• Home
  • Protection of personal data
Protection of personal data

PROTECTION OF PERSONAL DATA

 

On May 25, 2018, Regulation no. 679/2016 entered into force, this being the legislation on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC applicable to any data controller or authorized person located in the European Union and to any data controller personal data of data subjects located in the European Union or providing services to them.

Satu Mare County Council, headquartered in P-ta 25 Octombrie, no. 1, Satu Mare county, fiscal code 3897378, phone 0261-805153, e-mail: office@cjsm.ro, processes the personal data necessary to provide services and information for taxpayers / citizens / petitioners, to carry out the activity specific to public administration and for the fulfillment of legal obligations.

Depending on the department to which the data subject is addressed, we collect the following categories of personal data of targeted persons outside the institution:

  • name and surname, address, CNP, series and number of ID card, tax and real estate data, mobile phone number, e-mail address, data on studies and profession, image, data on crimes, criminal convictions, criminal record, ethnic origin, health data, citizens and employees;
  • regarding the partners with whom we collaborate, for the provision of products and services or works, we collect personal data of the legal representatives or delegates, the position held, mobile phone, email address.

Principles of personal data processing

Satu Mare County Council processes personal data:

  • legally, fairly and transparently to the targeted person, which involves identifying the legal basis before processing, providing the targeted person with information on the identity and contact details of the controller, the contact details of the data protection officer, the purposes processing, the addressees, the rights of the data subject, the possibility of withdrawing consent, the possibility of filling a complaint with a supervisory authority as well as any other information necessary for transparent and fair processing;
  • for determined, precise, explicit and legitimate purposes, which implies that the processing is carried out only for the purpose defined before the start of data collection; further processing for archiving purposes in the public interest, for the purposes of scientific or historical research or for statistical purposes is not considered incompatible with the original purposes;
  • in an appropriate manner and limited to the purposes of the processing, for a period limited to the period necessary for the fulfillment of the purposes, which involves the processing of the data strictly necessary for the purpose for which it is performed;
  • in such a way as to ensure adequate data security, by maintaining data secrecy and implementing appropriate organizational and technical measures to prevent unauthorized access, unlawful processing or distribution, and accidental loss, alteration or destruction.

Satu Mare County Council periodically updates the principles and technical and organizational measures applicable to the security of personal data, these principles containing our commitment to protect the confidentiality, integrity, availability of data of our taxpayers and partners, online and offline.

The processing of personal data by the Satu Mare County Council is based on the following legitimate grounds:

  • the processing is necessary in order to fulfill some legal obligations of the operator, serve the legitimate interest and / or serve the public interest, are necessary for the execution of a contract (in the interest of the data subject);
  • consent: when the processing is not based on a legal obligation or does not result from the fulfillment of the obligations related to the provision of our services, only on the basis of the consent of the data subject. For the expression of consent, Satu Mare County Council makes available to the targeted person through the department to which the targeted person is addressed, the standard form of agreement on the processing of personal data on the expression of consent to the processing of personal data.

Purpose of processing / Duration of data retention

Satu Mare County Council processes personal data in order to carry out the specific activities of the institution, namely:

  • representation before the courts;
  • public relations;
  • archiving;
  • tax receipts;
  • payments;
  • urbanism, cadastre, discipline in constructions;
  • project management, monitoring of public services, investments and public procurement;
  • administration of public or private patrimony, conclusion of contracts;
  • finding contraventions and applying sanctions;
  • issuing authorizations / approvals according to legal norms;
  • human resources;
  • specific activities in the relations with the institutions subordinated to Satu Mare County Council;
  • information and communication technology;
  • personal records;
  • press activities, culture, sports, tourism;
  • administrative services, as well as any other activities specific to the institution deriving from other normative acts.

Satu Mare County Council will store the personal data necessary for the provision of public services according to the object of activity, in order to keep in touch with the targeted persons and to comply with the applicable legal obligations. Personal data will be stored for the period necessary to achieve the purposes of processing set out above, while respecting the legal requirements in force and the interest in protecting the rights of targeted persons.

The operator does not store the data longer than necessary, ensuring the implementation of data retention periods, where there is no mandatory period provided by law.

At the same time, personal data may be kept for a longer period for archiving purposes in the public interest or for the purpose of scientific or historical research, subject to the application of appropriate technical and organizational measures (such as anonymization, encryption, etc.).

If the Satu Mare County Council establishes that it has a legitimate interest or a legal obligation to further process your personal data for other purposes, you will be informed of the secondary purpose.

Once the processing period expires, Satu Mare County Council has no legal or legitimate reasons to process your personal data, and measures will be applied to delete, anonymize, archive, destroy in accordance with applicable legal procedures and the requirements of protection of the interests of targeted persons.

The origin of personal data

Satu Mare County Council processes the personal data of taxpayers, partners, site visitors, people who access the institution's website or communicate with the operator through various communication channels (email, fax, mail, meetings, participation in events, etc.). employees and collaborators, other individuals.

The personal data processed by the operator are obtained:

  • directly from the persons concerned by the processing through providing data during meetings at the institution's headquarters, by telephone, receiving data by email / fax, sending requests and filling in documents necessary for the provision of local public administration services, filling in online forms, visiting the headquarters or sending CVs for employment for the vacancies within the institution;
  • indirectly, from other sources: through disclosures made by other institutions (data transfer), disclosures made in your interest or legitimate interest, by querying national databases where we have regulated legislative access. These categories of information may include your name and credentials, email address, other information about you.

The rights of the targeted persons

The person targeted by processing of personal data may exercise the following rights at any time:

  • the right to be informed about the period for which the personal data will be stored according to the legal provisions, the recipients or categories of recipients of the data, the contact details of the data protection officer;
  • the right to request access to personal data, the right to rectify or delete them, the restriction of processing, the right to oppose the processing, and the right to data portability; these rights can be exercised by completing the standard applications posted on the institution's website and registering them at Satu Mare County Council headquarter;
  • the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out on the basis of the consent given before its withdrawal;
  • the right to lodge a complaint with a supervisory authority - the National Authority for the Protection of Personal Data or the judiciary for the protection of any rights guaranteed by the legislation on the protection of personal data that have been violated. The National Authority for the Supervision of Personal Data Processing can be contacted at G-ral Gheorghe Magheru Street, no. 28-30, sector 1, Bucharest, Romania or by e-mail at anspdcp@dataprotection.ro
  • has the possibility to contact the person in charge of personal data protection (GDPR Manager), by sending a request to the address of the institution from Satu Mare, P-ta 25 Octombrie no. 1, Satu Mare county or at the e-mail address gdpr@cjsm.ro.

Security measures used by Satu Mare County Council to protect personal data

Satu Mare County Council undertakes to protect personal data as soon as it comes into their possession by implementing technical and organizational security measures. Despite the operator's efforts, if we identify a security breach, the operator will take appropriate corrective action.

In order to protect personal data, Satu Mare County Council has taken organizational and technical measures aimed at several directions of action:

  • user identification and authentication, type of access, data operation, backup execution, computers and access terminals, communication networks, staff training. It also uses pseudonymization measures, secure storage of information, so as to ensure an adequate level of protection and security.

Satu Mare County Council uses the security procedures and guarantees it deems appropriate to protect the personal data of the targeted persons.

Our goal is to prevent unauthorized access, to maintain the accuracy of the data, to ensure the proper use of the data and to protect the data against loss of confidentiality, deletion, misuse or alteration of information under the control of Satu Mare County Council.

This material has been prepared for the purpose of informing the targeted persons by the data processing through posting on the institution's website regarding the implementation of Regulation no. 679/27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC.