Bravo Solutions
Introduction
Thank you for your interest in our company, our products and/or our services. When you enter into any kind of relationship with us, you entrust us with your data.
The purpose of this Privacy Policy is to explain to you what data we process, why we process it and what we do with it. We take the privacy of our customers very seriously and never sell lists containing email addresses or other personal data. Being fully aware that your personal information belongs to you, we do our best to store it securely and process it carefully. We do not provide information to third parties without informing you.
This information is important. We hope you read it carefully.
This notice informs you about the personal information we process about you in relation to our organization. In collecting this information, we act as a controller and, by law, we are obliged to provide you with information about us, why and how we use your data and about the rights you have over your data.
Other Services
This Privacy Policy does not cover third-party applications and websites that you may reach by accessing links on our website (such as Facebook, Google+, YouTube). This is beyond our control. We encourage you to review the Privacy Policy on any website and/or application before providing personal data.
Who are we?
BRAVO SOLUTIONS SRL is a company with its registered office in Pielești, str. Calea București, no. 113, jud. Dolj, no. registration J16/857/1995, tax code RO7510066 (hereinafter referred to as “BRAVO SOLUTIONS;” or “the Company”), e-mail office@bravosolutions.ro, telephone 0742.933.724, responsible for the processing of your personal data that we collect directly from you or from other sources.
In order for your data to be processed securely, we have made every effort to implement reasonable measures to protect your personal information.
BRAVO SOLUTIONS; complies with the EU General Data Protection Regulation no. 2016/679 (hereinafter referred to as “GDPR”) and national legislation.
Who are you?
According to the legislation, you, the natural person benefiting from our services or a person in any kind of relationship with our company (such as our client, our potential client, the visitor to the website), are a “data subject”, i.e. an identified or identifiable natural person. In order to be completely transparent about data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate communication between us, the data controller, and you, the data subject.
Objectives
This data protection policy ensures:
Compliance with personal data protection legislation and best practices at this level; Protection of the rights of data subjects: for example, partners, customers, employees; How personal data of individuals is stored and processed; Protection of the company and personal data from possible risks related to data security breaches.
Reference documents
Regulation (EU) No. 679/2016 describes how companies – including BRAVO SOLUTIONS; SRL – must process personal data. These rules apply regardless of whether the data is stored electronically, on paper or on other media.
In order to comply with the law, personal information must be collected and used lawfully, fairly, fairly, adequately and in a manner limited to the purpose for which it was collected and must be stored securely.
Definitions
There are a total of 26 definitions listed under the GDPR. Of these, we include the most relevant definitions for this policy below:
Personal data - any information relating to an identified or identifiable natural person ("data subject");
Data subject - an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
Introduction
Thank you for your interest in our company, our products and/or our services. When you enter into any kind of relationship with us, you entrust us with your data.
The purpose of this Privacy Policy is to explain to you what data we process, why we process it and what we do with it. We take the privacy of our customers very seriously and never sell lists containing email addresses or other personal data. Being fully aware that your personal information belongs to you, we do our best to store it securely and process it carefully. We do not provide information to third parties without informing you.
This information is important. We hope you read it carefully.
This notice informs you about the personal information we process about you in relation to our organization. In collecting this information, we act as a controller and, by law, we are obliged to provide you with information about us, why and how we use your data and about the rights you have over your data.
Other Services
This Privacy Policy does not cover third-party applications and websites that you may reach by accessing links on our website (such as Facebook, Google+, YouTube). This is beyond our control. We encourage you to review the Privacy Policy on any website and/or application before providing personal data.
Who are we?
BRAVO SOLUTIONS SRL is a company with its registered office in Pielești, str. Calea București, no. 113, jud. Dolj, no. registration J16/857/1995, tax code RO7510066 (hereinafter referred to as “BRAVO SOLUTIONS;” or “the Company”), e-mail office@bravosolutions.ro, telephone 0742.933.724, responsible for the processing of your personal data that we collect directly from you or from other sources.
In order for your data to be processed securely, we have made every effort to implement reasonable measures to protect your personal information.
BRAVO SOLUTIONS; complies with the EU General Data Protection Regulation no. 2016/679 (hereinafter referred to as “GDPR”) and national legislation.
Who are you?
According to the legislation, you, the natural person benefiting from our services or a person in any kind of relationship with our company (such as our client, our potential client, the visitor to the website), are a “data subject”, i.e. an identified or identifiable natural person. In order to be completely transparent about data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate communication between us, the data controller, and you, the data subject.
Objectives
This data protection policy ensures:
Compliance with personal data protection legislation and best practices at this level; Protection of the rights of data subjects: for example, partners, customers, employees; How personal data of individuals is stored and processed; Protection of the company and personal data from possible risks related to data security breaches.
Reference documents
Regulation (EU) No. 679/2016 describes how companies – including BRAVO SOLUTIONS; SRL – must process personal data. These rules apply regardless of whether the data is stored electronically, on paper or on other media.
In order to comply with the law, personal information must be collected and used lawfully, fairly, fairly, adequately and in a manner limited to the purpose for which it was collected and must be stored securely.
Definitions
There are a total of 26 definitions listed under the GDPR. Of these, we include the most relevant definitions for this policy below:
Personal data - any information relating to an identified or identifiable natural person ("data subject");
Data subject - an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity; What are the legal grounds for processing personal data?
