PRIME DASH considers ensuring the right to the protection of personal data as a fundamental commitment, therefore we will dedicate all necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), as well as with any other legislation applicable on the territory of Romania. As one of the key principles of this legal framework is transparency, we have prepared this document to inform you on how we collect, use, transfer and protect your personal data when you interact with us through our products and services, including our website or mobile applications.
Who we are and how you can contact us:
PRIME DASH is the trade name of PRIME DASH DEVELOPMENT SA, based in Oradea, str. Tudor Vladimirescu, no. 17, Bihor county, identified by CUI RO 41599013 and having the registration number at Reg. Trade J05 / 2146/2019, legally represented by director Rus Cătălin, e-mail: firstname.lastname@example.org, (hereinafter “PRIME DASH” or “we”). For the purposes of data protection legislation, we are an operator when we process your personal data.
As we are always open to hearing your views and providing you with any additional information you may need regarding the processing of your data, we encourage you to contact the Data Protection Officer at email@example.com, should you have any requests.
What categories of personal data do we process?
We generally collect your personal data directly from you so that you have control over the type of information you provide to us. As an example, we receive information from you as follows:
When you create an account on the PRIME DASH platform / application, you send us: your name and surname, e-mail address, identification data of the legal entity you represent.
When you send us a message through the form found on the site, you send us: name and surname, e-mail address.
During the use of the services offered through the PRIME DASH platform / application, you send us: the name and surname of the legal person’s legal representative, e-mail address, your card details.
During the contract between you and PRIME DASH, we can collect the name and surname, e-mail of the legal representative of the company, your IP.
The Prime Dash platform / application is not intended for individuals, the data that we seek to collect are those of persons representing legal entities using the Prime Dash services. The information uploaded to the application / platform regarding the financial situation of legal entities as well as the graphs, tables, reports and other information generated by the Prime Dash application / platform do not represent personal data.
On our website, as well as in the smartphone application, we can store and collect information in cookies and similar technologies, according to the Cookies Policy.
We do not collect or otherwise process sensitive data, included in the General Data Protection Regulation under the special categories of personal data. We also do not want to collect or process data on minors under the age of 16.
Information about electronic payment instruments (card) is not stored in any way by our website, as online payment by card is made through a card payment processor, and this company is fully responsible for the processing of this data, as well as for the transaction validation.
What are the purposes and grounds of processing:
We will use your personal data for the following purposes:
1. To provide PRIME DASH services for your benefit.
This general purpose may include, as appropriate, the following:
a) Creation and administration of the PRIME DASH subscription;
b) Data processing regarding the validation, invoicing and payment of services;
c) Creating an account on the PRIME DASH platform / application, its administration and use;
d) Providing and allowing access to the PRIME DASH platform / application
Rationale: The processing of your data for these purposes is, in most cases, necessary for the conclusion and execution of a contract between PRIME DASH and you, pursuant to art. 6 lit.f) GDPR. Certain processing, subject to these purposes, is also required by applicable law, including tax and accounting legislations.
In the absence of providing this minimum information, PRIME DASH will not be able to ensure the provision of its services and access to the PRIME DASH platform / application.
2. To improve our services
We may collect and use certain information in connection with your user behavior, we may invite you to complete satisfaction questionnaires subsequent to the use of a service, or we may conduct, directly or with the help of partners, market research and studies.
Purpose: We want to always offer you the best experience of using our services.
Rationale: our legitimate interest according to art. 6 letter f) GDPR exercised in the conduct of commercial activity without prejudice to the personal rights and freedoms of the data subject.
3. For marketing activities
We can send you any type of message (such as: e-mail / SMS / telephone / mobile push / webpush / etc.) containing general and thematic information, information on products similar or complementary to those you have purchased, information about offers or promotions. In most cases, we base our marketing communications on your prior consent, expressed at the time of creating your account. You can change your mind and withdraw your consent at any time by:
– Accessing the unsubscribe link displayed in the messages you receive from us; or by
– Contacting PRIME DASH using the email address firstname.lastname@example.org.
Purpose: We want to keep you informed about the best offers for the products / services that interest you.
Rationale: In certain situations, we can base marketing activities on our legitimate interest (art. 6 letter f) GDPR) to promote and develop our commercial activity. In any instance where we use information about you for our legitimate interest, we exercise extreme caution and take all the necessary measures to ensure that your fundamental rights and freedoms are not affected.
