Welcome to our website! We use cookies to improve your experience. See our Privacy Policy for more information.
Alright

Privacy Policy

Data Owner and Controller

PROFESSIONAL ASSOCIATION “COGEN ROMANIA”
BUCHAREST, SECTOR 2, BLD. LINDEN LAKE, NO.1-3, ET.5, AP.517

Owner contact email: office@cogen.ro

Types of data collected

Among the types of personal data that this application collects, by itself or through third parties, are: User data; first name; first name; first name; email address; various types of data; cookies.

Full details of each type of personal data collected are provided in the dedicated sections of this privacy policy or by specific explanatory texts displayed prior to data collection.

Personal data may be freely provided by the User or, in the case of usage data, collected automatically when using this application.

Unless otherwise specified, all data requested by this application is mandatory and failure to provide such data may make it impossible for this application to provide its services. In cases where this application specifically states that some data is not mandatory, Users are free not to communicate this data without consequences to the availability or operation of the Service.

Users who are unsure about the personal data that is mandatory are welcome to contact the Owner.
Any use of Cookies — or other tracking tools — by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy, if available.

Users are responsible for any third party personal data obtained, published or shared through this Application and confirm that they have the third party's consent to provide Owner Data.

Mode and place of data processing

Processing methods

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, alteration or unauthorized destruction of the Data.

Data processing is carried out using computers and/or computer tools, following procedures and organizational modes strictly related to the indicated purposes. In addition to the Owner, in some cases, the Data may be accessible to certain types of responsible persons, involved in the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) designated, if necessary, as data processors by the Owner. The updated list of these parts can be requested from the owner at any time.

Legal basis of processing

The Owner may process personal data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes. Note: Under some laws, the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any of the following legal bases. However, this does not apply whenever the processing of personal data is subject to European data protection legislation;
  • the provision of data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations of the User;
  • processing is necessary to comply with a legal obligation to which the Owner is subject;
  • the processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Owner;
  • the processing is necessary for the purposes of the legitimate interests pursued by the Owner or a third party.

In any case, the Owner will be happy to help clarify the specific legal basis that applies to the processing and, in particular, whether the provision of personal data is a legal or contractual requirement or a requirement necessary for the conclusion of a contract.

The place

The data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.

Depending on the location of the user, data transfers may involve the transfer of the User's Data to a country other than their own. To find out more about the place of processing of this transferred Data, Users can check the section containing details about the processing of personal data.

Users also have the right to learn about the legal basis of data transfers to a country outside the European Union or to any international organization governed by public international law or established by two or more countries, such as the UN, and about the security measures taken by the Owner to protect their data.

If such a transfer occurs, Users can find out more by checking the relevant sections of this document or asking the Owner using the information provided in the contact section.

Retention time

Personal data will be processed and stored for as long as required by the purpose for which they were collected.

Therefore:

  • Personal data collected for purposes related to the performance of a contract between the Owner and the User will be retained until the full execution of this contract.
  • Personal data collected for the purposes of the legitimate interests of the Owner will be kept for as long as necessary to fulfill these purposes. Users can find specific information about the legitimate interests pursued by the Owner in the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain personal data for a longer period of time whenever the User has given his consent to such processing, as long as this consent is not withdrawn. In addition, the Owner may be required to retain personal data for a longer period of time whenever it is necessary to do so for the fulfillment of a legal obligation or by order of an authority.

After the expiration of the retention period, the personal data will be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be applied after the expiry of the retention period.

Purposes of processing

Data relating to the User is collected to enable the Owner to provide its Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of its users or third parties), detect any malicious or fraudulent activity, as well as the following: Displaying content from external platforms, Contacting the user, analytics services and platforms hosting and hosting.

For specific information about the Personal Data used for each purpose, the User can refer to the section “Detailed information on the processing of personal data”.

Detailed information on the processing of personal data

Personal data is collected for the following purposes and using the following services:

Analytics

The services contained in this section allow the Owner to monitor and analyze web traffic and can be used to track user behavior.

Google Analytics with anonymised IP (Google Ireland Limited)

Google Analytics is a web analytics service provided by Google Ireland Limited (“Google”). Google uses the collected data to track and review the use of this App, to prepare reports on its activities and to share it with other Google services.

