Privacy Policy

www.abac.software

Version [01.01.2021]

Contents:

  1. General statements
  2. Company details
  3. Data processed. The aim, duration, and ground of processing 
  4. Sensitive data processed. The aim, duration, and ground of processing
  5. Mechanisms and using automated decision-making systems 
  6. Revealing and supplementary use of your data 
  7. How we collect data
  8. Information security
  9. Transfer of your data outside the European Economic Area 
  10. Your rights to personal data
  11. Minor privacy
  12. Principles of policy
  13. Changes
  1. General statements

1.1 Personal data privacy represents one of the main preoccupations within RED ABACUS DEVELOPMENT SRL (hereinafter the “Company”). As such, we wish to ensure the highest privacy, integrity, and transparency standards regarding personal data that we process in our activity.

1.2 In carrying out our activity, it is necessary to process personal data in terms of the specific object of our of activity; we wish to assure you that the processing will take place by complying with the principles of personal data transparency and security. This privacy policy is meant to help you understand what data we collect, why we collect it and what we do with it. 

1.3 Our data protection policy and practices focus on processing, exchanging, and storing personal data accordingly and legally and also on ensuring privacy, integrity, and availability. 

1.4 All users have free access to the website https://abac.software/, provided they comply with this privacy policy. Our website is in accordance with the General Data Protection Regulation – GDPR ((EU) Regulation 2016/679).

  1. Company Details

2.1 RED ABACUS DEVELOPMENT SRL is a Romanian company, based in Cluj-Napoca, str. Gruia nr 27, 400171, Cluj county, registered with the Trade Registry under no J12/2788/2016, having the tax number RO36345302, contact address contact@abac.software

2.2 The company acts as a personal data operator, data collected by means of the Internet page https://abac.software/ (hereinafter the “Site”).

2.2 The operator shall manage the personal data that the users of the Site provide, safely and only for the purposes specified.

  1. Data processed. The aim, duration, and ground of processing
The moment of processing Datum processed Aim of processing Period of retention The ground of processing Where it is stored Transfer
3.1 Accessing the site 3.1.1 the log of the web server ensuring the security of the IT network six months observing legal obligations – Article 6 paragraph (1) letter (c) from the Regulation own server / server of a third party – tlh.ro / google.com no
3.1.2 cookies* behavioural analytics in order to optimise user experience  different based on cookie (see GDPR policy)  your consent (article 6 paragraph (1) letter (a)  in the browser  no
3.3 Using the contact form 3.3.1 last name, first name, e-mail, telephone number to answer the questions and messages we receive and for keeping a mail record  only for as long as they are necessary your consent (article 6 paragraph (1) letter (a) in electronic format, on the server yes, we keep this information in our CRM and we send it over to mailchimp.com for starting newsletters and marketing emails
3.4 Contact by telephone 3.4.1 telephone number + data provided in conversation  to answer the questions and messages we receive and for keeping a mail record  only for as long as they are necessary your consent (article 6 paragraph (1) letter (a) in electronic format, on the server yes, if user opts for booking a meeting, the phone number is transferred to youcanbookme.com and to google calendar
3.5 Contact by post 3.5.1 All the information provided in postal communications to answer questions and messages we receive and for keeping a mail record for as long as necessary, which will be applied in a corroborated manner with the legal obligations established in our task  Is necessary for performing a contract or for starting an engagement process in a contract upon your request (article 6 paragraph (1) letter (b) physically, cupboard with key no
3.6 enrolling for newsletter 3.6.1 Last name, first name, e-mail To transmit the newsletter Until unsubscribing Your consent (article 6 paragraph (1) letter (a) from the General Data Protection Regulation). in electronic format, on the server yes, email will end up in mailchimp
3.9 Endorsement of receipt of marketing communications  e-mail  To receive marketing communications Until consent withdrawal consent (article 6 paragraph (1) letter (a) from  the General Data Protection Regulation). in electronic format, on the server

yes / no (if yes, where example: hosting

provider)

*3.1.2 for further information on cookies please consult our cookie policy, available at https://abac.software/gdpr

3.11 Criteria for establishing retention periods 

The data shall be stored for a necessary minimum period for fulfilling our aim, taking the following into account: 

  • the aim and use of your information both at present and in the future (for example, if it is necessary to continue to store those pieces of information in order to continue to fulfil our obligations based on a contract with you or to contact you in the future);
  • if we have a legal obligation to continue the processing of your information (such as any obligations of keeping recordings imposed by law or relevant regulations); 
  • if we have any ground to continue the processing of information (such as your consent); and
  • risk, cost, and responsibility levels involved in continuing to possess information. 

3.12 If we receive information about you by mistake 

If we receive information about you by mistake from a third party and/or we do not have a legal ground for processing these pieces of information, we shall erase your information.

4. Mechanisms and using automated decision-making systems 

4.1 We use automated decision-making mechanisms on our website. We do not consider that this has a legal effect on you or that it affects you in a similar manner. 

You have the right to oppose our profiling and automated decision-making mechanisms described in this section. You can do this by giving up cookies and similar technologies, in accordance with the method described in the relevant section from this privacy policy. If you do not want us to process your real IP address (usually, the IP address assigned by the Internet service provider) when you visit our site, you can use a virtual private network (VPN) or a free service.

You can find out more about using cookies and similar technologies (including the legal basis for using them) and about how to give these up in the cookie policy, available here, https://abac.software/gdpr.

4.2. Automated decision-making mechanisms

Automated decision-making mechanisms are those mechanisms of making decisions by means of technological means (through a machine) without human involvement. 

Using automated decision-making mechanisms for advertising

We automate the display of commercials that contain our products and services on other websites that you visit by using cookies. 

The logic involved: the automated display of ads to the persons who visited our website leads to an increase in the efficiency of advertising and it is more economical for us than a manual display or other methods of advertising.

The significance and envisaged consequences: cookies will be used in order to recognise the fact that you visited our site to display ads (but for the case in which you blocked such cookies) and they will collect information about your online behaviour. 

How you can oppose: you can block these types of cookies using the setting of the browser. For further information, consult our cookie policy https://abac.software/gdpr

5. Revealing and supplementary use of your data

This section establishes the circumstances in which we will reveal your data to third parties and any other supplementary purposes for which we use your data.

5.1 Revealing your data to service providers

5.1.1 We use a series of service providers that are important for the development of our business and that process your information for us and on our behalf, respectively: 

    Telephone service providers: no

    E-mail service providers: google.com

    IT service providers: no

    Website developers: redlemondigital.com / klain.ro 

    Web hosting service provider(s): tlh.ro / firebase.google.com

    Marketing service providers: mailchimp.com / hubspot.com / inspectlet.com

    E-mail marketing service providers: mailchimp.com

5.1.2 Your information will be shared with these service providers, where it is necessary in order to offer you a requested service, irrespective of whether this request is to access our site or to order goods and  services from us.

5.1.3 We do not display the identity of our service providers publicly, for security reasons and for competition reasons. Nevertheless, if you want further information about the identity of service providers, please contact us directly by means of our contact form from the page https://abac.software/contact/ or by e-mail at the address contact@abac.software and we will provide you with such information in cases where you have a legitimate reason for requesting it.

  1. Legal ground for processing: 

According to Article 6 from EU Regulation 2016/679, in order to be legal, the processing of personal data has to be grounded on at least one of the alternative six legal grounds by which we can establish the legal character of personal data processing. It is the duty of each data operator to identify which of these cases they are, in order to have  a clear vision of the categories of personal data they process and thus to be adjusted to the requirements of the EU Regulation 2016/679 and to observe the rights of the persons in question. 

“If you are not sure what the legal ground for each processing part is, please contact us.”  

