Privacy Policy

General

Crâznic and Associates – Attorneys at Law (Crâznic) takes the security of and our legal responsibilities concerning your personal data very seriously. This privacy policy sets out which personal data we collect from you through our interaction with you, how we process it and provides information about your rights in relation to the processing of your personal data.

Data Controller

Crâznic and Associates – Attorneys at Law is mainly focused on assisting and representing clients, both individuals or companies, in matters regarding criminal law, civil and commercial litigation, family law. Our identification details are:

• Address: 35 Unirii Bld. District 3, post code 030822, Bucharest, Romania
• Email: office@craznic.ro
• Telefon: +40.318.081.755
• Fax: +40.318.081.755

Data Subjects

As part of our services, we may collect and process personal data related to:

• our customers, suppliers, business contacts and potential customers (and/or from individuals associated with them);
• individuals whose personal data we obtain in connection with providing professional services to our customers (e.g. our customer’s employees, customers and suppliers, our customers’ and employees’ family members, government agency contact persons, other advisors to the data subject);
• our employees and job applicants;
• the visitors to our website and social media.

What personal data do we process

Depending on the nature of the services we provide, the legal obligations to which we are subject, our legitimate interests or the specific consent you grant us to that end, we may collect or obtain following categories of personal data:

• your name, age, date of birth, gender, language;
• your contact details (e.g. address, name, contact title, phone, email and other contact details);
• your business activities;
• your marital status and family information;
• employment and education details (e.g. the organisation you work for, your job title and your education details);
• government identifiers (e.g. national insurance number, passport number, ID-card);
• payroll, income, tax, creditworthiness, and other financial information;
• posts on social media applications we use (Facebook, LinkedIn, blogs, forums etc);
• educational level.

For certain services or activities, and when required by law or with an individual’s explicit consent, we may also collect special categories of personal data. Special categories include race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sexual life or sexual orientation and criminal records.

How do we collect personal data

We may collect or obtain personal data because you provide it to us directly, because other parties give that data to us (e.g. our customers about their employees, customers, customers and other data subjects whose personal data they collect; other advisors to the data subject; government agencies; or third party service providers that we use to help operate our business;), through our website and social media tools, or because it is publicly available.

How do we use personal data

We are using personal data for the following purposes:

• Contract entry and continuance;
• Providing professional services to our (potential) customers;
• Managing and developing our businesses and services;
• Recruitment and personnel administration;
• Quality and risk management during our service provisioning;
• Complying with any requirement of law;
• Protecting our rights and those of our customers.

Disclosing of personal data

From time to time transfer or disclose your personal data to third parties for any of the purposes listed above, including to governmental and professional agencies and third parties who perform services on our behalf, such as web hosting providers, IT-providers, payment providers etc.
We may also disclose your personal data to third parties where it is required to do so by law, a regulator or for the purposes of, or in connection with, any legal proceedings, or otherwise for the purpose of establishing, exercising or defending our legal rights.
Due to the global nature of our operations, we may transfer your personal data outside the European Economic Area (EEA) to countries whose data protection laws may not be as extensive as those in the EU.
We do not sell or rent your personal data for any purpose.

Your rights as Data Subject

As data subject in the relationship with us as controller depending on the legal grounds on which we are processing the data you have the following rights:

• Correcting any of your personal data which are inaccurate;
• Withdraw consent to our processing (where you have provided it);
• Restricting on our processing of your personal data;
• Objecting to our processing of your personal data;
• Request deletion of personal data;
• Asking for a copy of your personal data (data portability).

In order to exercise any of your data subject rights please contact us at office@craznic.ro.
If we receive a request from you to exercise data subject rights and we are acting as a Processor within our relationship with our customer, we will redirect you accordingly and you should address your requests to our customer.

Complaints

Should you have any questions or complaints in relation to this privacy statement or the way we collect and process your personal data, please contact us at using the following channels:

• Address: 35 Unirii Bld. District 3, post code 030822, Bucharest, Romania
• Email: office@craznic.ro
• Telefon: +40.318.081.755
• Fax: +40.318.081.755

In case you are dissatisfied, with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the National Supervisory Authority for Personal Data Processing (Romanian Data Protection Authority):

• Address: 8-30 G-ral Gheorghe Magheru Bld. District 1, post code 010336, Bucharest, Romania
• Email: anspdcp@dataprotection.ro
• Phone: +40.318.059.211
• Fax: +40.318.059.602

Duration of personal data processing

We keep your personal data on our systems as long as is necessary for the purpose of which it was collected or any retention period that is required by law or by the end of the liability period in which litigation or investigations might arise in respect of our services. After the applicable retention period(s) have expired, personal data will be deleted or anonymized.

Security of data

We have put in place appropriate technological and organisational controls in order to protect your personal data from loss, misuse, alteration or unintentional destruction, such as the use of anti-virus, hard disk encryption software, password protection, physical access controls.

Cookies

We use cookies to better manage our website; Details on how and what cookies do we use are presented in our Cookie Policy which is available here for consultation.