We know that the processing of personal data is a very serious subject, therefore, this procedure describes in detail each flow within the organization, in which personal data of customers, partners, potential customers or visitors to the platform are processed.
The biggest challenge is to secure these data against unauthorised processing without the consent of the data subject and only for the purposes for which consent was obtained.
COMTECH CO SRL, undertakes major efforts to keep your information and preferences safe. We know how important it is to feel safe when you are online, that’s why we assure you of data privacy, as you are currently on an encrypted connection. (SSL) whereby, the information transmitted is encrypted and is processed by us only with your consent. Remember, at any time during the course of our collaboration, you can express your choice regarding the processing of your data. personal data.
We are fully aware that the GDPR merely provides a modernised, compliant, accountability-based legal framework for the protection of personal data.
Processing your data is necessary to provide you with the services you request. In this regard, we take several security measures to protect you online. One of the measures we have taken to ensure transparency and proportionality towards you is to is to eliminate unnecessary collection of personal data and minimise the data we collect. That’s why we only request the information we need and store it to improve your experience.
Please read the terms and conditions carefully before using this site to place an order.
- TERMS AND CONDITIONS OF USE
is the property of COMTECH CO SRL , with registered office in Slatina, Str Constructorului, Nr. 3, Jud Olt, CUI RO9600823, Nr. Reg. Com. J28/215/1997, hereinafter referred to as COMTECH CO SRL.
Accessing, visiting, using or buying products / services / packages presented on the website
implies acceptance of the terms and conditions listed below.
COMTECH CO SRL reserves the right to refuse to collaborate with clients who show inappropriate behaviour and language (aggressive, licentious, etc.) or who have a history of collaboration with debtors.
COMTECH CO SRL reserves the right not to honor the delivery of products or services whose price is wrong and does not fit into the company’s price grid. In this case, the customer will be contacted and will have the option to confirm the order at the correct price or to refuse it.
COMTECH CO SRL reserves the right to make changes and updates to these terms and conditions and to the offer without prior notice and without stating reasons; also, COMTECH CO SRL reserves the right to correct any omissions or errors in the display that may occur as a result of typing errors, inaccuracies or errors in the software products without prior notice. These errors do not bind COMTECH CO SRL to any action.
- HOW THE COLLABORATION IS CARRIED OUT
Delivery shall be made within the mutually agreed time limit, in accordance with the provisions and clauses of the concluded contract (in the case of collaboration or service contracts) or respecting the terms and conditions agreed in the initial discussions, prior to the firm order from the user.
COMTECH CO SRL is not the beneficiary of transport costs in case of deliveries.
Site content and design
are the property of COMTECH CO SRL and is protected under copyright law and laws on intellectual and industrial property rights. You may not reproduce the materials posted on the site without written permission from COMTECH CO SRL. The use without written consent of COMTECH CO SRL of any elements on the site is punishable under the laws in force. The personal data of the buyers may be transmitted to the authorities at law following a request in accordance with the laws in force, in order to carry out any verification of commercial transactions or any other checks justified by law.
The service contract concluded between COMTECH CO SRL and its Customers gives the right to the Customers to copy and/or print portions of the website content (manuals and tutorials) for personal use only, without commercial intent.
COMTECH CO SRL may, without any further notice or formality and without this requiring an explanation of its attitude, suspend or terminate your access to the content of the site or any part of this content.
COMTECH CO SRL does not assume liability, in any situation, for any damage, caused directly or indirectly, suffered as a result of the use or interruption of use or lack of regularity of the information and services provided on this site. COMTECH CO SRL does not guarantee the accuracy, correctness or timeliness of the information provided.
- ORDERS AND REQUESTS FOR QUOTATIONS
Orders or requests for quotations can only be given using the contact form on this website. The user is obliged to provide accurate and as concrete data as possible regarding the desired project. COMTECH CO SRL cannot be held liable in any way for any inconvenience caused by the User providing incorrect or incomplete information.
If COMTECH CO SRL considers a request or an order to be incomplete or incorrect, it may request further details from the user using the e-mail address or contract telephone number provided by the user, or it may delete the request without notifying the user.
Disputes can be settled amicably or through the competent courts or mediators. The European Commission has implemented a
online dispute resolution platform
- NOTIFICATIONS AND ANNOUNCEMENTS
COMTECH CO SRL reserves the right to send notifications regarding the services offered as well as announcements from third parties, when they may be of benefit to users.
All users of this site are subject to these terms and conditions so accessing this site constitutes acceptance of and compliance with the Terms and Conditions set forth herein.
The purpose of data collection is: provision of services according to the current offer/
Any person has the right to object, free of charge and without justification, to the processing of his/her personal data for direct marketing purposes.
According to Romanian law, minors cannot enter into commercial contracts and their personal data is not processed without parental consent.
Non-acceptance of this agreement or of any of its provisions entails the obligation of the person concerned to immediately cease accessing the site or using the service in any way, and the continued access or visit of the site, use in any way of the service constitutes acceptance in full of the agreement and of any of its provisions, including any subsequent modifications that may be made without restriction by the provider, without any further formality being necessary.
COMTECH CO SRL guarantees the security and confidentiality of data hosted and transmitted through its computer system. This information may be used by COMTECH CO SRL to send the user confirmation of orders, various special offers, promotions, etc. only with the consent of the data subject.
The provision of personal data to COMTECH CO SRL does not imply any obligation on the part of the users, and they may refuse to provide these data in any circumstances and may request their deletion from the database free of charge.
COMTECH CO SRL, owner of the online platform, does not intervene directly or indirectly on the databases where the information about customers is stored.
In order to make possible the invoicing, dispatch and delivery of the orders placed, the user must agree that COMTECH CO SRL collects and processes the data entered, according to the requirements of Law no. 679/2016 (GDPR).
According to the requirements of Law no. 679/2016 (GDPR) for the protection of individuals with regard to the processing of personal data, and the protection of privacy in the electronic communications sector, COMTECH CO SRL is obliged to manage safely and only for the specified purposes, the personal data provided.
In this regard, COMTECH CO SRL has developed a series of technical and organizational measures to prevent risks that may occur in the processing of personal data.
The processing of personal data within the organization is conditioned by a series of technical and organizational measures in order to secure them.
These measures are designed to protect information at the organisational level against security incidents.
At the level of the organisation, the following security measures have been taken to reduce risks:
– SSL Certificate – is designed to secure the exchange of information over the Internet. It encrypts the information before it travels over the Internet. Encrypted information can only be decrypted by the server to which it is addressed. This guarantees that information submitted to a website/online platform will not be stolen, intercepted, processed.
Bank card information, passwords and generally any information that is intended to remain private is secured by this certificate.
- SSL certificate of the online platform
COMTECH CO SRL
is also used for securing e-mail correspondence, so that the personal data of the clients circulate in a secure environment and regulated by a series of security measures that ensure the confidentiality of the information.
- Automatic back-up – set at a time interval to guarantee the information and for all customers to be sure that the information and preferences provided by them do not disappear and are not destroyed, lost or incorrect in case of a server failure.
- Anti-spam and anti-virus filters that prevent the infiltration of malicious content or viruses that may process data in an unauthorised manner or transmit it to other entities or persons who have not obtained the data subject’s consent.
- Protect the content of the customer profile by introducing a more complex password generation rule. The customer is asked, when creating the account, for a password that meets a higher complexity criterion (alphanumeric + special characters);
- Securing modules and scripts that communicate within the platform. It constantly checks the functioning of the elements involved in client-server, server-client interaction.
- Verification and optimization of modules This measure prevents the identification of global vulnerabilities in the platforms used, 0-day vulnerabilities that can intercept the exchange of data and therefore personal data in the interactions of the client with the platform or of the process owner with the client and the platform.
- Classification of access types by the process manager – administration groups, possibility to add or delete certain rights on a user with full access – customization of access according to need.
- Password protection of the device on which the process owner performs data processing to prevent unauthorised intervention.
- Firewall – software program and hardware component installed in the server location of the company offering the hosting of the online platform, are intended to protect the server and network equipment against computer attacks, unauthorized intrusion attempts, installation of malicious software applications that may jeopardize the personal data of platform users. The firewall blocks unauthorized persons from accessing information stored on the
equipment connected to the Internet.
- Access to data processing systems where personal data is processed is only possible after the authorized person has been successfully identified and authenticated (e.g. with username and password or chip/PIN card), using the best security measures. In the absence of authorisation, access is refused.
- All access attempts, both successful and unsuccessful, are logged (user ID, computer, IP address used) and archived in an audit-compliant format for 3 months. In order to detect misuse, the server performs repeated, random checks;
- Access is blocked after repeated incorrect login attempts.
- Constant checking of platform vulnerabilities, which could allow the extraction of personal information and data. The hosting has security measures and solutions that recurrently scan the processed files and data flow circulating within the platform;
- Combat the risks of security breaches by taking technical and organisational precautions by securing the platform and constantly updating it with stable versions.
- Password security of equipment that has direct access to the order table and customer delivery/billing data to prevent unauthorised access and therefore unauthorised processing by unauthorised persons.