The processing of your data may be based on:
the conclusion and execution of the contract (establishing your identification and billing data, the address where the installation will be carried out); the legitimate interest of the Operator (customer satisfaction questionnaires, management of the agreement for commercial purposes, etc.); the consent of the data subject (such as sending marketing communications, cookie modules); the legal obligation of the Operator (for example, reporting and informing public authorities); the defense and/or exercise of a right in court; steps to conclude the employment contract. In order to conclude or execute a contract or to apply measures, at your request, before concluding a contract, we need certain personal data to fulfill contractual obligations (invoicing, delivery, installation, customer service) and/or comply with legislation, such as accounting legislation.
With regard to data processing for marketing purposes, the legal basis for the processing of personal data is your consent, which you can withdraw at any time, as stated in this document.
Please note that in certain situations, if you do not provide us with the above data, we will not be able to provide our services and products, as your data is necessary for the conclusion of the contract, invoicing, installation, etc.
What kind of personal data do we process about you?
Since we apply the principle of minimization, we are committed to collecting only those data that are truly necessary. Thus, we inform you that the personal data that the Company processes are personal data that we collect from you or from other sources, such as:
identification data, for example: name and surname, home address / residence, personal identification number, unique identification code, identity card series and number, passport series / number in the case of non-residents or other data with an identification function; financial data (e.g. bank account); contact data (landline/mobile phone number, e-mail address, installation address) and other personal data (CV, medical certificates, diplomas, skills, studies);
These data are necessary for activities such as: preparing the offer, concluding, executing, amending or terminating the Contract, remedying any non-conformities, receipts and payments into bank accounts, resolving complaints.
For what purposes do we collect this data?
BRAVO SOLUTIONS; collects personal data in order to achieve the following purposes:
General operations BRAVO SOLUTIONS; We collect personal data to carry out business operations with individuals or legal entities (such as organizing work visits to the company's headquarters for partners, agencies, etc.)
Response to the Data Subject's requests The Data Subject provides personal data, including name, email address or other contact information when we are contacted by phone, email, mail or using our digital platforms. This personal information allows us to respond to requests regarding issues related to BRAVO SOLUTIONS products;, details regarding measurements and price offers for the installation of BRAVO SOLUTIONS products;, to set up a service visit for a window or to respond to complaints under the BRAVO SOLUTIONS warranty;. The information provided may be transmitted to BRAVO SOLUTIONS; or to other BRAVO SOLUTIONS business partners;, to independent installers or distributors in order to be able to provide assistance to customers in connection with their requests or to provide services or a price offer.
Customers and Potential Customers We may collect personal data of customers and potential customers, including first and last name, contact information, payment and credit card information, credit information and other information that we need to carry out operations with that individual or organization. This information may be disclosed to distributors and logistics partners in order to process a customer's order, including in order to arrange for the delivery of BRAVO SOLUTIONS products; to customers or in order to respond to requests.
Business Development The personal information provided by the Data Subject and the personal information that we collect on our digital platforms will be used to increase the level of understanding of our customers and to ensure relevant communication in all aspects of the relationship between you and BRAVO SOLUTINOS. Personal data will also be used to develop new products and services or improve existing ones.
Customer and Visitor Surveys We may collect personal data from visitors to our digital platforms or from customers for the purpose of processing in the context of conducting surveys regarding our products and services. Your personal data will not be used for marketing communications without your consent.
Potential employees or contractors When an individual applies for a position with BRAVO SOLUTIONS; or enters into a contract with us, we may collect certain personal data, such as name, contact information, employment history information, educational qualifications, relevant background checks and information regarding professional interests. This may be collected directly from the individual, from a recruitment consultant and from the individual’s previous employers or from other individuals, including from publicly available references and sources. This information is used to inform or assist us in making a decision regarding whether to make an offer of employment or to enter into a contract with that individual.
In order to comply with the law We may collect personal data in accordance with the requirements or permissions of the legislation in force, such as, for example, providing your personal information to the prosecutor's office, police, courts and other authorized state bodies, based on and within the limits of legal provisions and as a result of expressly formulated requests.
Other purposes for which we process data are the following:
to respond to questions and requests; for marketing purposes, but only if we have your prior consent; to provide and improve the services and products we offer; to diagnose or fix technical problems; to defend ourselves against cyber attacks; to create and/or maintain accounts; to establish or claim a right in court;
Absence of an automated decision-making process
We do not make automated decisions with legal or other similar effects regarding you, however, to the extent that this will change in the future, we will inform you accordingly and allow you to exercise all legal rights.
To whom do we transmit your personal data?
In order to always ensure the quality of our products and services, we have constant partnerships with various suppliers to whom we can transmit your data, who process them either as Processors or as associated operators, in the latter case they are directly responsible for compliance with the legislation in the field of personal data protection.
We constantly make reasonable efforts to ensure that these third parties have implemented adequate protection and security measures. With these third parties (processors) we have contractual clauses so that your data is protected.
The categories of recipients of personal data may be:
product suppliers and / or subcontractors of the Operator for the execution of the Contract (e.g. PVC carpentry supplier); IT solution providers (such as Google Analytics, email marketing providers -Mailchimp); sales agents; resellers; independent experts subcontracted by the Operator for the assessment and remediation of any non-conformities of the products and / or assembly; companies that offer postal/courier services; payment service providers; market research companies/customer satisfaction surveys; public authorities (ANAF, Ministry of Public Finance, National Authority for Consumer Protection, etc.); courts or arbitration courts, as well as authorities competent to investigate the commission of criminal acts; other subcontractors of the Operator (Travel agents, hotels, etc.).