However, you can ask us at any time, by the means described above, to stop processing your data / personal data for marketing purposes, and we will process your request.
If necessary, in accordance with applicable law, we will obtain your consent before processing your personal data for direct marketing purposes. In this case, we inform you that you will be able to withdraw your consent at any time for us to process your personal data for marketing purposes, in which case you will not receive any marketing communications from us. We’ll include an unsubscribe link that you can use if you don’t want us to send you any more messages.
4. For the protection of interests and compliance with legal stipulations
There may be situations where we use or transmit information to protect our rights, business and commercial activity. These may include:
– Measures to protect the website and users of the PRIME DASH platform from cyber attacks;
– Measures to prevent and detect fraudulent attempts, including transmitting information to the competent public authorities;
– Measures to manage various other risks.
The general basis of these types of processing is our legitimate interest in defending our commercial activity as well as in order to fulfill our legal obligations under the legislation in force, it being understood that we ensure that all measures we take guarantee a balance between our interests and your fundamental rights and freedoms.
How long we keep your personal data for
As a general rule, we will store your personal data for a maximum period of 3 years, from the termination of the contractual relationship between us and you. This period starts to run from the moment the subscription expires. In case of its renewal, a new term will run with the expiration of the subscription thus renewed. We constantly review the need to retain your personal data, and to the extent that processing is no longer necessary and there is no legal obligation to retain data, we will destroy your personal data as soon as possible and in a manner that ensures that it cannot be recovered or reconstituted (for example, we will delete / destroy all data of people who were not hired after the interviews, if there is no serious prospect of employment in the future).
The data stored in the PRIME DASH application / platform is stored on dedicated servers located in Romania and the United States.
If personal information is printed on paper, it will be destroyed in a secure manner that makes it impossible to reconstitute, and if it is saved on electronic media, it will be erased using technical means to ensure that the information is no longer available and that it cannot be recovered or reconstituted later.
To whom we transmit your personal data
In order to carry out the commercial activity and fulfill the purposes provided in Chapter III, as the case may be, we may transmit or offer access to certain personal data of yours to the following categories of recipients:
– to companies within the same group of companies as PRIME DASH;
– PRIME DASH partners;
– payment / banking service providers;
– marketing / telemarketing service providers;
– market research service providers;
– IT service providers;
– other companies with which we can develop joint programs for offering our goods and services on the market.
If we have a legal obligation or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We ensure that access to your data by third party legal persons governed by private law is made in accordance with the legal provisions regarding data protection and confidentiality of information, based on contracts concluded with them.
The confidentiality of your data is important to us, which is why, where possible, the transmission of personal data in accordance with the above is done only on the basis of a confidentiality commitment from the recipients, which guarantees that this data is kept safe and that the provision of this information is made in accordance with the legislation in force and applicable policies. In any case, each time we will send to the recipients only the information strictly necessary to achieve that goal.
In which countries do we transfer your personal data
We currently store and process your personal data within the European Union.
However, we may transfer certain parts of your personal data to entities located in the European Union or the European Economic Area.
We will always take the necessary steps to ensure that any international transfer of personal data is carefully managed, in order to protect your rights and interests. Transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, through other guarantees, such as standard contractual clauses issued by the European Commission or certification schemes, such as the Privacy Shield for the protection of personal data transferred from within the EU to the United States.
You can contact us at any time, using the contact details set out above, to find out more about the countries where we transfer your data, as well as the guarantees we have put in place regarding these transfers.
How we protect the security of your personal data
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, provided in internal privacy policies and in line with industry standards.
The transmission of your personal data is done using state-of-the-art encryption algorithms and stored on secure servers, while ensuring data redundancy.
We use the services of the payment processor to make payments. Any payment information is encrypted using HTTPS technology with TSL 1.2 encryption.
Despite the measures taken to protect your personal data, we warn you that the transmission of information via the Internet, in general, or through other public networks, is not completely secure, and there is a risk that the data may be seen and used by unauthorized third parties. We cannot be held responsible for such vulnerabilities in systems that are beyond our control.
What is a cookie?
An “Internet Cookie” (also known as a “browser cookie”, “HTTP cookie” or simply “cookie”) is a small file, consisting of letters and numbers, that will be stored on your computer, mobile terminal or other equipment of a user from which the Internet is accessed. The cookie is installed by the request issued by a web server to a browser (eg Internet Explorer, Chrome) and is completely “passive” (does not contain software, viruses or spyware and cannot access the information on the user’s hard drive).
