Welcome to https://hrup.ro/

 

We know that the processing of personal data is a very serious subject, therefore, this procedure describes in detail each flow within the organization, in which personal data of customers, partners, potential customers or visitors of the platform are processed.

The biggest challenge is to secure this data against unauthorized processing, without the consent of the data subject and only for the purposes for which the consent was obtained.

 

EASY HR MANAGEMENT S.R.L., undertakes major efforts to keep safe the information and preferences of the drvs. We know how important it is to safely stop when you are in the online environment, so we assure you of the confidentiality of the data, given that at this moment you are on an encrypted connection (SSL) through which, the transmitted information is encrypted and is processed by us only with your consent. Please note, at any time during the course of our collaboration, you may express your choice regarding the processing of your personal data. personal.

We are absolutely aware that GDPR only provides a modernized legal framework for compliance, based on the responsibility for the protection of personal data.

Processing of your personal data it is necessary to provide you with the services you request. In this regard, we take several security measures to protect you in the online environment. One of the measures taken by us to ensure transparency and proportionality towards you. is to eliminate unnecessary collection of personal data and minimization of the data we collect. Therefore, we only ask for the information we need and store it to improve your experience.

Please read the terms and conditions carefully before using this site to place an order.

 

  • TERMS AND CONDITIONS OF USE

 

               The https://hrup.ro/ site is the property of EASY HR MANAGEMENT S.R.L., Bld. Ion C. Bratianu, Nr.24, Camera Nr.2a, Et.8, CUI 45995495, Nr. Reg. Com. J03/960/2022, hereinafter referred to as EASY HR MANAGEMENT S.R.L..

               Accessing, visiting, using or buying the products / services / packages presented on the https://hrup.ro/ site implies the acceptance of the terms and conditions listed below.

 

EASY HR MANAGEMENT S.R.L. reserves the right to refuse to collaborate with clients who manifest inappropriate behavior and language (aggressive, licentious, etc.) or who have debits in their history of collaboration.

 

EASY HR MANAGEMENT S.R.L. reserves the right not to honor the delivery of products or services whose price is wrong and does not fit into the company’s price grid. In this case, the customer will be contacted and will have the option to confirm the order at the correct price or to refuse it.

               EASY HR MANAGEMENT S.R.L. reserves the right to make changes and updates to these terms and conditions, as well as to the offer, without prior notice and without specifying the reasons; also, EASY HR MANAGEMENT S.R.L. reserves the right to correct any omissions or errors in the display that may occur as a result of typing mistakes, lack of accuracy or errors of software products, without prior notice. These errors do not oblige EASY HR MANAGEMENT S.R.L. to any action.

 

  • HOW TO CARRY OUT THE COLLABORATIONS

 

               The delivery is made within the term established by mutual agreement, in accordance with the provisions and clauses of the concluded contract (in the case of collaboration or service contracts) or respecting the terms and conditions agreed in the initial discussions, before the firm order coming from the user.

EASY HR MANAGEMENT S.R.L. is not the beneficiary of transport costs in the case of deliveries.

 

  • COPYRIGHT

 

The content and design of the site https://hrup.ro/ are the property of EASY HR MANAGEMENT S.R.L. and is protected according to the Copyright Law and the laws regarding the intellectual and industrial property right. You cannot reproduce the materials displayed on the site without having a written permission from EASY HR MANAGEMENT S.R.L.. The use without the written consent of EASY HR MANAGEMENT S.R.L. of any elements on the site is punishable according to the laws in force. The personal data of the buyers may be transmitted to the authorities in law following a request in accordance with the laws in force, in order to perform any verification of commercial transactions or any other verifications justified under the law.

The service contract concluded between EASY HR MANAGEMENT S.R.L. and its Clients entitles the Clients to copy and/ or print portions of the site’s content (manuals and tutorials) only for personal use, without commercial intention.

EASY HR MANAGEMENT S.R.L. may, without any other notice or formality and without this needing to explain its attitude, suspend or terminate your access to the content of the site or to a part of this content.