  1. consent – the person in question consented to the processing of his personal data for one or more specific purposes;
  2. concluding or performing a contract – the processing is necessary for performing a contract to which the person in question is part or to undertake the necessary steps upon the request of the person in question before concluding a contract; 
  3. fulfilling a legal obligation – the processing is necessary for fulfilling a legal obligation by the operator;
  4. legitimate interest – the processing is necessary for the purpose of legitimate interests pursued by the operator or a third party, with the exception of the case in which the interests or rights and fundamental freedoms of the person in question prevail, which requires the protection of personal data, especially when the person in question is  a child. 
  • Revealing your information to other third parties

5.2.1 We will reveal your information to third parties under certain circumstances, as it is shown below.

  1. Providing information to third parties, such as Google Inc., Facebook. Google collects information by using Google Analytics on our website. Google, Facebook use these pieces of information, including IP addresses and information from cookies, for several purposes, such as the improvement of the quality of our services and your navigation experience. The pieces of information are collected by Google and Facebook anonymously.

The legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation.)

Legitimate interests: improving the quality of our services. 

  1. Sharing your information with third parties, that are either linked to, or associated with the functioning of our business, in the case it is necessary for us. These third parties include consultants, affiliated persons or entities, business partners, independent contractors and insurers. Further information regarding each of these third parties is presented below.

The legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation.)

Legitimate interest: the functioning and efficient management of our business. 

  1. Consultants

Occasionally, we obtain pieces of advice from consultants, such as lawyers, audit companies, professionals in public relations, and sociological research companies. We will share your pieces of information with these third parties only when it is necessary to allow these third parties to offer us relevant consultancy. Our consultants are found in Romania.

  1. Affiliated persons or entities

These are the affiliated persons or entities with whom we work in order to promote our business by various means. The affiliated will share information with us and we will reveal them information in the case in which you expressed your interest towards our products or services and to perform the contractual obligations that we have towards you. Our affiliates are found in (Romania).

  1. Business partners

Business partners are the enterprises with which we work and that provide goods and services similar to those offered by us, that are complementary to our own business or that allow us to provide goods or services that we cannot offer on our own. We share information with our business partners, in case you requested services that they provide, either independently or in connection to our own services and to be able to fulfil our contractual obligations towards you. Our business partners carry out their activity in the field. Our business partners are found in the European Union. 

  1. Independent contractors

Occasionally, we use independent contractors in our business. Your information will be distributed to some independent contractors only in case it is necessary for them to fulfil the contracted service in connection with our business. Our contractors are found in Romania.

5.2.2 We do not display the identity of all other third parties with whom we can share information for security reasons and for preserving a competitive advantage. Nevertheless, if you want further information about the identity of such third parties, please contact us directly through the contact form from the page https://abac.software/contact or by e-mail at the address contact@abac.software and we will provide you with such information in cases where you have a legitimate reason for requesting it and only if we shared information with such third parties.

5.2.3 We will reveal your information to a potential or real buyer or seller in the context of a business sale, purchase, merge or similar real or potential event. 

The legal ground for processing: legitimate interest (article 6 paragraph (1) letter (f) from the General Data Protection Regulation).

Legitimate interest: we allow the access to information to a potential buyer, seller or similar person to allow the performance of such a transaction. 

5.3 Revealing and using your information for legal purposes 

  1. Indicating possible criminal acts or threats against public safety to a competent authority.

If we suspect that criminal behaviour or potential criminal behaviour took place, we will need, in certain circumstances, to contact a competent authority, such as the police. This could be the case, for example, if we suspect a fraud or a cybernetic crime has been committed or if we receive threats or malicious communications towards us or towards third parties. 

In general, we will have only to process your information for this purpose, if you were involved or affected by such an incident in some way.

The legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation).

Legitimate interest: preventing criminality or suspected criminal activity (such as fraud).

  1. Regarding the application or the potential application of our legal rights 

We will use your information regarding the implementation or the application potential of our legal rights, including, for example, the exchange of information with debt collection agencies, if you do not pay the owed amounts when you are contractually obliged to do so. Our legal rights can be contractual (in case we concluded a contract with you) or non-contractual (such as the legal rights that we have based on copyright or tort liability).

Legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation).

Legitimate interest: to impose our legal rights and to take measures to ensure our legal rights.

  1. Regarding a litigation or a legal or potentially legal procedure 

It is possibly necessary to use your information if we are involved in a litigation with you or with a third party, for example, either for dispute resolution or as part of mediation, arbitration or to implement a judicial decision or of a similar process. 

The legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation).

Legitimate interest: dispute resolution or that of potential litigations.

  1. For continuously abiding by laws, regulations, and other legal requirements 

We will use and process your information in order to observe the legal obligations to which we are subjected. For example, it is possibly necessary to reveal your information based on a judicial decision or a subpoena, if we receive one. 

The legal ground for processing: observing a legal obligation (article 6 paragraph (1) letter (c) from the General Data Protection Regulation).

Legal obligation: legal obligations to reveal information, established in our task by internal or international regulations (for example, in the form of an international agreement that Romania signed).

The legal ground for processing: our legitimate interests (article 6 paragraph (1) letter (f) from the General Data Protection Regulation).

Legitimate interest: in case the legal obligations are part of the laws of another country and were not integrated into the legal framework of Romania, we have a legitimate interest to observe these obligations.

6. How we collect data

6.1 We collect your personal data, directly from you, for example, when you send us an e-mail, in which you request an offer/information from us or when you offer us your data in order to conclude a contract or to subscribe to the newsletter.

6.2  We collect your personal data in an automated manner. When you use our services on the site of the Company, we collect pieces of information by means of cookies and by logging your activity. For further information regarding the use of cookies, please consult the cookie policy, available at https://abac.software/gdpr.

7. Information security

7.1 We take appropriate technical and organisational measures to ensure the security of your information and to protect it from unauthorised or illegal use and from loss or accidental destruction, including:

  • sharing and providing access to your data to a minimal necessary extent, subject to privacy restrictions, where applicable and anonymously, each and every time it is possible; 
  • using secure servers for storing information;
  • checking the identity of any person who requests access to information before providing them with access to information;
  • using the Secure Sockets Layer (SSL) standard to encrypt any information that you send us by means of any of the forms on our website; and
  • transferring your data only by means of a closed system or by encrypted data transfers.

 

7.2 Transmitting information to us by e-mail

Conveying information on the Internet is not entirely secure and if you send us information by means of the Internet (by e-mail or any other means), you do this entirely at your own risk.

We cannot be liable for any kind of expenses, profit losses, injuries to reputation, damage, debts, or any other form of loss and prejudice suffered by you as a result of your decision to send us information by such means.

8. The transfer of your data outside the European Economic Area (hereinafter “EEA”)

Your data will not be transferred to countries outside the EEA.

9.Your rights to personal data

9.1 Subject to certain restrictions, you have the following rights regarding your data, which you can exert by conveying a written request to us at: Cluj-Napoca, str. Gruia nr 27, 400171, jud. Cluj or by sending an e-mail to contact@abac.software:

  • to request access to your information and information regarding the use and processing of your information;
  • to request your data is corrected or erased;
  • to request a limited use of your data;
  • to receive the information you provided us in a structured file, usually used and that can be read by a device (for example, a CSV file) and the right to transfer the respective information to another data controller (including a third party data controller);
  • to object to the processing of your data for certain purposes (for further information, consult the section below entitled “Your right to object to processing data for certain purposes”); and
  • to withdraw your consent for using your data at any moment in which we rely on your consent to use or to process these pieces of information. Please bear in mind that, if you withdraw your consent, this will not affect the lawfulness of using and processing your data based on your consent before the moment at which you withdraw your consent.

9.2 Also, you can submit a complaint regarding the processing of your data to the National Supervisory Authority for Personal Data Processing (B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, postal code 010336, București, Romania, www.dataprotection.ro, anspdcp@dataprotection.ro).

9.3 Checking your identity in case you request access to your information

In case you request access to your information, we are obliged by law to use all reasonable measures in order to check your identity before doing this. 

These measures are conceived to protect your information and to reduce the risk of identity fraud, identity theft or unauthorised general access to your information.

How do we check your identity?

In case we possess adequate information on you in our database, we will try to check your identity using these pieces of information. 

If it is not possible to identify you based on these pieces of information or if we do not have sufficient information about you, it is possible that we request copies or certificates of some documents in order to check your identity before we can offer you access to your data. 

We will be able to confirm the exact data we need in order to check your identity in your specific circumstances if and when you make such a request.

9.4 Your right to object to data processing for certain purposes

You have the following rights regarding your data, which you can exert by writing to us at Cluj-Napoca, str. Gruia nr 27, 400171, jud. Cluj or by sending an e-mail to contact@abac.software:

  • to object to our using or processing information to fulfil a task of public interest or of our legitimate interest, including analysing or predicting your behaviour based on your information; and 
  • to object to using or processing your data for direct marketing purposes (including any profile we involve regarding this direct marketing).

9.5 Also, you can exert your right to object to our using or processing your data for direct marketing purposes: 

  • by clicking on the unsubscribe link included in the bottom part of any marketing e-mail that we send you and following the instructions that appear in your browser, after you click the respective link;
  • by sending an SMS that contains only the word “UNSUBSCRIBING” as an answer to any marketing communication that we send by text message or by accessing the link indicated in the received SMS; or
  • by sending an e-mail to contact@abac.software, requesting us not to send marketing communications anymore or by including the word “UNSUBSCRIBING”.

9.6 For further information about the way in which you can object to our using the collected data by means of cookie modules and similar technologies, consult our cookie policy, available here:https://abac.software/gdpr.

10. Minor privacy

We process data of persons under 18 years old, only with the consent of the legal representative, for carrying out the contracted services by the legal representatives of minors, in optimal conditions. 

It is possible to receive information regarding persons who have not turned 18 years old resulting from a fraudulent action by a third party. If we are notified about this, as soon as we check the information, when the law requires that, we will immediately obtain the consent of the legal representative in order to use these pieces of information or, if we cannot obtain this consent, we will delete the information from our servers. If you want to notify us about receiving information about persons under 18 years old, please do this by sending an e-mail to the address contact@abac.software.

11. Principles on which our data protection policy is based:

  1. a) Processing of personal data will be carried out in a legal, correct, and transparent manner;
  2. b) The collection of personal data will be carried out only for specified, explicit, and legitimate purposes and the data will not be further processed in an manner incompatible with those purposes;
  3. c) Personal data collection will be adequate, relevant, and limited to the information necessary for the purpose of processing;
  4. d) Personal data will be accurate, and where necessary, updated;
  5. e) All necessary measures will be taken to ensure that incorrect data is deleted or corrected without delay; 
  6. f) Personal data will be kept in a form that allows the identification of the person in question and for a period no longer than that in which the personal data is processed; 
  7. g) All personal data will be kept confidentially and stored in a manner that ensures the necessary security; 
  8. h) Personal data will not be distributed to third parties except for the case in which this is necessary for the purpose of offering services according to agreements; and 
  9. i) The persons in question have the right to request access to their personal data, its correction and erasing, opposing or restricting from data processing as well as from the right of data portability.

12. Changes of our privacy policy

12.1 We update and change our privacy policy periodically.

12.2 Minor changes of our privacy policy

In cases where we make minor changes to our privacy policy, we will update the Privacy policy with the date of revision mentioned at the beginning. The processing of your information will be governed by the practices established in the new version of the Privacy policy from its actual date. 

12.3 Major changes of our privacy policy or of the purposes for which we process your information.

In cases where we make major changes to our privacy policy or we intend to use your data for a new purpose or for a purpose different from the purposes for which we collected it initially, we will notify you by e-mail (if possible) or by the publication of a notice on our website. 

We will provide you with information on the change in question and on the purpose and any other relevant information before using your information for the new purpose. 

Each and every time it is necessary, we will obtain your prior consent before using your information for a different purpose than the purposes for which we collected it initially.