- Destruction of documents that are no longer needed (notes, erroneous invoices, etc.) using a document shredder at the disposal of the process manager;
- Eliminate the risk generated by the human factor by prohibiting the processing of information outside the secure platform with the exception of the preparation of transport notes in the courier company’s platform, which is also a secure environment;
- Adoption of security measures without differentiating between types of customers (new/existing/potential);
- Adoption of an internal policy of verification of processes and processing at the time of product delivery or information retrieval regarding an order or possible offer;
- Avoiding differentiation between clients through mechanisms that can positively or negatively profile the targeted person. For this reason, we do not ask for personal data on sexual orientation, sexual interests, gender, religion, membership of movements or groups, etc. Customers are free to order and choose what they want. By this measure, we consider that we respect the integrity of the person and avoid any trace of analysis/profiling based on these criteria.
- Informing customers about the delivery, return and order processing procedure;
- Train the process owner on the risks of processing personal data outside the online platform.
- Train the process owner on the need for notification in the event of a major security incident.
- Training of the process manager on how to handle situations that may occur when processing data within the platform (errors, user errors).
- Training the process owner on the use of the information they process and awareness of the nature of personal information;
- Prohibiting data processing outside the platform by managing orders directly in the user interface of the platform, not requiring data processing in other insecure and vulnerable environments.
- The process owner is regularly trained on:
- Data protection principles, including technical and organisational measures
- The requirement to maintain the secrecy of data and confidentiality of the organization’s secrets and trade secrets, including transactions;
- Correct, careful use of data, data media and other documents;
- The secret of telecommunications;
- Other specific confidentiality obligations where necessary;
From the point of view of processing, within COMTECH CO SRL, personal data are processed only for the purposes for which the data subject’s consent has been obtained, including for parallel purposes and for the conclusion of a contract or the delivery of a product to the customer, requested by the latter.
As this organization operates mostly online, the processing of personal data of customers is transmitted online through the applications and platform on which orders and requests for quotation are requested. The data collected is minimized and is directly related to the purpose for which consent was obtained and is necessary to contact the customer in the case of a request for an offer or to deliver and provide the product/service ordered as required or its return.
COMTECH CO SRL legal entity registered at the Trade Register(J28/215/1997, CUI RO9600823) is a direct operator. The purpose of processing personal data is the provision of products and services through the online platform as well as the parallel purposes of this activity: return of products, processing of information necessary for delivery, improvement of the user experience by retaining certain settings or preferences, after obtaining the user’s consent, price changes, product/service features, stock changes, promotions, billing.
The categories of persons targeted are: current/potential customers or visitors to the website.
The ways in which data subjects are informed of their rights are:
- Terms and conditions of use of the platform/online shop;
- On the website in a dedicated section;
- By email following registration on the platform, as well as if the client requests additional information, requests for quotation;
- In the contact form on the website (please attach the document);
Exercising the rights provided for by Law 679 / 2016 (GDPR) is entirely the responsibility of the controller who is also legally obliged to designate a person responsible for processing personal data within the organization. This person will develop a set of technical and organisational measures for securing data processing and is obliged to inform the controller about the nature of the processing processes, types of information and how these processes are carried out within the organisation. The controller has the responsibility and the obligation to ensure that these measures are implemented, that there is no risk of security breaches or leaks of information as well as compliance with the legislation in force regarding data processing and data subjects’ rights.
The following personal data are processed through the online platform:
- name and surname
- Phone/ Fax
COMTECH CO SRL does not process special categories of data.
COMTECH CO SRL does not transfer data abroad or to third parties
The processing of personal data has no connection with other record-keeping systems. The actual activity of the company is to take orders initiated by customers through the online platform, to store and process them for invoicing, shipping and delivery of ordered products.
The information entered by the client on the platform is processed and stored strictly in accordance with the purposes for which the client’s consent was given:
- Withdrawal from a concluded contract (withdrawal can be made according to the law, taking into account the conditions under which this contract was originally concluded and the legal provisions agreed upon initially);
The purpose of data collection is to invoice orders, send correspondence and honour orders. Your refusal to provide the data, determines the impossibility of placing your order on this site. and processing it as required, and the impossibility of fulfilling the purpose.
According to Law no. 679/2016 (GDPR), the user benefits from the right of access, the right to be forgotten, the right to portability of information and personal data, the right to intervene on the data, the right not to be subject to an individual decision and the right to take legal action. He/she also has the right to object to the processing of personal data and may request the deletion of the data. To exercise these rights, the user may send a written request, dated and signed, to the following e-mail address
. Also, if any of the user data is incorrect, please let us know so that we can make the necessary corrections.