Privacy Policy
November 2024
PRIVACY POLICY OF THE SITE http://keenget.ro
1. INTRODUCTION
Welcome to http://keenget.ro (the " Site ").
We, KEENGET SRL ., a limited liability company organized and operating according to Romanian legislation, having its registered office in Bucharest, Sector 3, Strada Halelor no. 5, Floor 2, registered at the Trade Registry Office next to the Bucharest Court under no. J2024029653007, having European Unique Identifier (EUID) ROONRC.J2024029653007 and Unique Registration Code 50675772 (" Keenget ", " Service ", " Website ", " We " and " Our "), as the operator of your data. personal data, we are dedicated to protecting your privacy and ensuring a safe online experience.
Our contact details:
Email: contact@keenget.ro
Phone: +40 31 229 7744
This Privacy Policy (" Privacy Policy ", " Policy ") explains how we collect, use and protect your personal data, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2017 with all subsequent changes and additions.
2. USE OF THE SITE
By using our Site, you consent to the practices described in this Policy. Please check this section regularly as the Policy may undergo changes or updates. Any significant changes to this Policy will be notified.
In addition to this Policy, please also carefully read the Cookies Policy and Terms and Conditions.
If you do not agree with this Policy and do not want your personal data to be processed in accordance with the provisions below, please do not continue to access our Site.
3. WHERE WE COLLECT PERSONAL DATA
Generally, the personal data we collect is provided by you. when you access Our Site, when you create your User account, when you place an order, if you fill in various forms on the Site or if you contact us, regardless of the method (phone, e-mail, post, etc. ), including if you interact with us on social media (like, share, reviews, comments, etc.) we will inevitably have access to information about you, especially information that is public. Also, your personal data is processed in the following situations: when concluding a contract with us, as a result of filling out the specific form; by participating in contests, raffles or other promotional events organized by us, in accordance with the regulations published on this site; and, if you expressly consent, for marketing purposes. Each processing is carried out in full compliance with data protection legislation and the purposes are clearly specified, ensuring transparency and respect for your rights.
4. HOW WE USE PERSONAL DATA
Please find below the purposes for which we process your data. personal data, who has access to your data, and how we store it, depending on where you are:
When you create your User account on the Site:
The data will be provided online by completing the fields related to the creation of a User account on the Site, at the time of submitting the request to create an account, which we remind you is done strictly for the purpose of using the services on the Site. In case your refuse to communicate this data to us, Keenget is unable to create a User account for you on the Site:
|
Data collected |
Purpose of processing |
The legal basis |
Storage period |
|
Name and Surname
|
User account registration, in order to rent Products and contract Services on the Site |
Art. 6, Para. (1) lit. b) from the GDPR – carrying out pre-contractual procedures and executing a contract
|
Throughout the existence of the User account on the Site, and if the User account has been closed, the data will be kept for a period of 3 years from the date of closure, the general civil limitation period, to which the limitation period is added of criminal liability in the case of forgery. |
|
|
|||
|
Phone number
|
|||
|
Home address / residence
|
|||
|
Payment card / bank account data
|
|||
|
Date of birth |
User account registration, in order to rent Products and contract Services on the Site |
Art. 6, Para. (1) lit. b) from the GDPR – carrying out pre-contractual procedures and executing a contract
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest in order to prevent the use of the Website by minors |
Throughout the existence of the User account on the Site, and if the User account has been closed, the data will be kept for a period of 3 years from the date of closure, the general civil limitation period, to which the limitation period is added of criminal liability in the case of forgery. |
When you place an order and the order is APPROVED:
In addition to the data collected on the date of creation of the User account on the Site, when you place an order, you will provide us online, at the time of sending the order placement request, by completing the order form, a series of additional data to those collected during registration. In case your refuse to communicate this data to us, Keenget is unable to process your order:
|
Data collected |
Purpose of processing |
The legal basis |
Storage period |
|
CNP (Personal Numeric Code) |
· Identity verification; · Checking creditworthiness and solvency; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – carrying out pre-contractual procedures and executing a contract.
Art. 6, Para. (1) lit. f) of the GDPR – the legitimate interest for the purpose of checking the creditworthiness and solvency of the user, issuing invoices, verifying the identity of the customer. |
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
Delivery address |
· Conclusion of the rental contract; · Delivery of the ordered product. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest for the purpose of verifying the customer's identity.
|
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
Financial data (account statement for the last 6 months) |
· Checking creditworthiness and solvency; · Conclusion of the rental contract.
|
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest for the purpose of checking creditworthiness and solvency. |
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
Employment status |
· Checking creditworthiness and solvency; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest for the purpose of checking creditworthiness and solvency. |
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
Monthly salary / monthly income obtained from liberal professions |
· Checking creditworthiness and solvency; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest for the purpose of checking the creditworthiness and solvency. |
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
The image from the identity document |
· Identity verification; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) of the GDPR – the legitimate interest for the purpose of identity verification. |
Throughout the contractual period and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery. |
|
The image recorded in photographs and recordings on the occasion of identification |
· Identity verification; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) of the GDPR – the legitimate interest for the purpose of identity verification. |
For the entire duration of the contract and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery |
|
Biometric face map |
· Identity verification; · Conclusion of the rental contract. |
Art. 6, Para. (1) lit. b) from the GDPR – execution of a contract.
Art. 6, Para. (1) lit. f) of the GDPR – the legitimate interest for the purpose of identity verification. |
For the entire duration of the contract and thereafter, for a period of 3 years from the date of termination, the general civil limitation period, to which is added the limitation period for criminal liability in the case of forgery |
When the rental agreement is in force, we may also process location data (GPS coordinates) via the rented electronic equipment, which may be equipped with geo-location systems and tracking devices. Upon termination of the rental agreement, the rented electronic equipment is reset to factory settings, all data, settings and personal information are irreversibly deleted, the User's account on the device, where applicable, is irreversibly disabled. We recommend transferring your data and personal information before returning the electronic equipment, We do not assume responsibility for the loss of this data under any circumstances.
When you place an order, but the rental contract is not concluded for various reasons (withdrawal of the rental request, rejection of the rental request, failure to fill in the order form correctly, etc.), the collected data is kept for a period of max. 1 year for the possibility of checking the Users, if they place an order again in the previously mentioned period, except in the case where the User requests the deletion of personal data.
When you interact with Us through the communication channels available on the Site:
|
Data collected |
Purpose of processing |
The legal basis |
Storage period |
|
Surname and Surname, E-mail, Telephone number, Other personal data provided in your request. If you contact us by phone, we may store and retain audio recordings of the calls. |
To be able to respond to any questions, complaints or recommendations and to be able to improve our services and the experience we offer to our Users. |
Art. 6, Para. (1) lit. f) from the GDPR – the legitimate interest
|
Max. 1 year from the date of the last interaction. |
Commercial and marketing communications:
|
Data collected |
Purpose of processing |
The legal basis |
Storage period |
|
Name and Surname, Email, Phone number |
To be able to respond to any questions, complaints or recommendations and to be able to improve our services and the experience we offer to our Users. |
Art. 6, Para. (1) lit. a) from the GDPR - based on your consent.
Art. 6, Para. (1) lit. f) of the GDPR – in legitimate interest if you are already our customer, and the information we want to communicate to you would be of great interest to you.
|
If we process them on the basis of your consent, until withdrawal, and if we process them on the basis of legitimate interest, for the duration of the execution of the contract and for another 3 years after termination. |
Data processed automatically when browsing the Site:
When you access Our Site, we collect data about you. through online identifiers (cookies, IP address, geographic location, links you access on the Site), which are stored in log files. We use this information to be able to design our website so that we can better adapt to the needs of our Users. We may also use your address. IP to help diagnose possible malfunctions of Our servers and to manage Our Site, keep our website secure and prevent fraud, authorize the use of services available on Our Site, to analyze trends, to track visitor movements and to collect general demographic information to help identify visitor preferences. Where necessary, you will be asked for your consent to the use of cookies. To view more information about what cookies we use and how we use them, as well as how you can delete cookies and disable tracking, visit our Cookie Policy.
5. DATA SECURITY
We attach great importance to the protection of your personal data and implement appropriate technical and organizational measures to guarantee its security. These measures are adapted to the specific risks and categories of data processed and include protection against unauthorized access, modification, loss, destruction or illegal processing thereof. We ensure that data is properly protected and will not be disclosed to third parties without authorization.
However, it is important to note that despite our best efforts, no data transmission can be guaranteed to be 100% secure.
If you have reason to believe that the confidentiality of your data has been compromised, please contact us immediately at contact@keenget.ro .
We also want to inform you that at the end of the data retention period, it will be deleted. If we consider that said information could contribute to improving the quality of our products or services, we will use the data exclusively after it has been anonymized in an irreversible way.
Keenget does not intentionally collect information from persons under the age of 18 through the Site. Access to and use of the Site by minors is deemed to be made with the implied consent of the legal guardian, who allows navigation of the Site by the dependent minor. If we discover that a minor has used the site without the approval of a legal representative, we will immediately delete all personal data associated with him.
6. YOUR RIGHTS.
Depending on applicable national law, as a data subject under the GDPR, you may have certain rights in relation to the Personal Data we collect about you, including:
- Right of Access: You can request confirmation from us regarding the processing of your Personal Data. At your request, we will provide you with information about the categories of Personal Data we process, the purposes of the processing, the recipients to whom your data has been or will be disclosed and the anticipated period of storage or the criteria used to determine this period.
- Right to Withdraw Consent: You have the right to withdraw your consent at any time by contacting us, if the basis for the processing was your consent. This can be done by replying to the withdrawal request email, after which your Personal Data will be deleted immediately. However, withdrawing consent may limit your ability to use certain aspects of our Service.
- Right to Object: If our processing is based on legitimate interests to operate, maintain and develop our business, you have the right to object to this processing at any time. We will stop processing your Personal Data unless it is necessary to provide our Services or we can demonstrate compelling legitimate grounds that override your interests, rights or legal claims. Regardless of any prior consent for direct marketing, you have the right to opt-out from the use of your Personal Data for such purposes by contacting us or using the opt-out options provided in our marketing communications where applicable.
- The Right to Restriction of Processing: You can request the restriction of the processing of your Personal Data under certain conditions, provided by the applicable data protection legislation. For example, this may include allowing us to verify the accuracy of your data after you dispute it, or preventing the deletion of Personal Data that is no longer necessary for processing but is still necessary for legal claims. Restriction of processing may affect your ability to fully use the Website.
- Right to Data Portability: You have the right to receive your Personal Data from us in a structured, commonly used and machine-readable format. You may also request that we transmit this data to a third party, in particular if the processing is based on your consent and is carried out by automated means.
- The Right to File a Complaint: You can file a complaint with the supervisory authority for data protection: the National Supervisory Authority for the Processing of Personal Data by completing the online form available on the website www.dataprotection.ro . Without in any way affecting your right to contact the National Supervisory Authority for the Processing of Personal Data, please respectfully contact us first. We assure you that we will make every effort to resolve the situation in an efficient and satisfactory manner for you, taking into account both your rights and legal interests.
- The right to request the rectification or deletion of data: In accordance with the provisions of Article 17 of Regulation (EU) 2016/679 on the protection of personal data, you have the right to request the deletion of your personal data if one of the following situations applies: the data does not are still necessary in relation to the purposes for which they were collected or processed, you withdraw your consent and there is no other legal basis for the processing, or if the data has been processed illegally. You also have the right to request the correction of inaccurate or incomplete data.
- The right not to be subject to a decision based solely on automated processing, including profiling: In accordance with Article 22 of Regulation (EU) 2016/679, this right does not apply if the decision: (a) is necessary for the conclusion or execution of a contract between the data subject and a data controller; (b) is authorized by Union law or domestic law that applies to the operator and that also provides for appropriate measures to protect the rights, freedoms and legitimate interests of the data subject; or (c) is based on the explicit consent of the data subject.
To exercise any of your rights, please use the features available on the Site. If these are not sufficient, you may send us a letter or email to the address provided in this Privacy Policy, including your name, address, telephone number, email address and a copy of a valid ID. We may request additional information to verify your identity. We reserve the right to reject requests that are unreasonably repetitive, excessive or manifestly unfounded.
7. CONTRACTORS
We have the right to work with third party IT service providers who provide website development, hosting, maintenance, cyber security monitoring and intrusion detection, customer relationship management system providers, advertising and other services. They may be located outside the EEA. In the case of collaboration with third parties, we are not responsible for the privacy policy of the third parties, however, in the event that the third parties with whom we collaborate have a different GDPR policy than that presented in our documents, we will contact you to request to consult their policy.
All data transfers are carried out in accordance with the public offer and security regulations. The transfer of personal data to countries outside the European Economic Area may only be possible if we have obtained your consent for this. If we use providers from third countries that do not have an adequate level of personal data protection, and you express your consent, the transfer of personal data to this third country will be made in accordance with the provisions of article 49 (1) letter. (a) of Regulation (EU) 2016/679. According to this article, the transfer is possible based on the explicit consent of the data subject, after he has been fully informed about the risks involved in this transfer. All data processed by us is stored exclusively in secure hosting facilities provided by Google Hosting.
We use a third-party payment processor, currently Shopify Payments ("Payment Processors") to help process your information securely. payment. If you pay by credit card, the payment information you provide through the Services is encrypted and transmitted directly to the Payment Processor. We do not store your information. payment and we do not control and are not responsible for Payment Processors or the collection or use of your information. You can learn more about how Payment Processors store and use your information. of payment by accessing the Privacy Policy of Payment Processors.
We may share your Personal Data with our technical specialists in connection with the services they provide to us. If we share your Personal Data with these processors, we will require the recipient to keep it confidential and secure by entering into a confidentiality agreement. In order to provide you with our services, we may provide personal data to courts, lawyers advising other parties in a case or other professionals (such as foreign law firms, patent agents, forensic accountants or litigants).
8. INTERNATIONAL DATA TRANSFERS
Keenget shares personal data with its partners operating outside the European Economic Area ("EEA"):
- Third parties placing cookies: Google;
In the context of online platforms, these are the entities responsible for processing your personal data, having the capacity of data operators. In this regard, our influence on how this data is handled is limited to a significant extent. Therefore, we recommend that you carefully consult the privacy policy of these platforms, in order to better understand the way in which they process your information.
Personal data may be stored and processed in any country where we collaborate with service providers. Thus, we may transfer the personal data we hold about you to recipients in countries other than the one in which the data was originally collected. These countries may have different data protection regulations than your country. However, we will take all necessary steps to ensure that these transfers comply with applicable data protection legislation and that your personal data is protected in accordance with the standards set out in this privacy policy. In certain cases, authorities in those countries, such as courts, law enforcement or regulatory agencies, may have the right to access your personal data. In such cases, you have the possibility to withdraw your consent to the transfer of data at any time, if the transfer was based on your consent.
If the relevant legislation requires us to ensure that an international data transfer complies with a protection mechanism, we will use one of the following tools:
- EU Standard Contractual Clauses with a non-EEA or UK data recipient
- Verifying that the recipient has implemented mandatory corporate rules
- We will also ensure that all our international partners have adopted additional measures to provide adequate safeguards, enforceable rights and effective legal remedies. The role of these measures is to provide additional guarantees to data subjects that the transfer of data under standard contractual clauses or binding corporate rules provides a level of protection equivalent to that guaranteed within the European Union.
9. MISCELLANEOUS
Response Period - We will make every effort to respond to your request within 30 days. However, this term may be extended depending on specific legal requirements or the complexity of the request.
Access restriction - In certain situations, we may not be able to provide full or partial access to your personal data due to legal restrictions. If your access request is denied, we will inform you of the reason for the denial.
Impossibility of identification - In specific cases, it may be impossible for us to identify personal data, due to the lack of the necessary identification information in your request. If you do not provide additional details that allow us to identify you, we will not be able to respond to your request to exercise the legal rights mentioned in this section.
To exercise your legal rights, please contact us at contact@keenget.ro .