We may also share your data with business partners as a result of a joint effort to offer a product or service.
Although unlikely, we may sell the business or part of the business in the future, which will include the transfer of your data.
We may also transfer your data to other parties with your consent or according to your instructions (for example, the situation in which you direct us to transfer your personal data to third-party platforms or websites, such as social media pages, or in the situation in which we comply with a data portability request).
We may also provide your personal information to the prosecutor's office, police, courts and other authorized state bodies, based on and within the limits of legal provisions and as a result of express requests.
We will ensure, within reasonable limits, that your data does not leave the European Economic Area, but, to the extent that we transfer data to countries outside the EEA, we will ensure, in all cases, that the transfers are legitimate, based on your explicit consent or another legal basis. For example, as mentioned above, we may transmit data to the USA through the Google Analytics and Mailchimp platforms, but these providers are included in the Privacy Shield and your data is, according to European law, safe. For more information, please access https://policies.google.com/privacy?hl=ro and https://mailchimp.com/legal/privacy/.
How long do we store personal data?
The company does not have a “Keep everything” approach. This is neither practical nor cost-free, nor does it comply with the principle of storage limitation, set out in Regulation (EU) 679/2016. However, some personal data will be retained, among other things, because we are required by law or to protect our commercial interests. Among the reasons, we list:
Litigation; Compliance with the law; Protection of intellectual property; Protection of trade secrets; Investigation of security incidents.
To determine the period for which the data will be processed, we take into account the contractual period until the expiry of the contractual obligations and the archiving periods, both legal and internal. Also, in order to exercise and defend our rights in the event of legal proceedings, the general limitation period of 3 years is included in the calculation of the storage period.
Personal data of customers: 10 years from the signing of the contract, for the duration of the warranty. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of potential customers: 3 years from the time of the offer. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of job candidates: 3 years after the interview. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of employees: 3 years after the termination of the employment contract, with the exception of employment contracts (75 years) and payrolls (50 years). After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Accounting documents: 10 years. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Data of business partners or external collaborators: 10 years after the termination of the contract. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Data processed for direct marketing: until the withdrawal of consent. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Other personal data will be kept for the period required by law, and in the absence thereof for a period of 3 years from the last interaction of any kind with the data subject.
Processing of data for direct marketing purposes
We can use personal data only with your consent and at your request, to inform you about BRAVO SOLUTIONS operations, products, services, promotional offers and other news;. However, if you are already our client, we can send you, pursuant to law no. 506/2004, offers regarding similar goods and services offered by our company, but you have, in all cases, the right to object and then commercial communications will cease. If you do not wish to receive further information, you can easily and free of charge unsubscribe from our marketing communications at any time. To do this, please send an email to office@bravosolutions.ro with the subject UNSUBSCRIBE. If you unsubscribe from our marketing communications, we will delete your personal data within 30 days, unless these data are also processed for other purposes mentioned in Section 13. What are your rights?
Right to withdraw consent The data subject has the right to withdraw consent where this constitutes the legal basis for the processing of his or her personal data (i.e. the processing is not based on another legal basis, such as a contract, a legal obligation, a legitimate interest, vital interests or public interest). Before we stop processing the data subject's personal data, we will check whether we have another legal basis on which we process the data. If we do not have another legal basis, we will comply with the request. We will not tacitly migrate from consent to another legal basis, but will ensure, in all cases, that the additional basis has been established in advance. Where the processing concerns the personal data of a minor (defined by the GDPR as a person under 16 years of age), the granting or withdrawal of consent must be authorised by the holder of parental responsibility. In most cases, the granting and withdrawal of consent will be available electronically, i.e. online. Regardless of the decision we take, we will inform you accordingly within a reasonable period.
Right to information When personal data are collected from the data subject or obtained from another source, we are obliged to inform the data subject about the use of these data and the rights over them.
Right of access The data subject has the right to request from the Company confirmation that personal data are processed, and if so, has the right to obtain a copy of these data, as well as the following information:
The purposes of the processing; The categories of personal data concerned; The recipients or categories of recipients of the data, if any, in particular any third countries or international organisations; The duration of storage of the personal data (or the criteria used to determine this period); The rights of the data subject to rectification or erasure of his or her personal data and restriction of or opposition to processing; The right of the data subject to lodge a complaint with a supervisory authority; Information on the source of the data, if it does not come directly from the data subject; Whether the personal data will be subject to automated decision-making, including profiling and, if so, the logic of such decision or profiling and the possible consequences involved; Where the data are transferred to a third country or an international organisation, information on the safeguards that apply.
We will not be able to comply with such a request when the request is manifestly unfounded or excessive or when we are bound by a legal obligation of confidentiality.
Right to rectification If the personal data are inaccurate, the data subject has the right to request the correction and completion of incomplete personal data based on the information they provide. If necessary, the Company will take additional steps to verify that the information provided by the person is accurate before making the change.
Right to erasure ("right to be forgotten") The data subject has the right to request the Company to erase personal data concerning him or her without delay in the following cases:
the personal data are no longer necessary for the purposes for which they were collected or processed; the data subject withdraws consent on which the processing is based and there is no other legal basis for the processing; the data subject objects to the processing and there are no overriding legitimate grounds for the processing; the personal data have been processed unlawfully; the personal data must be erased for compliance with a legal obligation to which the controller is subject under Union or national law to which the controller is subject; the personal data have been collected in connection with the provision of information society services to children.
The company will have to make a decision on such a request. The data will not be erased if:
the data are necessary for the exercise of the right to freedom of expression and information; the data are necessary for the performance of a legal obligation; for reasons of public interest in the field of public health; for archiving purposes in the public interest; for the establishment, exercise or defence of legal claims.
Right to restriction of processing The data subject may exercise the right to restriction of processing in the following situations:
the data subject contests the accuracy of the data, for a period enabling the controller to verify the accuracy of the data; the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; the controller no longer needs the personal data for the purposes of the processing, but the data subject requests them for the establishment, exercise or defence of legal claims or the data subject has objected to processing pursuant to Article 21(1) of the GDPR, for the period during which it is verified whether the legitimate rights of the controller override those of the data subject.
In the event that a request for restriction is received, it will be checked to see whether it falls under one of the above cases.
If the data are restricted, they will remain stored but may not be processed without the consent of the person. They may be processed for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
In all cases, the data subject who has obtained the restriction of processing shall be informed by the controller before the restriction of processing is lifted.
Right to data portability The data subject has the right to request that personal data be provided in a “structured, commonly used and machine-readable” format (Article 20 of the GDPR) and to transfer those data to another party, for example another service provider. This applies to personal data for which the processing is based on the consent of the data subject, on the legal basis of the contract or where the processing is carried out by automated means. Where technically feasible, the data subject may also request that the personal data be transferred directly from one controller to another. Currently, BRAVO SOLUTIONS; does not have technology for direct portability from one controller to another, but we are taking reasonable steps to implement it.
Right to object The data subject has the right to object to processing based on the legitimate interest of the controller or a third party or the public interest. Once the objection has been made, the Company must justify the grounds on which the processing is based and suspend the processing until the decision has been taken. The Company shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. If the personal data are used for direct marketing, the Company shall cease processing.
Rights in relation to automated decision-making, including profiling The data subject has the right not to be subject to automated decision-making, including profiling, where the decision significantly affects him or her or her or her legal rights. The data subject also has the right to express his or her point of view, to request human intervention and to contest the decision.
There are exceptions to this right, which are where the decision:
It is necessary for the conclusion or performance of the contract; It is authorized by national or European law; It is based on the explicit consent of the data subject;
The right to file a complaint with the ANSPDCP;
The right to address the courts.
Please note that:
You can withdraw your consent for direct marketing at any time by following the unsubscribe instructions in each e-mail/sms or other electronic message. If you want to exercise your rights, you can do so by sending a written, signed and dated request to our data protection officer at the e-mail address: office@bravosolutions.ro. The rights listed above are not absolute. There are exceptions, therefore each request received will be analyzed in order to decide whether it is well-founded or not. To the extent that the request is well-founded, we will facilitate the exercise of your rights. If the request is unfounded, we will reject it, but we will inform you of the reasons for the refusal and of your rights to file a complaint with the Supervisory Authority and to seek legal action. We will try to respond to the request within 30 days. However, the deadline may be extended depending on various aspects, such as the complexity of the request, the large number of requests received or the impossibility of identifying you within a reasonable time. If, despite our best efforts, we are unable to identify you and you do not provide us with additional information to be able to identify you, we are not obliged to comply with the request.
Data integrity and confidentiality
The security, integrity and confidentiality of your personal data are particularly important to us. We have implemented technical, administrative and physical security measures that are designed to protect your personal data from unauthorized access, disclosure, use and modification. At certain intervals, we review our security procedures to include appropriate up-to-date technologies and methods.
We also inform you that any person acting under the authority of BRAVO SOLUTIONS;, who has access to personal data, will only process the data on the instructions of the Operator.
However, no IT mechanism offers total security, an element of risk is always present, a risk that is independent of our will and/or possibilities. The security of this site may be subject to vulnerabilities and, as such, for such situations, we cannot be held responsible for any security breach.
Changes to the privacy policy
Occasionally, we may modify this BRAVO SOLUTIONS; Privacy Policy to update changes in the processing activity, such as the adoption of new technologies, changes in industry practices, compliance with new legal requirements. On our platforms you will always find the most recent version. All updates and changes to this Policy are valid immediately upon notification, which we will make by posting on the site and/or notification by e-mail. In situations where we are required by law, we will request your consent.
BRAVO SOLUTIONS; reserves the right to modify this Privacy Policy at any time, but within the limits provided by the legal, domestic and community provisions in force.
This privacy statement and the privacy policies presented here are not intended to create legal rights, contractual or otherwise, or on behalf of any party.
Questions, requests and exercise of rights
If you have questions or concerns regarding the processing of your information or wish to exercise your legal rights or have any other concerns regarding privacy, you can contact our data protection officer at the e-mail address office@bravosolutions.ro. We will try to respond to the request within one month. However, the deadline may be extended depending on various aspects, such as the complexity of the request, the large number of requests received or the impossibility of identifying you within a useful period. When you submit a request, we may request additional information for identification. This information differs from case to case, and to ensure that your personal data is not disclosed to unauthorized persons, we will take all measures to identify you. If, despite our best efforts, we are unable to identify you, and you do not provide us with additional information to be able to identify you, we are not obliged to comply with the request.
Additional information
Your personal data registered through this website are processed by the parent company BRAVO SOLUTIONS; SRL.
This Privacy Policy was last updated in January 2024.
Thank you for your interest in our company, our products and/or our services. When you enter into any kind of relationship with us, you entrust us with your data.
The purpose of this Privacy Policy is to explain to you what data we process, why we process it and what we do with it. We take the privacy of our customers very seriously and never sell lists containing email addresses or other personal data. Being fully aware that your personal information belongs to you, we do our best to store it securely and process it carefully. We do not provide information to third parties without informing you.
This information is important. We hope you read it carefully.
This notice informs you about the personal information we process about you in relation to our organization. In collecting this information, we act as a controller and, by law, we are obliged to provide you with information about us, why and how we use your data and about the rights you have over your data.
Other Services
This Privacy Policy does not cover third-party applications and websites that you may reach by accessing links on our website (such as Facebook, Google+, YouTube). This is beyond our control. We encourage you to review the Privacy Policy on any website and/or application before providing personal data.
Who are we?
BRAVO SOLUTIONS SRL is a company with its registered office in Pielești, str. Calea București, no. 113, jud. Dolj, no. registration J16/857/1995, tax code RO7510066 (hereinafter referred to as “BRAVO SOLUTIONS;” or “the Company”), e-mail office@bravosolutions.ro, telephone 0742.933.724, responsible for the processing of your personal data that we collect directly from you or from other sources.
In order for your data to be processed securely, we have made every effort to implement reasonable measures to protect your personal information.
BRAVO SOLUTIONS; complies with the EU General Data Protection Regulation no. 2016/679 (hereinafter referred to as “GDPR”) and national legislation.
Who are you?
According to the legislation, you, the natural person benefiting from our services or a person in any kind of relationship with our company (such as our client, our potential client, the visitor to the website), are a “data subject”, i.e. an identified or identifiable natural person. In order to be completely transparent about data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate communication between us, the data controller, and you, the data subject.
Objectives
This data protection policy ensures:
Compliance with personal data protection legislation and best practices at this level; Protection of the rights of data subjects: for example, partners, customers, employees; How personal data of individuals is stored and processed; Protection of the company and personal data from possible risks related to data security breaches.
Reference documents
Regulation (EU) No. 679/2016 describes how companies – including BRAVO SOLUTIONS; SRL – must process personal data. These rules apply regardless of whether the data is stored electronically, on paper or on other media.
In order to comply with the law, personal information must be collected and used lawfully, fairly, fairly, adequately and in a manner limited to the purpose for which it was collected and must be stored securely.
Definitions
There are a total of 26 definitions listed under the GDPR. Of these, we include the most relevant definitions for this policy below:
Personal data - any information relating to an identified or identifiable natural person ("data subject");
Data subject - an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
Introduction
Thank you for your interest in our company, our products and/or our services. When you enter into any kind of relationship with us, you entrust us with your data.
The purpose of this Privacy Policy is to explain to you what data we process, why we process it and what we do with it. We take the privacy of our customers very seriously and never sell lists containing email addresses or other personal data. Being fully aware that your personal information belongs to you, we do our best to store it securely and process it carefully. We do not provide information to third parties without informing you.
This information is important. We hope you read it carefully.
This notice informs you about the personal information we process about you in relation to our organization. In collecting this information, we act as a controller and, by law, we are obliged to provide you with information about us, why and how we use your data and about the rights you have over your data.
Other Services
This Privacy Policy does not cover third-party applications and websites that you may reach by accessing links on our website (such as Facebook, Google+, YouTube). This is beyond our control. We encourage you to review the Privacy Policy on any website and/or application before providing personal data.
Who are we?
BRAVO SOLUTIONS SRL is a company with its registered office in Pielești, str. Calea București, no. 113, jud. Dolj, no. registration J16/857/1995, tax code RO7510066 (hereinafter referred to as “BRAVO SOLUTIONS;” or “the Company”), e-mail office@bravosolutions.ro, telephone 0742.933.724, responsible for the processing of your personal data that we collect directly from you or from other sources.
In order for your data to be processed securely, we have made every effort to implement reasonable measures to protect your personal information.
BRAVO SOLUTIONS; complies with the EU General Data Protection Regulation no. 2016/679 (hereinafter referred to as “GDPR”) and national legislation.
Who are you?
According to the legislation, you, the natural person benefiting from our services or a person in any kind of relationship with our company (such as our client, our potential client, the visitor to the website), are a “data subject”, i.e. an identified or identifiable natural person. In order to be completely transparent about data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate communication between us, the data controller, and you, the data subject.
Objectives
This data protection policy ensures:
Compliance with personal data protection legislation and best practices at this level; Protection of the rights of data subjects: for example, partners, customers, employees; How personal data of individuals is stored and processed; Protection of the company and personal data from possible risks related to data security breaches.
Reference documents
Regulation (EU) No. 679/2016 describes how companies – including BRAVO SOLUTIONS; SRL – must process personal data. These rules apply regardless of whether the data is stored electronically, on paper or on other media.
In order to comply with the law, personal information must be collected and used lawfully, fairly, fairly, adequately and in a manner limited to the purpose for which it was collected and must be stored securely.
Definitions
There are a total of 26 definitions listed under the GDPR. Of these, we include the most relevant definitions for this policy below:
Personal data - any information relating to an identified or identifiable natural person ("data subject");
Data subject - an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity; What are the legal grounds for processing personal data?
The processing of your data may be based on:
the conclusion and execution of the contract (establishing your identification and billing data, the address where the installation will be carried out); the legitimate interest of the Operator (customer satisfaction questionnaires, management of the agreement for commercial purposes, etc.); the consent of the data subject (such as sending marketing communications, cookie modules); the legal obligation of the Operator (for example, reporting and informing public authorities); the defense and/or exercise of a right in court; steps to conclude the employment contract. In order to conclude or execute a contract or to apply measures, at your request, before concluding a contract, we need certain personal data to fulfill contractual obligations (invoicing, delivery, installation, customer service) and/or comply with legislation, such as accounting legislation.
With regard to data processing for marketing purposes, the legal basis for the processing of personal data is your consent, which you can withdraw at any time, as stated in this document.
Please note that in certain situations, if you do not provide us with the above data, we will not be able to provide our services and products, as your data is necessary for the conclusion of the contract, invoicing, installation, etc.
What kind of personal data do we process about you?
Since we apply the principle of minimization, we are committed to collecting only those data that are truly necessary. Thus, we inform you that the personal data that the Company processes are personal data that we collect from you or from other sources, such as:
identification data, for example: name and surname, home address / residence, personal identification number, unique identification code, identity card series and number, passport series / number in the case of non-residents or other data with an identification function; financial data (e.g. bank account); contact data (landline/mobile phone number, e-mail address, installation address) and other personal data (CV, medical certificates, diplomas, skills, studies);
These data are necessary for activities such as: preparing the offer, concluding, executing, amending or terminating the Contract, remedying any non-conformities, receipts and payments into bank accounts, resolving complaints.
For what purposes do we collect this data?
BRAVO SOLUTIONS; collects personal data in order to achieve the following purposes:
General operations BRAVO SOLUTIONS; We collect personal data to carry out business operations with individuals or legal entities (such as organizing work visits to the company's headquarters for partners, agencies, etc.)
Response to the Data Subject's requests The Data Subject provides personal data, including name, email address or other contact information when we are contacted by phone, email, mail or using our digital platforms. This personal information allows us to respond to requests regarding issues related to BRAVO SOLUTIONS products;, details regarding measurements and price offers for the installation of BRAVO SOLUTIONS products;, to set up a service visit for a window or to respond to complaints under the BRAVO SOLUTIONS warranty;. The information provided may be transmitted to BRAVO SOLUTIONS; or to other BRAVO SOLUTIONS business partners;, to independent installers or distributors in order to be able to provide assistance to customers in connection with their requests or to provide services or a price offer.
Customers and Potential Customers We may collect personal data of customers and potential customers, including first and last name, contact information, payment and credit card information, credit information and other information that we need to carry out operations with that individual or organization. This information may be disclosed to distributors and logistics partners in order to process a customer's order, including in order to arrange for the delivery of BRAVO SOLUTIONS products; to customers or in order to respond to requests.
Business Development The personal information provided by the Data Subject and the personal information that we collect on our digital platforms will be used to increase the level of understanding of our customers and to ensure relevant communication in all aspects of the relationship between you and BRAVO SOLUTINOS. Personal data will also be used to develop new products and services or improve existing ones.
Customer and Visitor Surveys We may collect personal data from visitors to our digital platforms or from customers for the purpose of processing in the context of conducting surveys regarding our products and services. Your personal data will not be used for marketing communications without your consent.
Potential employees or contractors When an individual applies for a position with BRAVO SOLUTIONS; or enters into a contract with us, we may collect certain personal data, such as name, contact information, employment history information, educational qualifications, relevant background checks and information regarding professional interests. This may be collected directly from the individual, from a recruitment consultant and from the individual’s previous employers or from other individuals, including from publicly available references and sources. This information is used to inform or assist us in making a decision regarding whether to make an offer of employment or to enter into a contract with that individual.
In order to comply with the law We may collect personal data in accordance with the requirements or permissions of the legislation in force, such as, for example, providing your personal information to the prosecutor's office, police, courts and other authorized state bodies, based on and within the limits of legal provisions and as a result of expressly formulated requests.
Other purposes for which we process data are the following:
to respond to questions and requests; for marketing purposes, but only if we have your prior consent; to provide and improve the services and products we offer; to diagnose or fix technical problems; to defend ourselves against cyber attacks; to create and/or maintain accounts; to establish or claim a right in court;
Absence of an automated decision-making process
We do not make automated decisions with legal or other similar effects regarding you, however, to the extent that this will change in the future, we will inform you accordingly and allow you to exercise all legal rights.
To whom do we transmit your personal data?
In order to always ensure the quality of our products and services, we have constant partnerships with various suppliers to whom we can transmit your data, who process them either as Processors or as associated operators, in the latter case they are directly responsible for compliance with the legislation in the field of personal data protection.
We constantly make reasonable efforts to ensure that these third parties have implemented adequate protection and security measures. With these third parties (processors) we have contractual clauses so that your data is protected.
The categories of recipients of personal data may be:
product suppliers and / or subcontractors of the Operator for the execution of the Contract (e.g. PVC carpentry supplier); IT solution providers (such as Google Analytics, email marketing providers -Mailchimp); sales agents; resellers; independent experts subcontracted by the Operator for the assessment and remediation of any non-conformities of the products and / or assembly; companies that offer postal/courier services; payment service providers; market research companies/customer satisfaction surveys; public authorities (ANAF, Ministry of Public Finance, National Authority for Consumer Protection, etc.); courts or arbitration courts, as well as authorities competent to investigate the commission of criminal acts; other subcontractors of the Operator (Travel agents, hotels, etc.).
We may also share your data with business partners as a result of a joint effort to offer a product or service.
Although unlikely, we may sell the business or part of the business in the future, which will include the transfer of your data.
We may also transfer your data to other parties with your consent or according to your instructions (for example, the situation in which you direct us to transfer your personal data to third-party platforms or websites, such as social media pages, or in the situation in which we comply with a data portability request).
We may also provide your personal information to the prosecutor's office, police, courts and other authorized state bodies, based on and within the limits of legal provisions and as a result of express requests.
We will ensure, within reasonable limits, that your data does not leave the European Economic Area, but, to the extent that we transfer data to countries outside the EEA, we will ensure, in all cases, that the transfers are legitimate, based on your explicit consent or another legal basis. For example, as mentioned above, we may transmit data to the USA through the Google Analytics and Mailchimp platforms, but these providers are included in the Privacy Shield and your data is, according to European law, safe. For more information, please access https://policies.google.com/privacy?hl=ro and https://mailchimp.com/legal/privacy/.
How long do we store personal data?
The company does not have a “Keep everything” approach. This is neither practical nor cost-free, nor does it comply with the principle of storage limitation, set out in Regulation (EU) 679/2016. However, some personal data will be retained, among other things, because we are required by law or to protect our commercial interests. Among the reasons, we list:
Litigation; Compliance with the law; Protection of intellectual property; Protection of trade secrets; Investigation of security incidents.
To determine the period for which the data will be processed, we take into account the contractual period until the expiry of the contractual obligations and the archiving periods, both legal and internal. Also, in order to exercise and defend our rights in the event of legal proceedings, the general limitation period of 3 years is included in the calculation of the storage period.
Personal data of customers: 10 years from the signing of the contract, for the duration of the warranty. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of potential customers: 3 years from the time of the offer. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of job candidates: 3 years after the interview. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Personal data of employees: 3 years after the termination of the employment contract, with the exception of employment contracts (75 years) and payrolls (50 years). After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Accounting documents: 10 years. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Data of business partners or external collaborators: 10 years after the termination of the contract. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Data processed for direct marketing: until the withdrawal of consent. After this period, the data will be deleted or anonymized for use for historical, statistical or research purposes.
Other personal data will be kept for the period required by law, and in the absence thereof for a period of 3 years from the last interaction of any kind with the data subject.
Processing of data for direct marketing purposes
We can use personal data only with your consent and at your request, to inform you about BRAVO SOLUTIONS operations, products, services, promotional offers and other news;. However, if you are already our client, we can send you, pursuant to law no. 506/2004, offers regarding similar goods and services offered by our company, but you have, in all cases, the right to object and then commercial communications will cease. If you do not wish to receive further information, you can easily and free of charge unsubscribe from our marketing communications at any time. To do this, please send an email to office@bravosolutions.ro with the subject UNSUBSCRIBE. If you unsubscribe from our marketing communications, we will delete your personal data within 30 days, unless these data are also processed for other purposes mentioned in Section 13. What are your rights?
Right to withdraw consent The data subject has the right to withdraw consent where this constitutes the legal basis for the processing of his or her personal data (i.e. the processing is not based on another legal basis, such as a contract, a legal obligation, a legitimate interest, vital interests or public interest). Before we stop processing the data subject's personal data, we will check whether we have another legal basis on which we process the data. If we do not have another legal basis, we will comply with the request. We will not tacitly migrate from consent to another legal basis, but will ensure, in all cases, that the additional basis has been established in advance. Where the processing concerns the personal data of a minor (defined by the GDPR as a person under 16 years of age), the granting or withdrawal of consent must be authorised by the holder of parental responsibility. In most cases, the granting and withdrawal of consent will be available electronically, i.e. online. Regardless of the decision we take, we will inform you accordingly within a reasonable period.
Right to information When personal data are collected from the data subject or obtained from another source, we are obliged to inform the data subject about the use of these data and the rights over them.
Right of access The data subject has the right to request from the Company confirmation that personal data are processed, and if so, has the right to obtain a copy of these data, as well as the following information:
The purposes of the processing; The categories of personal data concerned; The recipients or categories of recipients of the data, if any, in particular any third countries or international organisations; The duration of storage of the personal data (or the criteria used to determine this period); The rights of the data subject to rectification or erasure of his or her personal data and restriction of or opposition to processing; The right of the data subject to lodge a complaint with a supervisory authority; Information on the source of the data, if it does not come directly from the data subject; Whether the personal data will be subject to automated decision-making, including profiling and, if so, the logic of such decision or profiling and the possible consequences involved; Where the data are transferred to a third country or an international organisation, information on the safeguards that apply.
We will not be able to comply with such a request when the request is manifestly unfounded or excessive or when we are bound by a legal obligation of confidentiality.
Right to rectification If the personal data are inaccurate, the data subject has the right to request the correction and completion of incomplete personal data based on the information they provide. If necessary, the Company will take additional steps to verify that the information provided by the person is accurate before making the change.
Right to erasure ("right to be forgotten") The data subject has the right to request the Company to erase personal data concerning him or her without delay in the following cases:
the personal data are no longer necessary for the purposes for which they were collected or processed; the data subject withdraws consent on which the processing is based and there is no other legal basis for the processing; the data subject objects to the processing and there are no overriding legitimate grounds for the processing; the personal data have been processed unlawfully; the personal data must be erased for compliance with a legal obligation to which the controller is subject under Union or national law to which the controller is subject; the personal data have been collected in connection with the provision of information society services to children.
The company will have to make a decision on such a request. The data will not be erased if:
the data are necessary for the exercise of the right to freedom of expression and information; the data are necessary for the performance of a legal obligation; for reasons of public interest in the field of public health; for archiving purposes in the public interest; for the establishment, exercise or defence of legal claims.
Right to restriction of processing The data subject may exercise the right to restriction of processing in the following situations:
the data subject contests the accuracy of the data, for a period enabling the controller to verify the accuracy of the data; the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; the controller no longer needs the personal data for the purposes of the processing, but the data subject requests them for the establishment, exercise or defence of legal claims or the data subject has objected to processing pursuant to Article 21(1) of the GDPR, for the period during which it is verified whether the legitimate rights of the controller override those of the data subject.
In the event that a request for restriction is received, it will be checked to see whether it falls under one of the above cases.
If the data are restricted, they will remain stored but may not be processed without the consent of the person. They may be processed for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
In all cases, the data subject who has obtained the restriction of processing shall be informed by the controller before the restriction of processing is lifted.
Right to data portability The data subject has the right to request that personal data be provided in a “structured, commonly used and machine-readable” format (Article 20 of the GDPR) and to transfer those data to another party, for example another service provider. This applies to personal data for which the processing is based on the consent of the data subject, on the legal basis of the contract or where the processing is carried out by automated means. Where technically feasible, the data subject may also request that the personal data be transferred directly from one controller to another. Currently, BRAVO SOLUTIONS; does not have technology for direct portability from one controller to another, but we are taking reasonable steps to implement it.
Right to object The data subject has the right to object to processing based on the legitimate interest of the controller or a third party or the public interest. Once the objection has been made, the Company must justify the grounds on which the processing is based and suspend the processing until the decision has been taken. The Company shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. If the personal data are used for direct marketing, the Company shall cease processing.
Rights in relation to automated decision-making, including profiling The data subject has the right not to be subject to automated decision-making, including profiling, where the decision significantly affects him or her or her or her legal rights. The data subject also has the right to express his or her point of view, to request human intervention and to contest the decision.
There are exceptions to this right, which are where the decision:
It is necessary for the conclusion or performance of the contract; It is authorized by national or European law; It is based on the explicit consent of the data subject;
The right to file a complaint with the ANSPDCP;
The right to address the courts.
Please note that:
You can withdraw your consent for direct marketing at any time by following the unsubscribe instructions in each e-mail/sms or other electronic message. If you want to exercise your rights, you can do so by sending a written, signed and dated request to our data protection officer at the e-mail address: office@bravosolutions.ro. The rights listed above are not absolute. There are exceptions, therefore each request received will be analyzed in order to decide whether it is well-founded or not. To the extent that the request is well-founded, we will facilitate the exercise of your rights. If the request is unfounded, we will reject it, but we will inform you of the reasons for the refusal and of your rights to file a complaint with the Supervisory Authority and to seek legal action. We will try to respond to the request within 30 days. However, the deadline may be extended depending on various aspects, such as the complexity of the request, the large number of requests received or the impossibility of identifying you within a reasonable time. If, despite our best efforts, we are unable to identify you and you do not provide us with additional information to be able to identify you, we are not obliged to comply with the request.
Data integrity and confidentiality
The security, integrity and confidentiality of your personal data are particularly important to us. We have implemented technical, administrative and physical security measures that are designed to protect your personal data from unauthorized access, disclosure, use and modification. At certain intervals, we review our security procedures to include appropriate up-to-date technologies and methods.
We also inform you that any person acting under the authority of BRAVO SOLUTIONS;, who has access to personal data, will only process the data on the instructions of the Operator.
However, no IT mechanism offers total security, an element of risk is always present, a risk that is independent of our will and/or possibilities. The security of this site may be subject to vulnerabilities and, as such, for such situations, we cannot be held responsible for any security breach.
Changes to the privacy policy
Occasionally, we may modify this BRAVO SOLUTIONS; Privacy Policy to update changes in the processing activity, such as the adoption of new technologies, changes in industry practices, compliance with new legal requirements. On our platforms you will always find the most recent version. All updates and changes to this Policy are valid immediately upon notification, which we will make by posting on the site and/or notification by e-mail. In situations where we are required by law, we will request your consent.
BRAVO SOLUTIONS; reserves the right to modify this Privacy Policy at any time, but within the limits provided by the legal, domestic and community provisions in force.
This privacy statement and the privacy policies presented here are not intended to create legal rights, contractual or otherwise, or on behalf of any party.
Questions, requests and exercise of rights
If you have questions or concerns regarding the processing of your information or wish to exercise your legal rights or have any other concerns regarding privacy, you can contact our data protection officer at the e-mail address office@bravosolutions.ro. We will try to respond to the request within one month. However, the deadline may be extended depending on various aspects, such as the complexity of the request, the large number of requests received or the impossibility of identifying you within a useful period. When you submit a request, we may request additional information for identification. This information differs from case to case, and to ensure that your personal data is not disclosed to unauthorized persons, we will take all measures to identify you. If, despite our best efforts, we are unable to identify you, and you do not provide us with additional information to be able to identify you, we are not obliged to comply with the request.
Additional information
Your personal data registered through this website are processed by the parent company BRAVO SOLUTIONS; SRL.
This Privacy Policy was last updated in January 2024.