Who are we?
Genos is a Danish-Romanian software development and consultancy company with many years of experience, based in the heart of Bucharest.
We are always pursuing compliance with the applicable personal data protection provisions so that the personal data provided by customers, prospective customers or visitors to the GENOS website (the “Data Subjects”) should be processed in full compliance with the applicable personal data protection legislation.
What are personal data and what is the Data Protection Regulation?
“Personal data” are any information relating to an identified or identifiable natural person (the “data subject”), who can be identified, directly or indirectly, in particular by reference to an identifier (e.g. a name, an identification number, location data, an online identifier) or to one or more factors which are specific (to his or her physical, physiological, genetic, mental, economic, cultural or social identity).
Personal data processing should, irrespective of the nationality or place of residence of the relevant natural persons, respect their fundamental rights and freedoms, in particular the right to the protection of personal data.
As of 25 May 2018, European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and the free movement of such data (the “Regulation”) has been in effect, and it aims at contributing to the establishment of an area of freedom, security and justice.
We, the GENOS team, want to build this trust and to inform you about the ways in which we protect personal data and how we apply the provisions of the aforementioned Regulation.
What kind of personal data do we process and to whom do they belong?
The personal data processed by us are identification, demographic, transactional, financial, and location data.
What does personal data processing mean for GENOS; what is the legal basis thereof and what are the purposes for which said data are processed?
Data processing means the operations performed by us upon personal data (e.g. recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use and disclosure by transmission, dissemination or otherwise making available), based on one of the following legal grounds:
The personal data shall be used for the following purposes:
What are cookies?
These tools collect general information which your browser sends to our website, such as the type of browser and the address of the website you visited before accessing our website.
They also collect information about:
Your Internet Protocol (IP) address – this is a number automatically assigned to your computer or device whenever you connect online. This is a unique address assigned by your Internet service provider in a TCP/IP network. The IP address allows web servers to locate and identify your device.
We use the term “cookies” to refer to all the technologies that store and access information on the device you use to access our Services, such as your computer, tablet, or mobile phone. Also known as “browser cookies” or “tracking cookies”, cookies are small text files, which are often encrypted, and are located in the browser folders.
They are used to help users browse websites effectively and perform certain functions thanks to their primary role of improving/facilitating the use or processes of a website.
By changing browser settings, you can require your browser to stop accepting cookies, and to request permission before accepting cookies from the websites which you visit or to clear the cookies. For further information on how to change browser settings in terms of using cookies and how to block them, visit www.allaboutcookies.org.
To whom do we transfer personal data?
We want to make sure that we offer you the most competitive services possible, and that we also fulfill our contractual and legal obligations. Thus, we will transmit personal data to public authorities, notary offices, external consultants, lawyers, translators, financial and banking institutions, empowered persons to whom we have outsourced the provision of certain services and to other categories of recipients, in Romania or outside the European Union or the European Economic Area.
As regards the transfer of your personal data outside the European Union or the European Economic Area, we will ensure that the relevant organisations in these countries benefit from a decision on the adequacy of the level of protection or have issued adequate safeguards with regard to personal data protection.
How long do we process and retain personal data?
Personal data are processed throughout our contractual relationship (for the period required to fulfil the purposes of the processing) and, thereafter, for the period required by the applicable legal provisions in the field, including, but not limited to archiving provisions.
How do we protect personal data?
As both a Data Controller, and a Data Processor, GENOS implements appropriate technical and organisational measures to ensure an adequate level of security. We use encrypted processing means (VPN secured communication, Web access control or device control); we ensure the back-up of data stored in our systems; we regularly test and assess the effectiveness of the measures guaranteeing processing security.
How do we protect minors’ personal data?
Our services are not directed at minors and, therefore, we do not knowingly process the information, including personal data, of minors or other individuals who are legally incapable of benefitting from GENOS’s services. If we are notified that we have collected the personal data of a person under the age of 18, we will promptly delete such data, unless such processing is provided for by a legal obligation.
Please contact us if you believe that we have mistakenly or unintentionally collected personal data from a person under the age of 18.
What are the security measures taken by us to protect your personal data?
GENOS wants to take all necessary measures to protect your information against unauthorised access, loss, destruction or unauthorised alteration. Even if GENOS is always implementing and updating the administrative, technical and physical security measures to ensure the protection of your information, GENOS cannot guarantee at all times the security of the transmission or storage of your information online. Security measures include firewalls, password encryption, and access authorisation checks.
What are the rights of the data subject and how may they be exercised?
In accordance with the applicable legal provisions, you have the right to information, the right of access to the data, the right of intervention on the data, as well as the right to object to the processing of your personal data. You also have the right of data erasure (“the right to be forgotten”), the right of rectification, the right to restrict the processing, the right to data portability, the right not to be subject to an automated individual decision, and the right to file a complaint with the supervisory authority and to go to court.
You may exercise these rights at all times by submitting a signed and dated request to our Data Protection Officer, which you can contact on any issues relating to personal data protection: