THE HERMANN OBERTH INTERNATIONAL GERMAN SCHOOL (hereinafter referred to as “data controller”) assumes full responsibility and commitment to the establishment, implementation and maintenance of this data protection policy, guaranteeing the continuous improvement of data base operations in order to ensure high compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (DOUE L 119/1, 04-05-2016) and regulations regarding the Protection of personal data in Romania (organic law, sector specific legislation and its regulations).
The Data Protection Policy of the HERMANN OBERTH INTERNATIONAL GERMAN SCHOOL is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework governing that Policy.
1.Data protection by default: the data controller will apply appropriate technical and organizational measures to ensure that only personal data which is necessary to achieve specific purposes is processed.
- Data protection life cycle: includes measures to ensure the protection of personal data will be applicable throughout the data lifecycle.
- Lawfulness, fairness and transparency: personal data will be processed lawfully, fairly and transparently.
- Purpose limitation: personal data will be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data minimization: personal data will be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
- Accuracy: personal data will be accurate and up to date; every reasonable step shall be taken to ensure that personal data that is inaccurate is erased or rectified without delay.
- Storage limitation: personal data will be stored in a form which permits identification of data subjects for no longer than is necessary for processing purposes.
- Integrity and confidentiality: personal data will be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
- Information and training: one of the keys to ensuring the protection of personal data is the training and informing of the staff involved in its processing. Throughout the data life cycle, members of staff with access to data will be adequately trained and informed of their obligations regarding GDPR compliance.
The Data Protection Policy of the HERMANN OBERTH INTERNATIONAL GERMAN SCHOOL is communicated to all the members of the staff responsible for processing and is made available to all interested parties.
This Data Protection Policy thus involves all of the data controller’s personnel, who must be aware of and follow it, considering it as their own, with each member of personnel being responsible for maintaining the Policy, verifying the data protection regulations applicable to their activity, and identifying and contributing to the improvement opportunities they consider appropriate with the aim of achieving excellence in relation to compliance.
This Policy will be reviewed by the Management / Governing Body of the HERMANN OBERTH INTERNATIONAL GERMAN SCHOOL as often as necessary to ensure that it conforms at all times to the personal data protection provisions in force.
Your data is safe with us
This information is in accordance with personal data protection regulations.
Europe and Romania feature data protection regulations designed to protect your personal information; these are mandatory for our institution.
For this reason, it is very important that you fully understand how we process the personal data we request.
We aim to be transparent and give you full control over your data, benefitting from clear instructions and options that will allow you to decide how we process your personal information.
If you have any questions upon reading this information, do not hesitate to contact us.
Name: HERMANN OBERTH INTERNATIONAL GERMAN SCHOOL
Tax Identification Number: 18826600
Economic activity: EDUCATION
Telephone number: +40 21 231 2045
E-mail address: email@example.com
Do not hesitate to contact us.
How will we use your data?
Your personal data will generally be used to identify and to provide you with our services.
It can also be used for other purposes, such as advertising or promoting our activities.
Why do we need to use your data?
Your personal data is necessary in order to be able to interact and offer you our services.
Who will be aware of the information we ask for?
Generally, only our entity’s authorized personnel may be aware of the information we request.
Similarly, the entities that need access to it so that we can provide our services may receive your personal information. Thus, for example, our bank will process your data if payments for our services are made by card or bank transfer.
Likewise, the public or private entities to which we are obliged to provide your personal data due to lawful compliance will be able to process your information. For example, the General Tax Law requires you to provide certain information to the Revenue Agency in case of payments exceeding certain amounts.
If, regardless of the aforementioned instances, we need to disclose your personal information to other entities, we will seek your prior permission through clear options that will allow you to make informed decisions.
How will we protect your data?
We will protect your data through efficient security measures designed to minimize the risks involved in processing your information.
To this end, our entity has approved a Data Protection Policy reinforced by annual check-ups and audits which are performed in order to verify that your personal data is secure at all times.
Will we share your data with other countries?
There are countries in the world that are safe for your data and others that are not. Thus, for example, the European Union represents a secure environment for your data. Our policy forbids the sending of your personal information to any country that is not secure in terms of data protection.
If, for the purpose of providing our services, it is essential that we send your data to a country which is not as secure as Romania in terms of data protection, we will always ask for your permission in advance; moreover, we will apply efficient security measures that reduce the risk of information transmission to other countries.
How long will we keep your data?
We will keep your data for the length of our agreement and for as long as we are lawfully required to. Once the applicable legal deadlines have ended, we will proceed to safely erasing the data.
What are your GDPR individual rights?
You can contact us at any time to find out the personal information we process, to rectify it in case of inaccuracies and dispose of it once our agreement has ended, in accordance with legal regulations.
You also have the right to request the transfer of your information to another entity. This right is called "data portability" and can prove useful in particular situations.
To claim any of these rights, you must initiate a written request to us, along with a photocopy of your ID.
We offer specific forms aimed at soliciting these rights and we offer you our assistance in filling them out.
To find out more about your data protection rights, please access the website of the National Authority for the Supervision of Personal Data Processing: www.dataprotection.ro.
Can you withdraw your consent if you change your mind later?
You can withdraw your consent if you change your mind about the use of your personal data at any time.
In case you were once interested in receiving advertising for our products or services but no longer wish to receive additional marketing samples, you may let us know about your decision by using the statement of opposition template available at our office.
Our policy does not involve user profiling.
However, there may be situations where we need to create user profiles for the purpose of providing certain services to our clients. A relevant example might be the use of your purchase or service history to provide you with products or services tailored to your specific tastes and needs.
In this case, we will employ efficient security measures that keep your information secure at all times and safe from unauthorized persons who might intend to use it for their benefit.
Will we use your data for other purposes?
Our policy does not involve the use of your data for purposes other than the aforementioned. However, we will always ask your permission in advance if we need to use your data for various activities; in this case, clear options will be provided to you.