Fiscal Code;
  3. Data processing was done illegally or incorrectly.

9.2. In this case, you may request that your data be deleted by sending an email at [email protected], and we will do our best to destroy your data within as soon as possible. According to GDRP rules, Kondiment has no right to refuse your request (when clauses 9.1, 9.a., 9.b., and 9.c. are met) and cannot delay the process of deleting your data for more than 30 days upon reciept of your request. All your data will be deleted and communication (including by email or newsletters) will automatically be ceased.

10. WHAT IS THE RIGHT TO DATA PORTABILITY?

10.1. Data portability is the process of copying, retrieving or transferring of data from one computer system to another. Every consumer in the European Union and the European Economic Area has the right to receive their personal data in a structured format, which is currently used, legible, can be automatically read and sent directly to the person concerned or transferred to another data operator (provided this operation is feasible from a technical point of view). Kondiment respects the digital identity of users and undertakes to port your personal data in a responsible and safe manner.

10.2. In this case, you can request the portability of your data by email at [email protected], and we will do our best to transfer your data as soon as possible.

11. YOUR RIGHTS AND THE DATA PROTECTION OFFICER

11.1. Right of access - guarantees the right of the person concerned to be notified if the operator (in this case, Kondiment) processes or does not process personal data. The person concerned has the right to access the data and the details of how this data is processed.

11.2. Right to object to processing - guarantees the right of the person concerned to oppose the processing of personal data if it is aimed at various commercial activities such as direct marketing or personalized ad targeting.

11.3. Right to rectification - guarantees the data subject's right to correct personal data if it has been processed and / or stored improperly or irresponsibly. Kondiment promises that the rectification of any such information will be communicated in writing or by telephone to the person concerned only if there are legal grounds.

11.4. If you have any inquiries or requests regarding the processing of your personal data and your rights listed in paragraphs 9.1., 10.1., 11.1., 11.2. and 11.3., you can contact the Data Protection Officer by email at [email protected].

Or you can contact us in writing by mail at: Strada Constantin D. Stahi, nr. 9, Sector 1, București

12. DATA SECURITY

12.1. Kondiment takes all the necessary precautions, both technical and organizational, to prevent and stop the loss or leakage of your data. Although we implement SSL certificates that encrypt certain personal information, we cannot guarantee the security of data transmission over the Internet. To increase security, we store personal data on dedicated servers from Hetzner and Amazon Web Services, which periodically pass through a data security audit.

13. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES

13.1. Under certain circumstances, the consent of the person concerned is not necessary for the operator (in this case, Kondiment) to disclose personal data to third parties. The following situations are set out by law:

  1. The operator may use or disclose personal data when processing is necessary to protect the life, physical integrity or health of the person concerned, as well as the members of the Kondiment team;
  2. An operator may use or disclose personal data when processing is required to meet legal obligations of the operator;
  3. The operator may use or disclose personal data when processing is required by law;
  4. We never disclose your data to third parties, unless business relationships require us to do so. If we use contractors or agents to honour your contracts with you, we need to communicate the data to them. In order to ensure that your data is processed solely for the purpose of executing the order, third parties are required to comply with appropriate contractual obligations. Data transfer between group companies is only possible if you are explicitly informed about this.

14. CHANGES TO THE PRIVACY POLICY

14.1. SC KONDIMENT Worldwide SRL reserves the right to make changes and / or corrections to the Privacy Policy whenever the Company considers it necessary to comply with applicable laws and to ensure the protection of users' personal data on the website www.kondiment.com. To review recent changes, please read LAST REVISION at the top of this page. Kondiment does everything possible to inform you in writing (by e-mail) about the latest changes to the Privacy Policy. However, it is understood that your navigation on this website represents your acceptance of our Company's Privacy Policy and that you have read this legal document in its entirety.

15. COMPLAINTS AND DISPUTES

15.1. Kondiment always takes into account your suggestions, requests and complaints; therefore, we do our best to resolve any dispute or misunderstanding, and to facilitate the process of reaching a common agreement. However, if in any event you believe that your rights regarding the processing of personal data, set out in Regulation no. 2016/679, have been violated, you may file a complaint with the National Supervisory Authority for Personal Data Processing, or ANSPDCP, in Romania. For other countries in the European Union, you can contact data protection authority in your region.

16. LEGAL INFORMATION

16.1. This confidentiality document was drawn up on the basis of the provisions of various European legislations, including art. 13/14 of Regulation (EU) No. 2016/679 (General Data Protection Regulation). Under the GDPR rules, if you want more information or details about our Privacy Policy, you have the right to contact our Data Protection Officer at [email protected].