EASY HR MANAGEMENT S.R.L. does not assume liability, under any circumstances, for any damage, caused directly or indirectly, suffered as a result of the use or interruption of the use or the lack of regularity of the information and services provided on this site. EASY HR MANAGEMENT S.R.L. does not guarantee the accuracy, correctness or timeliness of the information provided.

 

  • ORDERS AND REQUESTS FOR PRICE OFFERS

 

Orders or requests for price offers can only be given using the contact form on this site. The user has the obligation to provide correct and concrete data regarding the desired project. EASY HR MANAGEMENT S.R.L. cannot be held liable in any way for inconveniences caused by the provision by the user of incorrect or incomplete information.

If EASY HR MANAGEMENT S.R.L. considers a request or order to be incomplete or incorrect, it may ask the user for additional details using the e-mail address or the contract phone number provided by him or he may delete the request without any notification of the user.

 

  • HOW TO RESOLVE DISPUTES

 

Dispute resolution can be done amicably or through the competent courts or through mediators. The European Commission has implemented an online dispute resolution platform.

 

  • NOTIFICATIONS AND ANNOUNCEMENTS

 

EASY HR MANAGEMENT S.R.L. reserves the right to send notifications regarding the services offered as well as announcements from third parties, when they may be for the benefit of users.

 

  • DISPOZITII FINALE

All users of this site are subject to these terms and conditions so accessing it implies acceptance and compliance with the Terms and Conditions provided in this document.

The purpose of data collection is: to provide services according to the current offer /

Everyone has the right to oppose, free of charge and without any justification, the processing of his personal data for direct marketing purposes.

According to the Romanian legislation, minors cannot conclude commercial contracts and their personal data are not processed without the consent of the parents.

Failure to accept this Convention or any provision thereof entails the obligation of the respective person to cease immediately accessing the site or using the service in any way, and accessing or continuing to visit the site, using the service in any way constitutes a full acceptance of the Convention and any provision thereof, including any subsequent changes that may be made without restrictions by the provider, without the need for any other formality.

 

  • PRIVACY POLICY

 

EASY HR MANAGEMENT S.R.L. guarantees the security and confidentiality of the data hosted and transmitted through its information system. This information may be used by EASY HR MANAGEMENT S.R.L. to send the user the confirmation of orders, various special offers, promotions, etc. only on the basis of the consent of the data subject.

               The provision of personal data to EASY HR MANAGEMENT S.R.L. does not imply mandatory on the part of users, and they may refuse to provide these data in any circumstances and may request free of charge their deletion from the database

EASY HR MANAGEMENT S.R.L., owner of the online platform, does not intervene directly or indirectly on the databases where customer information is stored.

In order to make possible the billing, dispatch and delivery of placed orders, the user must agree that EASY HR MANAGEMENT S.R.L. to collect and process the registered data, according to the requirements of Law no. 679/2016 (GDPR).

               According to the requirements of Law no. 679/2016 (GDPR) for the protection of individuals with regard to the processing of personal data, and the protection of privacy in the electronic communications sector, EASY HR MANAGEMENT S.R.L. has the obligation to manage safely and only for the specified purposes, the personal data provided.

               In this regard, EASY HR MANAGEMENT S.R.L. has developed a series of technical and organizational measures to prevent risks that may occur in the processing of personal data.

The processing of personal data within the organization is conditioned by a series of technical and organizational measures in order to secure them.

These measures have the role of protecting information at the organization level against security incidents.

 

At the level of the organization, the following security measures have been undertaken to reduce the risks:

 

Technical measures:

 

– SSL certificate – has the role of securing the exchange of information through the Internet. It encrypts the information, before it circulates through the Internet. Encrypted information can only be decrypted by the server to which it is addressed. This guarantees that the information sent to a website / online platform will not be stolen, intercepted, processed.

 

               Information about bank cards, passwords and in general any information that is intended to remain private is secured by this certificate.

 

  • The SSL certificate of the online platform EASY HR MANAGEMENT S.R.L. is also used to secure e-mail correspondence, in such a way that the personal data of the clients circulate in a secure environment and regulated by a series of security measures that ensure the confidentiality of the information.

 

  • Automatic back-up – set to a time interval to guarantee information and for all clients to be sure that the information and preferences provided by them do not disappear and are not destroyed, lost or incorrect in case of a server error.

 

  • Anti- spam and antivirus filters that prevent the infiltration of malicious content or viruses that can process data in unauthorized way or that can transmit them to other entities or persons who have not obtained the consent of the data subject.

 

  • Protecting the content of the client profile by introducing a more complex password generation rule. The client is asked, when creating the account, a password that meets a higher complexity criterion (alphanumeric + special characters);

 

  • Securing modules and scripts that communicate inside the platform. The functioning of the elements involved in the client-server, server-client interaction is constantly checked.

 

  • Checking and optimizing modules in order to maintain them up-to-data to prevent vulnerabilities. This measure prevents the identification of vulnerabilities at a global level in the platforms used, 0-day vulnerabilities that can intercept the exchange of data and implicitly personal data in the interactions of the client with the platform or of the process manager with the client and the platform.

 

  • Classification of access types by the process manager – management groups, the possibility to add or delete certain rights on a user with full access – personalizing access as needed.

 

  • Password protection of the device from which, the person responsible for the process performs the data processing, in order to prevent unauthorized intervention.

 

  • Firewall – software program and hardware component installed in the location of the servers of the company that offers online platform hosting, are intended to protect the server and network equipment, against computer attacks, unauthorized penetration attempt, installation of malicious software applications that can endanger the personal data of the platform users. The firewall blocks the access of unauthorized persons to the information stored on the

               equipment connected to the Internet.

 

  • Access to the data processing systems in which the personal data are processed is possible only after the authorized person has been successfully identified and authenticated (e.g. with username and password or card with chip / PIN), with the use of the most advanced security measures. In case of lack of authorization, access is denied.

 

  • All access attempts, both successful and rejected, are recorded (user ID, computer, IP address used) and archived in a format according to the audit rules for 3 months. In order to detect improper use, the server performs repeated, random checks;

 

  • Access is blocked after repeated incorrect authentication attempts.

 

  • Constant verification of platform vulnerabilities , which could allow the extraction of information and personal data. Hosting has security measures and solutions that recurrently scan the processed files and the data flow circulating inside the platform;

 

  • Combating the risks of security breaches by taking precautionary measures from a technical and organizational point of view by securing the platform and constantly updating it with stable versions of it.

 

  • Securing with the password of the equipment that has direct access to the order table and to the delivery / billing data of the customers in order to prevent unauthorized access and implicitly unauthorized processing by uninformed persons.

 

Organizational measures:

 

  • Destruction of documents that are no longer needed (notes, erroneous invoices, etc.) using a document destroyer at the disposal of the process manager;

 

  • Eliminating the risk generated by the human factor by prohibiting the processing of information outside the secured platform, except for the preparation of transport notes in the courier company’s platform, which is also a secure environment;

 

  • Adopting security measures without differentiating between types of customers (new / existing / potential);

 

  • Adopting an internal policy for checking the processes and processing when putting the product on delivery or taking over the information regarding an order or possible offer;

 

  • Avoiding differentiation between clients through mechanisms that can positively or negatively profile the target person. For this reason, we do not request personal data sexual orientation, sexual interests, sex, religion, belonging to movements or groups, etc. Customers are free to order and choose what they want. By this measure, we consider that we respect the integrity of the person and avoid any trace of analysis / profiling based on these criteria.

 

  • Updating the privacy policy and the Terms and conditions of EASY HR MANAGEMENT S.R.L.

 

  • Informing customers about the procedure of delivery, return and processing of orders;

 

  • Training the process manager on the risks of processing personal data outside the online platform.

 

  • Training the process manager on the need for notification in case of a major security incident.

 

  • Training of the process manager on the management of situations that may occur when processing data inside the platform (errors, errors of use).

