We consider ensuring the right to personal data protection as a fundamental commitment of NEUROINSIGHT SRL, therefore we will dedicate all the necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), as well as with any other legislation applicable on the territory of Romania. As one of the essential principles of this legal framework is transparency, we have prepared this document through which we want to inform you about how we collect, use, transfer and protect your personal data when you interact with us in relation to our products and services, including through our website or the applications available on your mobile phone.
We reserve the right to update and amend this Privacy Policy from time to time to reflect any changes to the way we process your personal data or any changes to legal requirements. In the event of any such change, we will post the amended version of the Privacy Policy on our website, which is why please check the content of this Privacy Policy periodically.
Who we are and how you can contact us
NEUROINSIGHT SRL, a legal entity of Romanian nationality, having its registered office in Str. Craiova 7 Ap. 1, Cluj-Napoca, with serial number in the Trade Register J12/2664/2018, unique tax registration code 39514546 (hereinafter “NEUROINSIGHT SRL” or “we“). For the purposes of data protection law, we are the controller when we process your personal data.
As we are always open to find out your opinions, as well as to provide you with any additional information you may need regarding the processing of your data, we encourage you to contact the Data Protection Officer of NEUROINSIGHT SRL at simona@neuroinsight.ro e-mail address.
What categories of personal data do we process
In general, we collect your personal data. directly from you, so you have control over the type of information you provide to us. By way of example, we receive information from you. thus:
When you create an account on www.neuroinsight.ro, you send us: your email address, first and last name;
Within your page. personal information (My Account) from the NEUROINSIGHT SRL platform you can add additional information, such as: display name, telephone number, delivery addresses, billing addresses, etc.;
When you place an order, you provide us with information such as: the desired product, first and last name, delivery address, billing details, payment method, telephone number, etc.
We may also collect and subsequently process certain information about your behavior while visiting our website or using the smartphone application, in order to personalize your online experience and provide you with offers tailored to your profile. We invite you to find out more details in this regard by consulting the section on the purposes of processing below.
On our website and smartphone app we may store and collect information in cookies and similar technologies, in accordance with the Cookie Policy.
We do not collect or otherwise process sensitive data, which is included by the General Data Protection Regulation in special categories of personal data. We also do not want to collect or process data from minors under the age of 16.
What are the purposes and grounds of processing
We will use your personal data. for the following purposes:
- For the provision of NEUROINSIGHT SRL services for your benefit.
This general purpose may include, where appropriate, the following:
a) Creating and managing the account within the www.neuroinsight.ro platform;
b) Processing orders, including picking, validating, shipping and invoicing them;
c) Solving cancellations or problems of any kind related to an order, goods or services purchased;
d) Return of the products according to the legal provisions;
e) Reimbursement of the value of the products according to the legal provisions;
Processing of your personal data for these purposes it is in most cases necessary for the conclusion and execution of a contract between NEUROINSIGHT SRL and you. Also, certain processing subsumed for these purposes is required by the applicable legislation, including tax and accounting legislation.
- To improve our services
We always want to offer you the best online shopping experience. To do this, we may collect and use certain information in connection with your behavior. As a Buyer, we may invite you to complete satisfaction questionnaires following the completion of an order or we may conduct, directly or with the help of partners, market studies and research.
We base these activities on our legitimate interest in conducting business, always taking care that your rights and freedoms are protected. not to be affected.
- For marketing
We want to keep you up to date on the best offers for the products/services you are interested in. In this regard, we may send you any type of message (such as: e-mail/SMS/telephone/mobile push/webpush/etc.) containing general and thematic information, information on products similar or complementary to those you have purchased, information on offers or promotions, information regarding products added to the “My Account/Cart” section or you have shown interest in purchasing them, as well as other commercial communications such as market research and opinion polls, and we may display personalized recommendations on the website and smartphone app. In order to provide you with information of interest to you, we may use certain data about your behaviour. by the buyer (e.g. viewed/purchased products) to create a profile. We always ensure that this processing is carried out in compliance with your rights and freedoms. and that decisions made on the basis of them have no legal effects on you. and does not similarly affect you to a significant extent.
In most cases, we base our marketing communications on your consent. beforehand. You can change your mind and withdraw your consent at any time by:
– Accessing the unsubscribe link displayed in the messages you receive from us; or by
– Contacting NEUROINSIGHT SRL using the contact details described above.
In certain situations, we may base our marketing activities on our legitimate interest in promoting and developing our business. In any situation where we use information about you, For our legitimate interest, we take care of and take all necessary measures to ensure that your rights and freedoms are respected. not to be affected. However, you can ask us at any time, by the means described above, to stop processing your personal data. for marketing purposes, and we will comply with your request.
- To defend our legitimate interests
There may be situations where we will use or transmit information to protect our rights and business activity. These may include:
– Measures to protect the website and users of the www.neuroinsight.ro platform from cyberattacks:
– Measures to prevent and detect fraud attempts, including the transmission of information to the competent public authorities;
– Measures to manage various other risks.
The general basis for these types of processing is our legitimate interest in defending our business activity, with the understanding that we ensure that all measures we take guarantee a balance between our interests and your rights and freedoms. fundamental.
Also, in certain cases, we base our processing on legal provisions such as the obligation to ensure the protection of goods and values provided for by the applicable legislation in this area.
How long do we keep your personal data? Personal
As a general rule, we will store your personal data. as long as you have an account on the www.neuroinsight.ro platform. You can ask us to delete certain information or close your account at any time, and we will comply with such requests, subject to the retention of certain information, including after you have closed your account, where required by applicable law or our legitimate interests.
To whom do we share your data? Personal
Where applicable, we may transmit or provide access to certain personal data of yours. to the following categories of recipients:
– courier service providers;
– to payment/banking service providers;
– marketing / telemarketing service providers;
– market research service providers;
– to other companies with whom we may develop joint market offering programs for our goods and services.
Where we have a legal obligation or if necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We make sure that access to your data is by third parties legal entities of private law are carried out in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.
To which countries we transfer your personal data
We currently store and process your personal data. on the territory of the European Union.
However, we may transfer certain data of yours to others. to entities located in the European Union or outside the Union, including in countries that have not been recognised by the European Commission as having an adequate level of protection of personal data.
We will always take steps to ensure that any international transfer of personal data is carefully handled with the aim of protecting your rights and interests. Transfers to service providers and other third parties will always be protected by contractual commitments and, where applicable, by other safeguards, such as standard contractual clauses issued by the European Commission or certification schemes, such as the Privacy Shield for the protection of personal data transferred from within the EU to the United States of America.
You can contact us at any time, using the contact details set out above, to find out more information about the countries to which we transfer your data, and the safeguards we have put in place with respect to these transfers.
How we protect the security of your personal data Personal
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures in accordance with industry standards.
Transmission of your personal data It is done using state-of-the-art encryption algorithms and we store them on secure servers, while ensuring data redundancy.
We use the services of the payment processor PayPal to make payments. Any payment information is encrypted using HTTPS technology with TSL 1.2 encryption.
Despite the measures taken to protect your personal data, we have taken steps to protect your personal data. On a personal basis, we would like to point out that the transmission of information via the Internet, in general, or through other public networks, is not completely secure, and there is a risk that the data will be seen and used by unauthorized third parties. We cannot be responsible for such vulnerabilities of systems that are not under our control.
What rights do you have?
The General Data Protection Regulation gives you a number of rights in relation to your personal data. personally. You can request access to your data, correct any mistakes in our files and/or object to the processing of your data. personally. You can also exercise your right to complain to the competent supervisory authority or to go to court. Where appropriate, you may also have the right to request the deletion of your personal data. the right to restrict the processing of your personal data. and the right to data portability.
More information on each of these rights can be obtained by consulting the table below.
