Privacy Policy

Introduction

This Privacy Policy outlines the practices of the company (referred to as “we,” “our,” or “the Company”) regarding the information collected from users accessing our website at family.nazzuro.ro (“Site”) or other personal information shared with us (collectively referred to as “Users”).

Reasons for Data Collection

We process your personal information (i.e., any information that can reasonably identify you; hereinafter “Personal Information”) to communicate with you regarding our offers, newsletters, and any other materials you request by completing forms on this site. This information is necessary to fulfill our contractual obligations to you, provide our services, protect our legitimate interests, and comply with legal and regulatory obligations.

By using the Site, you consent to the collection, storage, use, disclosure, and other uses of your personal information as described in this Privacy Policy.

We encourage our Users to carefully read and use the Privacy Policy to make informed decisions.

The collection and processing of personal data are carried out in accordance with the regulations established by the European Union and national legislation, including:

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals regarding the processing of personal data and on the free movement of such data;
REGULATION (EU) 2016/679 of 27 April 2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text relevant to the EEA), entering into force on 25.05.2018;
The Constitution of Romania, republished (art. 26);
Law no. 31/1990 regarding commercial companies, republished, with subsequent amendments and completions;
Law no. 287/2009 of July 17, 2009, regarding the Civil Code, republished, with subsequent amendments and completions;
Law no. 134/2010 on the New Civil Procedure Code, republished;
Law no. 677/2001, with subsequent amendments and completions, as well as subsequent regulations (Decisions of the National Supervisory Authority for Personal Data Processing).
What Information We Collect

We collect two types of data and information from Users.

The first type is unidentified and non-identifiable information about a user (users) that may be provided or collected through your use of the site (“Non-personal Information”). We are not aware of the identity of a User from whom Non-personal Information is collected. Non-personal information collected may include your aggregated usage information and technical information transmitted by your device, including certain information about software and hardware (e.g., browser type and operating system used by your device, language preference, access time, etc.) to improve the functionality of our site. We may also collect information about your activity on the Site (e.g., pages viewed, online navigation, clicks, actions, etc.), as detailed in the accessible Cookie Policy here.

The second type of information is Personal Information, which is individually identifiable information, namely information that identifies a person or can identify a person with reasonable effort. This information includes:

Device information: We collect personal information from your device. This information includes geolocation data, IP address, unique identifiers (e.g., MAC address and UUID), and other information related to your activity on the site.
Personal information: Name, surname, email, phone number, address, city, and options related to questions in forms, to send you the information you requested when you decided and agreed to complete and submit one of the forms on the Site.
We do not rent, sell, or share User information with third parties, except as described in this Privacy Policy.

We may use the information for the following purposes:

To receive further information by email regarding our marketing campaigns, expressing your agreement freely by accessing the existing online form;
To understand your preferences, expressing your agreement freely by accessing the existing online form;
To transmit comments about our services and products;
To send newsletters – periodic emails informing you of all the latest developments, expressing your agreement freely by accessing the existing online form;
For subsequent correspondence with you;
For transmitting specially requested offers through written comments on the site; processing offer requests until customers are taken over by the sales department; going through the preliminary stages before concluding a contract;
To address various user requests/questions/complaints;
For the legitimate interest of the company; e.g., for establishing, exercising, or defending a right in court, for internal administrative purposes, for billing the services provided and making related payments; for protecting copyright and related rights.
To be in direct contact with company representatives to resolve your request.
To communicate with you and keep you informed of the latest updates and services;
To display advertisements when you use our site (see more in “Advertisements”);
To market our sites and products (see more in “Marketing”);
Achieving statistical and analytical purposes aimed at improving the Site.
In addition to the various uses listed above, we may transfer or disclose personal information to our subsidiaries, affiliated companies, and subcontractors.

In addition to the purposes outlined in this Privacy Policy, we may share Personal Information with our trusted third-party providers, who may be located in different jurisdictions worldwide, for any of the following purposes:

Hosting and operating our website;
Providing our services, including offering a personalized display of our website;
Storing and processing this information on our behalf;
Delivering advertisements and helping us assess the success of our advertising campaigns and retargeting any of our users;
Providing marketing offers and promotional materials related to our website and services;
Conducting research, technical diagnostics, or analytics.
We may also disclose information if we have a good faith belief that the disclosure of such information is useful or reasonably necessary to:

(i) comply with any law, regulation, legal process, or government request;
(ii) enforce our policies (including our Agreement), including investigations into potential violations thereof;
(iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspicions of fraud, or security issues;
(iv) establish or exercise our legal rights in response to legal claims;
(v) prevent harm to our rights, property, or safety, our users, you, or any third party; or
(vi) cooperate with law enforcement agencies and/or if we believe it is necessary to enforce intellectual property or other legal rights.

How We Receive Information About You

We receive your personal information from various sources:

When you voluntarily provide your personal data to receive an offer, a newsletter, or when you want to send us a message through our website;
When you use or access our website in connection with using our services;
From third-party providers, services, and public records (e.g., traffic analysis providers).
Data is obtained directly from the Client and/or from an authorized representative of the Client (when completing forms or documents, accessing the website, online applications, or through any other means of communication).

The Client can provide personal data by completing forms on the website, through contracts, through invoices issued to them, through participation in various marketing actions of the company, during which they filled out forms, etc.

Newsletter Registration

On our website, the public has the opportunity to subscribe to various newsletters; the data provided upon subscription will be used exclusively for marketing purposes, to the extent that you have not consented to other uses of the data. You have the option to unsubscribe from the newsletter at any time, using the unsubscribe option provided in the newsletter or by submitting a written request to office@nazzuro.com.

User Rights

Users of the family.nazzuro.ro website have the opportunity to exercise the following rights in relation to LAGUNA AQUA S.R.L:

Right to access personal data – means the right to have access to the data from the completed form. If this Privacy Policy is not considered sufficiently clarifying, you can access information by submitting a request to office@nazzuro.com, where you can find out:

What is the purpose of processing personal data?
What categories of personal data are involved?
Who are the recipients to whom personal data have been provided?
What is the period for which personal data will be stored?
Right to rectify data – if you notice that your personal data is inaccurate or incomplete, you have the right to request rectification or completion by submitting a request to office@nazzuro.com. If personal data is not entered by you, as the data subject, you have the right to request any available information about its origin, and this will be provided to the extent available and only if the author of the data supply can be identified. For this, you will need to provide us with information about yourself to demonstrate that the data supply is not made by your direct action. You can separately request to know whether they are processed or not, and if so, you can request access to them, as well as certain information about them. Upon your request, you will be able to receive a copy of the completed form. You should know that any rectification will be made within a minimum period of one month, but in special conditions, we can extend this period to two months, in which case we will inform you about the extension. Also, if we do not comply with your rectification request or do not respond, and in case we do not reach an agreement regarding the rectification period, you have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing and an appeal in court.

Right to erasure of data or “Right to be forgotten” – is your right to obtain from our company the erasure of personal data from the site without undue delay, and we, as data controllers, have the obligation to comply with the request in case one of the reasons exists:

the data is no longer necessary for the purposes for which it was collected or processed;
you withdraw your consent on the basis of which the processing takes place;
when you object to the processing of your data;
when there are ambiguities regarding the legality of the processing of personal data;
if a legal obligation intervenes, which we will respect as operators;
if the personal data belongs to children under 16, and parents or persons exercising parental rights withdraw their consent.
In turn, depending on the technology available and the cost of implementation, we will take reasonable measures, including technical measures, to inform all processors who have had access to personal data that you have requested their deletion, including copies or links referring to that data.

The situations in which we are NOT obliged to comply with your request to delete personal data are:

exercising the right to free expression and information;
compliance with a legal obligation;
reasons of public interest, in the field of public health;
archiving purposes in the public interest, scientific or historical research or statistical purposes;
establishing, exercising or defending a right in court.
4. The right to restrict access to personal data – means one of the following situations:

rectification of incorrect or inaccurate data, you can request that access to them be restricted during the period necessary for data verification and rectification;
if you discover that the processing is illegal, but you still do not want the deletion of personal data, requesting instead the restriction of their use;
if our company no longer needs the personal data or the storage term has expired, but you want us to keep them to use them in a court action;
if you object to the processing, you can further request the restriction of access to your personal data as long as we check that our legitimate rights as operators prevail over your right to object to the processing. Also, if there is a situation where the processing restriction is lifted, we will inform you in due time.

5. The right to withdraw your consent – for data processing only if your data is processed as a result of the consent expressed, you can at any time send an e-mail to office@nazzuro.com to notify us that you no longer agree with the processing of personal data. The email must include information about the personal data for which you wish to withdraw your consent, the purpose for which it was provided and the communication channels for which you choose to withdraw your consent.
 

Withdrawal of consent/consent to the processing of your personal data has the effect of terminating communications and processing, as well as collaboration. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent before its withdrawal.

