dentiality policy regarding the website/webstore is provided by MEGATECH Trading & Consulting, to which we will refer to as “service provider” throughout the document.

ce, with reference to personal data usage is published in light of the EU Rule 679/2016 of the European Parliament and Council from April 27th 2016, regarding the protection of individual data and the free circulation of said data, as well as the abolishment of Directive 95/46/CE (General Regulations regarding data protection).

ce provider respects your confidentiality and takes it upon itself to protect personal data.

This confidentiality notice’s purpose is to inform you about the way your personal data shall be used upon your visit on our website, as well as your confidentiality rights and how the law protects you.

We provide the notice in an easily understandable language so as you can successfully navigate its key sections.

1. Information regarding data protection
2. Personal data that we collect
3. How we collect personal data
4. How collected data is used
5. Communication of personal data
6. Data storage and security
7. User rights and how to apply them
8. Terms and definitions

1. Information regarding data protection

The purpose of this confidentiality notice is to offer information regarding how the service provider collects and processes your personal data, which you provide by visiting our website (when you sign up for a news letter or fill a Form on our website)

The website is not addressed to children, and we do not, through our own will collect data from children.

It is important that you read the confidentiality notice in its entirety, along with any other provided information in regards to confidentiality, or any notification we issue, in certain situation to inform the user that certain data will be processed, so as you are fully aware of how we use personal data. This notice is a supplement to other notification, and does not intend to overwrite them.

The service provider is responsible for your personal data.

If you have any questions, suggestions or complaints, please contact us at office@megatech.ro, and we will resolve any issue swiftly. You have the right to file a complaint/intimation at anytime to the ANSPDCP (Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal), the local authority responsible for personal data protection in Romania.

Modifying the data protection notice and your obligation to inform us of any changes

It’s important that the personal data the user provides to us is correct and up to date. Please let us know if said personal data undergoes changes throughout our collaboration.

Links to third party providers/users

This website contains links to third party websites, plugins or applications in various coding languages.

Accessing outgoing links, activating certain features as well as implementation of certain applications and plugins will allow third parties to collect or store your personal data. We have no control over said third parties, thus we are not responsible for notifications/declarations or policies. After you leave our website, we suggest you read the outgoing website’s confidentiality policies.

By “personal data or information” we mean information that can help us identify a person. Anonymous data is not included in this category.

It is possible we will collect, store or transfer certain types of personal data. This data is categorized as listed below:

- Identity data  (first name, last name, user name or similar identifiers, such as nicknames)

- Contact data  (home address, shipping address, email, phone number)

- Technical data  ( Internet protocol, IP address, log-in credentials, browser type and version, local time, operating system, device used for navigation – PC, tablet, cellphone and so forth)

- Usage data  (website visualization, products, services)

- Marketing and communication data  (preferences regarding our or third parties’ marketing, communications preferences)

Other data that could be collected, stored or transfer includes information about statistics or demographics of any kind. Aggregate data can derive from personal data, but from a legal point of view are not considered personal data, as this kind of data does not directly disclose information about you. For example we can compile user data in order to calculate the percentage of users that access a certain page or specific category from our website. However, cross-referencing aggregate data with personal data so that direct or indirect identification is possible, will be considered personal data, and treated as such.

We do not collect any kind of special personal data, such as race, ethnicity, religion or beliefs, sexuality, political options or sensitive information. Also, we do not collect any kind of information about criminal convictions or offences.

In case you fail to provide personal data, which is contractually or legally required to do so, can lead to us not being able to provide certain services or deliveries. In these cases placed orders for products or orders can be cancelled by us. In this case we will contact you and notify you at that time.

We use various methods in order to collect data from and about you, including:

Direct interactions

You have the possibility to provide us with your personal data (identity data, contact data, financial data) by filling in certain forms, or by corresponding with us directly by phone, post, or email. These interactions include data you provide for us when:

• You order or buy products or services that we provide
• You open an account on our website
• You subscribe to our company’s services or notifications
• You solicitate our company newsletters
• You participate in contests, promotions or surveys we offer
• You offer us feedback

Technologies of automated interactions

During your interaction with our website , it’s possible that we will automatically collect technical data off the device that you are using, actions and navigation patterns. We collect this kind of personal data through the use of cookies, server sessions and other similar technologies. We might also receive technical data if you visit sites that use our cookies. For more details, please visit our Cookie Policy.

Third parties and public sources

It is possible for us to receive personal data about you through certain third parties (and public sources) as follows:

-Technical data provided by:

- Data/service analysis providers (Google Analytics, Google Analytics Ecommerce, StarCounter and so forth)

- Promotional networks/channels (Google Adwords, Google Remarketing, affiliation systems, Social media – Facebook, Instagram, Twitter, YouTube and others)

Will will only use your personal data to the extent de law permits it. In most cases personal data is used in the following cases:

• When we emit or conclude a contract with you
• When your personal data is necessary for our (or third parties’) legitimate interests, as long as our legitimate interests do not contravene with your fundamental rights.
• When we need to abide to laws and regulations.

We generally do not rely on consent as legal ground to process your data, unless we need to broadcast said data to third parties for direct email or text message campaigns.

To withdraw your permission to communicate through marketing campaigns, you can get in touch with us using the contact form available on the website.

Below you will find a description of all the ways we intend to use your personal data, but also what legal grounds we hold for using them. We’ve identified our legitimate interests where it is applicable.

It is important to remember that we can process personal data depending on the specific purpose that we use them for. Please contact us if you need more details regarding our legal grounds to process your personal data.

Purpose/Activity – To register you as a new client

Data types: Identity, contact

Legal ground for data processing: the data is necessary in order constructing a contract with you

Purpose/Activity - Managing your relationship with our company, including:

• Notifications regarding changes in our confidentiality terms and conditions
• Asking for feedback, reviews, or market studies

Data types: Identity, contact, transactions, marketing, communications

Legal ground for data processing:

• this data is necessary for constructing a contract with you
• this data is necessary in order to abide to legal obligations
• this data is necessary for our legitimate interest (updating our data bases, studying how our products and services are used)

Purpose/Activity - Protecting our business and our website (including fixing technical issues, data analysis, testing, system maintenance, support, hosting data and reports, goods and services that could be of interest to the user)

Data types: Identity, contact, technical, usage, profile

Legal ground for data processing: Data processing for our legitimate interest (for our work environment, for providing administrative and IT services, network security, fraud prevention in case of company reorganization)

We want offer you various options regarding certain kinds of personal data that we use for marketing and online publicity. We have created this confidentiality notice, in order for you, the user, to be able to decide how and if your personal data is used.

We could use your personal data (identity data, contact data, technical data, usage data, profile data) in order to form an idea on what you think you want to buy, or what items you need, or could be of interest. This is how we can decide what products, services or offers are relevant for you

You will receive marketing notices, if you asked for information, or if you bought goods or services from us, or you chose to partake in a contest, promotion or any similar situation, and did not specifically request that we stop sending you notices.

We will ask for explicit consent before sharing your personal information for marketing purposes, with any third party.

You can ask us, or third parties to stop marketing activities at any moment, by logging in to your account and unchecking the boxes that specify that you will receive marketing notices. You can also unsubscribe from newsletters and notices by accessing the “Unsubscribe” links in the campaign messages.

If you choose not to receive marketing messages, the personal information you provide upon buying products, services, guarantees and any other transactions will still be collected.

You can set up your web browser to refuse certain, or all cookies. You can also set it to warn you when websites set up or access cookies, In case you refuse or deactivate the browser cookies, we inform you that certain parts of the website could become inaccessible, or will not work properly.

For more information about the cookies our website uses, please consult the “Cookie Policy”.

We will use personal data for the specified purposes, excepting cases where we reasonably consider with a different purpose, as long as said purpose is compatible with the initial one. If you want to receive any explanations regarding how the new purpose is compatible with the original one, please contact us.

If we will need to use your personal information for an independent purpose, we will contact you and explain the legal grounds for doing so.

Please keep in mind that we can process your information without requesting permission or consent according to the regulations listed above, if this is requested or permitted by law.

It is possible to communicate your personal info to the parts listed below, according to the listings from chapter 4.

• Internal third parties as defined in Terms and definitions
• External third parties as defined in Terms and definitions
• Third parties as mentioned in chapter 4
• Third parties we could fusion with, or to whom we can sell parts of our business. Alternatively, we can try to merge or buy other businesses, in which case the new owners can use your personal information for specific reasons, in accordance to our instructions.

We ask all third parties to respect the security of your personal information, and act in accordance with the law. We do not allow third parties that provide services for us to use your personal data in their own interest, but only in accordance to our instructions.

We do not broadcast your personal data outside the European Economic Space (EES).

We have taken the adequate precautions to make sure accidental data loss or unauthorized usage, modification or disclosure do not occur. Furthermore, employees, agents or third parties have restricted access to personal information. They will be able to process information strictly in according to our instructions and will be subjected to a confidentiality contract upon accessing users’ personal information.

We have procedures to deal with any breach of personal information security and will inform you and the appropriate authorities in case we are forced to.

We will store personal information for as long as it takes to fulfill any purpose, including but not limited to legal, financial or reporting requirements.

In order to determine the adequate amount of time we will be storing personal data for, we take into consideration the value, nature or sensitivity of said data, the risks of unauthorized processing, the purpose we have collected it for, and how we can legal requirements.

Details about the period during which we store personal information shall be made available through our data storage policy which you can request by contacting us or reading chapter 4. of this notice)

Given certain circumstances, you can request personal information deletion – we will elaborate further in this document.

We can also anonymize personal information, so that they can no longer be associated with you, for research and statistical purposes, in which case we can inform you without any other notification

Given certain circumstances, you have, in accordance with current legislation, the right to request:

• • Access to personal data that we’ve stored. • Ask that certain personal information be corrected • The objective of processed information • Restrictions in personal information processing • Transfer of personal information • The right to retract consent regarding personal information

If you wish to exercise any of the above, please contact us. /p>

There are no taxes to pay in this case. We can, however, request a tax if your request is unclear, repetitive or excessive. In these situations, we also reserve the right to deny your request.

In order for us to follow through on your request, we could ask for specific information, that helps us identify you, and make sure you have the proper authority to access personal data (or exercise any of the rights listed above). This is a security precaution to make sure personal information is not leaked to people who do not have the right to access it. We can also contact you to ask for further information regarding your request.

We will try to answer all request in less than a month. Occasionally it can take longer than that if your request is complex, or if you have multiple questions for us. In this case you will be notified.

Legal grounds  - legitimate interest means our business’ interest, in regards to management, and we will inform you about what data is being collected and what your rights are before processing said data. We do not use personal information for our individual interests (unless we have your consent or legal basis). You can obtain further information about how we evaluate our legitimate interests and what impact that has on you, by contacting us.

Contractual completion – translates in the processing of personal data where necessary for a vigorous contract, and take certain actions if you request contract termination.

Fulfilling obligations and legal regulations – this notion translates into the processing of personal information due to legal obligations we are under.

Considered third parties:

- Providers (that act as processors) from Romania that offer IT and system administration services

- Professional counselors (that act as common data processors) including lawyers, accountants, bakers, auditors, or insurers in Romania, that act as consulting, juridical, banking, insurance and accounting providers.

User rights are as follows:

Requesting to access your personal data - this allows you to receive a copy of all personal information that we have collected about you, and verify if we are using said information in legal boundaries.

Requesting corrections of the information that we have about you - this allows you to request that we correct any incomplete or inexact information we have about you, meaning that we could ask for verification of the provided information.

Requesting deletion of your personal data - this allows you to request erasing personal information, in case there is no real reason for this information to be stored by us. You can also request data deletion if you have successfully exercised your right to oppose personal information processing, in case we have processed data illegally or are obligated to delete data under legal terms. It’s possible that we won’t be able to erase your information due to juridical reasons.

Objecting personal data processing - In case we (or a third party) have a legitimate interest, but you have a particular reason to object data processing, as it contravenes your fundamental rights and freedoms. You also have the right to object to data processing for the purpose of direct marketing. In some cases, we can provide credible evidence that we have legitimate reasons to process information beyond basic rights and freedoms.

Requesting restriction on personal data processing - this allows you to request that we halt data processing in the following scenarios: (a) if you want to check the accuracy of the information; (b) if using your data is illegal but you do not want the data erased; (c) if you need to store the information even if we no longer require them, in order to have something to back up legal claim, or (d) if you’ve given us permission to use your data, but the legal grounds to use and process them have yet to be determined.

Requesting the transfer of your personal data to you or a third party- We will provide you, or a third party you’ve chosen, with your personal information in a common electronic format. Keep in mind that this right is only available for information you have initially granted us consent to collect, or information collected following a drafted contract.

Retracting consent at any moment for processing information that requires explicit consent - this does not affect in any legal way the processing done prior to consent retraction. Retracting consent could lead to our impossibility to provide certain goods or services. In this case, we will notify you at the time of consent retraction.

These rights can pe exercised directly towards MEGATECH Trading & Consulting SRL through a request sent to office@megatech.ro.

Contact data
Responsable: Matei Gheorghe
MEGATECH Trading & Consulting SRL
info@megatech.ro