PRIME DASH is constantly looking for ways to improve the site, the user experience and the services offered to buyers.
“Cookies” play an important role in facilitating access to, and delivery of multiple services that the user enjoys on the Internet, such as:
• Personalization of certain settings such as:
– the language in which a site is viewed;
– the currency in which certain prices or tariffs are expressed;
– keeping the options for various products (measures, other details, etc.) in the shopping cart (and storing these options) – thus generating the flexibility of the “shopping cart”;
– accessing old preferences by accessing the “Forward” and “Back” button.
• Cookies provide site owners with feedback on how their sites are used by users, so that they can make them even more efficient and accessible to users;
• Allow multimedia or other applications from other sites to be included in a particular site to create a more valuable, useful and enjoyable browsing experience;
• Improve the efficiency of online advertising
The cookies that the user allows to be used can be selected through a “cookie” bar found at the bottom part of the website. The types of cookies and the data that these modules collect is as transparent as possible and accessible to the user.
If you prefer, you can block all cookies or just some of them or even remove cookies that have been installed on your terminal. However, you must be aware that in this situation you may not be able to use certain functions. To enable this lock, you must change your browser privacy settings. Some third-party operators have developed tools with modules that allow data collection and use to be disabled. Disabling and refusing to receive cookies may make certain sites impractical or difficult to visit and use.
Also, the refusal to accept cookies does not mean that the user will no longer receive / see online advertising. It is possible to set the browser so that these cookies are no longer accepted, or you can set the browser to accept cookies from a certain website. But, for example, if a user is not registered using cookies, they will not be able to leave comments. All modern browsers offer the ability to change cookie settings.
These settings are usually found in the “Options”, “Settings” or “Preferences” menus (buttons) of the browser.
What is the lifetime of a cookie?
Cookies are administered by webservers. The lifespan of a cookie can vary significantly, depending on the purpose for which it is placed. Some cookies are used exclusively for a single session (session cookies) and are no longer retained once the user has left the website, while other cookies are retained and reused each time the user returns to that website. (‘persistent cookies’). However, cookies can be deleted by a user at any time via browser settings.
Cookies and data security.
Cookies are NOT viruses! They use plain text formats. They are not made up of pieces of code, so they cannot be executed, nor can they run automatically. As a result, they cannot be duplicated or replicated on other networks to run or replicate. Because they cannot perform these functions, they cannot be considered viruses.
Cookies may, however, be used for negative purposes. Because they store information about users’ preferences and browsing history, both on a particular website and on other websites, cookies can be used as a form of Spyware. Many anti-spyware products are aware of this and constantly mark cookies for deletion in anti-virus / anti-spyware deletion / scanning procedures. In general, browsers have integrated privacy settings, which provide different levels of acceptance of cookies, validity period and automatic deletion after the user has visited a particular site.
What types of cookies does PRIME DASH use?
Cookies can be temporary, in which case they are kept only during the site browsing session or permanent, which are kept longer, depending on the allocated interval and browser parameters. There are many types of cookies, divided into the four categories below.
· Strictly necessary cookies
Strictly necessary cookies are indispensable, the operation of the site being impossible without them. Disabling cookies can lead to serious difficulties in using the site or even the impossibility of using its services. Strictly necessary cookies do not store information after leaving the site. They allow, for example, the identification of devices for communication, the numbering of data ‘packets’ in order to send them in the required sequence and the detection of transmission errors or data loss.
· Functional cookies
Functional cookies are used exclusively to provide the user, at his request, with an electronic communication service. Uninstalling these cookies makes it impossible to make the service available. This information is stored after the end of the site browsing session and may be transmitted to partners, with the sole purpose that they take the necessary measures to make the services available. For example, it may be cookies that save the user’s preferences, such as the language used, those that save a “user session” or those needed for the “virtual shopping cart”.
· Cookies for analysis and audience statistics
These cookies for measuring audience allow the recognition of website visitors on the next visit. They store only the username (specific to each cookie) and do not collect personal data of the visitor. They save the pages visited, the duration of each visit and the error messages displayed; all this helping to improve the performance of our site. Analysis cookies can be installed and managed by partners; however, we require their use strictly in order to obtain the necessary analytical statistics.
· Tracking cookies and those generated by social networking
Plugins Tracking cookies allow third parties to provide services, primarily advertising, and to increase their efficiency. These cookies may retain the pages and websites visited and collect personal data, primarily the IP address of the device used for browsing the Internet. The information collected may be shared with third parties.
This is the case, for example, of cookies that allow advertising companies to offer personalized ads tailored to your interests based on your browsing history on the PRIME DASH site, or that limit their repetition. For these cookies you need to give your consent. In this case, a banner will appear on the first page of the site asking for your consent to install them.
PRIME DASH also uses what we call social plugins that take the form of sharing tools, associating information through social networks such as Facebook, LinkedIn or YouTube. During your visit on our website, these social plugins may be disabled by default, i.e. they do not transmit information to relevant social networks without your intervention. Before using these plugins, you must activate them with one click. These plugins remain active only until you deactivate them again or delete the relevant cookies. You will find more information on how to disable these plugins or delete cookies in the above sections of this policy. After activation, the system establishes a direct link with the social network chosen to share the relevant content. The content shared by the plugin is then transferred directly from the social network to your internet browser which integrates it into the website visited.
Once you have activated the plugin, the relevant social network can collect data, whether or not you actually use this plugin. If you are connected to a social network, it is able to associate your visit with the current website and the user account on the network. Visiting other websites will not be associated with this visit and your social media user account, as long as you have not activated the appropriate plugin on these sites.
If you are a member of a social network and do not want this network to establish a link between the data collected during the visit and the information saved during registration, you must disconnect the user session from the network before activating the plugins.
We cannot influence or decide the volume and nature of data collected by the social network through these plugins. To understand the volume and nature of the data processed and the purpose of the processing, as well as the means of processing and use of the data by the social network and the rights and control options available to you to protect your privacy, read the notices and legal information related to protection of personal data published by relevant social networks.
What rights do you have?
The General Data Protection Regulation gives you a number of rights in relation to your personal data. You may request access to your data, correct any errors in our files and / or object to the processing of your personal data.
As a data subject, you have the following rights under the GDPR:
a) Right of access: you can ask us (i) for confirmation of whether or not personal data are processed and, if so, access to those data and information regarding them, as well as (ii) a copy of the personal data we hold (art. 15 of the GDPR);
b) The right to rectification: you can inform us about any change in your personal data or you can ask us to correct the personal data we hold about you (art. 16 of the GDPR);
c) Right of deletion (“right to be forgotten”): in certain situations (such as (i) where the data was collected illegally, (ii) the deadline for storing the data has expired, (iii) you have exercised your right to object or (iv) the processing of data is done on the basis of consent and you have withdrawn your consent), you can ask us to delete the personal data we hold about you (art. 17 of the GDPR);
d) The right to restrict the processing: in certain situations (such as the case where the accuracy of this data or the legality of the processing is contested), you can ask us to restrict the processing of your data for a certain period (art. 18 of the GDPR);
e) The right to data portability: to ask us to send your personal data to a third party or directly to you (art. 20 of the GDPR); f) The right to object: in certain situations (such as processing that has legitimate interest as legal ground), you can ask us not to process your data (art. 21 of the GDPR);
Please note the following if you wish to exercise these rights:
Identity. We take the confidentiality of all records that contain personal data very seriously. For this reason, please send us your requests regarding such records using the PRIME DASH account email address. Otherwise, we reserve the right to verify your identity by requesting additional information for the purpose of confirming your identity.
Fees. We will not charge you a fee for exercising any rights with respect to your personal data, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge a reasonable amount. In such circumstances, we will inform you of any fees applied before resolving your claim.
Response time. We intend to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made several requests, in which case we will respond within a maximum of two months. We will let you know if we need more than a month. We may ask you if you can tell us exactly what you want to receive or what worries you. This will help us to act faster and shorten the response time to your request.
Third party rights. We must not comply with a request if it would adversely affect the rights and freedoms of other data subjects.
In order to exercise your rights, you can contact us using the contact details, respectively email@example.com or at the company’s headquarters. It is mandatory that the requests based on the exercise of the rights provided in art. 15-21 of the GDPR will be formulated in writing, in such a way as to ensure the verification of the observance of the provisions of the GDPR.
If you are not satisfied with the way in which your request was resolved, you can submit a complaint to the National Authority for the Supervision of Personal Data Processing. The contact details of the authority are as follows: Bucharest, Bdul G-ral. Gheorghe Magheru 28-30, Sector 1, postal code 010336, telephones: +40.318.059.211; +40.318.059.212: e-mail: firstname.lastname@example.org