6. The right to data portability – is the possibility you have to receive the data provided in the format currently used by us, but which can be read automatically. You can also ask us to transmit these data – to port them – automatically to another operator (legal entity), as you indicate to us.

7. The right to object to the processing – applies only to the particular situations or cases in which you are; it is your right to ask us not to process your data for profiling purposes. An exception to this rule is the situation where there are legitimate reasons that prevail over your right to opposition, such as: establishing, exercising or defending a right in court, yours or another user’s.
All the rights mentioned above are enforced by sending a written, dated and signed request to the headquarters of LAGUNA AQUA S.R.L. Str. Cuza Voda no. 74-76, Oradea, Bihor or to the email address: office@nazzuro.com with the reference “GDPR request”, except for the right to address the National Authority for the Supervision of the Processing of Personal Data and justice (by exercising a single way of attack), which is exercised by written request submitted to the competent authority.
Requests made at intervals greater than 60 days are free.
Requests addressed between 30 and 59 days after the previous request are charged with a reasonable fee representing the processing costs, based on the time allocated by the DPO to resolve the request.
Requests addressed at intervals of less than 30 days may be rejected if they are unfounded or abusive, especially due to the nature of its repetition.
In all situations, if we have doubts about the identity of the applicant, we can request additional information to confirm the identity.
keeping
We will retain your personal information for as long as necessary to provide our services and, as appropriate, to comply with our legal obligations, resolve disputes and enforce our policies. Retention periods will be determined taking into account the type of information collected and the purpose for which it is collected, taking into account the requirements applicable to the situation and the need to destroy outdated, unused information in the shortest reasonable time. In accordance with applicable regulations, we will retain records containing customer personal data, account opening documents, communications and anything else as required by applicable laws and regulations.
 

We may rectify, replenish or remove incomplete or inaccurate information at any time and at our discretion.
Collection of information from third parties
Our policy applies only to the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties or sites on the Internet, different rules may apply to the use or disclosure of information that you reveal. Accordingly, we encourage you to read the terms and conditions and privacy policy of each third party to which you choose to disclose information.

This Privacy Policy does not apply to the practices of companies that we do not own or control or individuals that we do not employ or manage, including any third party that may disclose the information set forth in this Privacy Policy.

How we protect your information?

We take great care in implementing and maintaining the security of the Site and your information. Although we take reasonable steps to protect information, we cannot be responsible for the actions of those who gain unauthorized access to or abuse our Site, and we make no warranties, express, implied or otherwise, that we will prevent such access.
Transfer of data outside the EEA
Please note that some data recipients may be located outside the EEA. In such cases, we will only transfer your data to such countries, approved by the European Commission, offering an adequate level of data protection, or we will enter into legal agreements that ensure an adequate level of data protection.
Marketing
We may use your personal information that you have provided to us or using our third-party subcontractors for the purpose of providing you with promotional materials about our services that we believe may be of interest to you.

Out of respect for your right to privacy, we provide you with means within these marketing materials to opt out of receiving new marketing offers from us. If you unsubscribe, we will remove your email address or phone number from our marketing distribution lists.

Please note that even if you have unsubscribed from receiving marketing emails from us, we may send you other types of important email communications without giving you the opportunity to opt-out. These may include customer service announcements or administrative announcements.
Corporate transaction
We may share information in the event of a corporate transaction (eg, sale of a substantial part of our business, merger, consolidation or sale of assets). In the event of the above, the transferee or the acquiring company will assume the rights and obligations described in this Privacy Policy.
Updates or changes to this Privacy Policy
We reserve the right to change or revise the Privacy Policy from time to time; material changes will be effective immediately upon posting the revised privacy policy. Your continued use of the Platform following notice of such changes on our website constitutes your acknowledgment and agreement to such changes to the Privacy Policy and your agreement to be bound by the terms of such changes.
Final provisions
Continuing your navigation and accessing the content of the family.nazzuro.ro site constitutes acceptance of our privacy policy.

For any suggestions or complaints regarding the content of the privacy policy please contact us at office@nazzuro.com.

In the event that your personal data have undergone changes, and as a consequence it is necessary to update them, we ask you to promptly notify us of this, at the following address: Cuza Vodă Street, no. 74-76, Oradea, Bihor with the clear mention on the envelope “GDPR Request” or by e-mail to the address: office@nazzuro.com.

The general term of storage is for the entire period of collaboration, as well as afterwards, for a reasonable period, determined according to the specific criteria listed above, after which they will be deleted or anonymized, as the case may be.

 
Links:
National Authority for the Supervision of the Processing of Personal Data – here.