In order to be able to exercise your rights, you can contact us using the contact details set out above. Please note the following if you wish to exercise these rights:
Identity. We take the privacy of all records containing personal data seriously. For this reason, please send us your requests. regarding such registrations using the email address of the account. Otherwise, we reserve the right to verify your identity by requesting additional information aimed at confirming your identity.
Fees. We will not charge a fee to exercise any rights in relation to your data. personal information, unless your request is access to information is unfounded, i.e. repetitive or excessive, in which case we will charge a reasonable amount in such circumstances. We will inform you of any fees applied before processing your claim.
Duration of response. We aim to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made multiple requests, in which case we are going to respond within a maximum of two months. We will let you know if we need more than a month. We might ask you if you can tell us exactly what you want to receive or what you’re worried about. This will help us act faster and shorten the response time to your request.
Third Party Rights. We do not have to comply with a request if it would adversely affect the rights and freedoms of other data subjects.
| Rights covered | Description |
| Access | You can ask us: to confirm whether we are processing your personal data; provide you with a copy of this data; provide you with other information about your personal data. Personal information, such as what data we have, what we use it for, to whom we disclose it, whether we transfer it abroad and how we protect it, how long we keep it, what rights you have, how you can make a complaint, where we obtained your data, to the extent that the information has not already been provided to you through this information. |
| Rectification | You can ask us to rectify or complete your inaccurate or incomplete personal data. We may try to verify the accuracy of the data before rectifying it. |
| Data deletion | You can ask us to delete your personal data, but only if: it is no longer necessary for the purposes for which it was collected; you have withdrawn your consent (if the data processing was based on consent); you are exercising a legal right to object; or they have been unlawfully processed; Saune is a legal obligation in this regard. We are under no obligation to comply with your request. deletion of your personal data personal data where the processing of your personal data is personal is necessary:for compliance with a legal obligation; or for the establishment, exercise or defence of a right in court. There are certain other circumstances in which we are not obliged to comply with your request. data deletion, although these two are the most likely circumstances in which we could refuse this request |
| Restriction of data processing | You can ask us to restrict the processing of personal data, but only if: its accuracy is disputed (see rectification section), in order to allow us to verify its accuracy; or the processing is unlawful but you do not want the data to be deleted; or they are no longer necessary for the purposes for which they were collected, but you need them to establish, exercise or defend a legal claim; You have exercised your right to object, and the verification of whether our rights prevail is ongoing. We may continue to use your personal data. Personal information following a request for restriction, where: we have your consent; or to establish, exercise or defend a right in court; or to protect the rights of NEUROINSIGHT SRL or of another natural or legal person. |
| Data portability | You can ask us to provide you with your personal data in a structured, commonly used and machine-readable format, or you can request that it be “ported” directly to another data controller, but in each case only if: the processing is based on your consent. or the conclusion or performance of a contract with you; and processing is done by automatic means. |
| Opposition | You can object at any time, for reasons related to your particular situation, to the processing of your personal data. on the basis of our legitimate interest, where you believe that your rights and freedoms are being compromised. prevail over this interest. You can also object to the processing of your personal data at any time. for direct marketing purposes (including profiling), without giving any reason, in which case we will cease this processing as soon as possible. |
| Automated decision-making | You can request that you not be subject to a decision based solely on automated processing, but only where that decision: produces legal effects on you; or affects in another similar way and to a significant extent. This right does not apply where the decision reached as a result of automated decision-making: is necessary for us to enter into or perform a contract with you; is authorised by law and there are adequate safeguards in place for your rights and freedoms; SAUSE relies on your consent. Explicitly. |
| Complaints | You have the right to lodge a complaint with the supervisory authority regarding the processing of your personal data. personally. In Romania, the contact details of the data protection supervisory authority are as follows:National Supervisory Authority for Personal Data Processing B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, postal code 010336, Bucharest, RomaniaPhone: +40.318.059.211 or +40.318.059.212;E-mail:anspdcp@dataprotection.roWithout affecting your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will make every effort to resolve any issue amicably. |
- We remind you that you can contact the Data Protection Officer at any time by sending your request:
– by e-mail to: simona@neuroinsight.ro