 

  • Training the process manager on the use of the information they process and being aware of the character of the personal information;

 

  • Prohibiting data processing outside the platform by managing orders directly in the platform’s user interface, without the need to process data in other unsecured and vulnerable environments.

 

  • The process manager is regularly trained on:

 

  • Principles of data protection, including technical and organizational measures
  • The requirement to maintain data secrecy and confidentiality regarding the organization’s secrets and trade secret, including the transactions made;
  • Correct, careful use of data, data media and other documents;
  • The secret of telecommunications;
  • Other specific obligations regarding confidentiality, where necessary;

 

               From the point of view of processing, within EASY HR MANAGEMENT S.R.L., personal data are processed only for the purposes for which the consent of the data subjects was obtained, including for parallel purposes and for the conclusion of a contract or the delivery of a product to the customer, requested by him.

 

               Given that this organization operates mostly in the online environment, the processing of personal data of customers is transmitted online through applications and the platform on which orders and requests for offer are requested. The data collected are minimized and are directly related to the purpose for which consent was obtained and are necessary to contact the customer in case of an offer request or to deliver and make available the product / service ordered according to the requirements or its return.

 

EASY HR MANAGEMENT S.R.L. the legal person registered with the Trade Register (J03/960/2022, CUI 45995495) is a direct operator. The purpose of personal data processing is the provision of products and services through the online platform as well as the parallel purposes of this activity: returning products, processing the information necessary for delivery, improving the experience for the user by retaining certain settings or preferences, after obtaining his consent, price changes, characteristics of products / services, stock changes, promotions, billing.

               The categories of data subjects are: current / potential clients or visitors to the website.

 

               The ways in which the data subjects are informed about their rights are:

 

  • Privacy Policy;
  • Terms and conditions of using the platform / online store;
  • On the web page in a dedicated section;
  • By email following the registration in the platform, as well as if the client requests additional information, requests for offer;
  • In the contact form on the website (the document will be attached);

 

               The exercise of the rights provided by law 679 / 2016 (GDPR) belongs entirely to the operator who has the legal obligation and to designate a person responsible for the processing of personal data within the organization. This person will elaborate a set of technical and organizational measures to secure the data processing and has the obligation to inform the operator about the nature of the processing processes, the types of information and the way in which these processes take place within the organization. The operator has the responsibility and obligation to ensure that these measures are implemented, that there is no risk of security breaches or leaks, as well as compliance with the legislation in force regarding data processing and the rights of the data subjects.

 

Through the online platform, the following personal data are processed:

  • name and surname
  • enamel
  • phone/ Fax
  • address

 

EASY HR MANAGEMENT S.R.L. does not process categories of special data.

EASY HR MANAGEMENT S.R.L. does not transfer data abroad or to third parties

 

               The processing of personal data is not related to other record-keeping systems. The actual activity of the company is to take over the orders initiated by the customers through the online platform, to store and process them in order to invoice, send and supply the ordered products.

 

               The processing of the information entered by the client in the platform is processed and stored strictly in accordance with the purposes for which his consent was offered:

  • Invoicing;
  • Delivery;
  • Withdrawal from a concluded contract (withdrawal can be made according to the law, taking into account the conditions under which this contract was initially concluded and the legal provisions initially agreed);

 

               The purpose of data collection is to invoice orders, send correspondence and fulfill orders. Your refusal to provide the data, determines the impossibility of placing your order on this site. and its processing, according to the requirements, as well as the impossibility of fulfilling the purpose.

               According to Law no. 679/2016 (GDPR), the user benefits from the right of access, the right to be forgotten, the right to port information and personal data, the right to intervene on the data, the right not to be subject to an individual decision and the right to appeal to justice. At the same time, it has the right to oppose the processing of personal data and may request the deletion of data. In order to exercise these rights, the user can address with a written request, dated and signed to the e-mail address office@hrup.ro. Also, if some of the user data is incorrect, we ask that we be notified this, in order to make the necessary corrections.