Google may use the collected data to contextualize and personalize the ads of its own advertising network.
This integration of Google Analytics anonymizes your IP address. It works by shortening the IP addresses of users in member states of the European Union or other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server and shortened in the USA.

Personal data processed: Cookies; Usage data.

Place of processing: Ireland Privacy Policy---- quit. Participant in the Privacy Shield.

Category of personal data collected under CCPA: Internet information.

This processing constitutes a sale based on the definition in the CCPA. In addition to the information in this clause, the User can find information on how to opt out of the sale in the section detailing the rights of Californian consumers.

Displaying content from external platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service can still collect web traffic data for the pages where the service is installed, even when users are not using it.

Google Fonts (Google Ireland Limited)

Google Fonts is a typography viewing service provided by Google Ireland Limited that allows this App to incorporate content of this type on its pages.

Personal data processed: Usage data; different types of data specified in the privacy policy of the service.

Place of processing: Ireland Privacy Policy. Participant in the Privacy Shield.

Category of personal data collected under CCPA: Internet information.

This processing constitutes a sale based on the definition in the CCPA. In addition to the information in this clause, the User can find information on how to opt out of the sale in the section detailing the rights of Californian consumers.

Mapping areas of interest and recording sessions

Heat mapping services are used to display the areas in this Application with which Users interact most frequently. This indicates the points of interest. These services allow monitoring and analysis of web traffic and track the behavior of Users. Some of these services can record sessions and make them available for later visual playback.

Microsoft Clarity (Microsoft Corporation)

Microsoft Clarity is a session recording and heat mapping service provided by Microsoft Corporation. Microsoft processes or receives Personal Data through Microsoft Clarity, which may subsequently be used for any purpose in accordance with the Microsoft Privacy Statement, including to improve and provide Microsoft Advertising services.

Personal Data Processed: clicks; country; custom events; device information; diagnostic events; interaction events; layout details; mouse movements; page events; positional information; scroll-to-page interactions; session duration; time zone; trackers; usage data.

Place of processing: United States — Privacy Policy.

Contacting the user

Contact form (this application)

By filling in the contact form with his data, the User authorizes this Application to use these details to respond to requests for information, offers or any other type of request, as indicated in the header of the form.

Personal data processed: e-mail address; first name; last name; different types of data.

The category of personal data collected under the CCPA: identifiers; information on the internet.

Platform and hosting services

These services are intended to host and run key components of this Application, thereby enabling this Application to be provided within a unified platform. Such platforms provide the owner with a wide range of tools - for example, analytics, user registration, comments, database management, e-commerce, payment processing - involving the collection and manipulation of personal data.
Some of these services operate through geographically distributed servers, making it difficult to determine the actual location where personal data is stored.

Webflow (Webflow, Inc.)

Webflow is a platform provided by Webflow, Inc. that allows the owner to build, run and host this application. Webflow is highly customizable and can host websites from simple blogs to complex ecommerce platforms.

Personal data processed: different types of data specified in the privacy policy of the service.

Place of processing: United States - Privacy Policy---- quit. Participant in the Privacy Shield.

Category of personal data collected under CCPA: Internet information.

Rights of Users

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

  • Withdrawal of consent at any time.Users have the right to withdraw consent if they have previously given their consent to the processing of their personal data.
  • object to the processing of their data.Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. More details are provided in the dedicated section below.
  • Access their data.Users have the right to find out whether the Data is being processed by the Owner, to obtain disclosure on certain aspects of the processing and to obtain a copy of the Data subject to processing.
  • Check and request rectification.Users have the right to verify the accuracy of their data and request that it be updated or corrected.
  • Restriction of the processing of their data.Users have the right, under certain circumstances, to restrict the processing of their data. In this case, the Owner will not process his data for any purpose other than storing it.
  • Request deletion of personal data or otherwise deleted.Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
  • Receive their data and transfer it to another operator.Users have the right to receive their data in a structured, commonly used and automatically readable format and, if technically feasible, to transmit it to another operator without any hindrance. This provision is applicable provided that the Data are processed by automated means and that the processing is based on the User's consent, on a contract to which the User is a party or on his pre-contractual obligations.
  • File a complaint.Users have the right to submit a request to the competent data protection authority.

Details of the right to object to processing

If personal data are processed for a public interest, in the exercise of official authority vested in the Owner or for the purposes of legitimate interests pursued by the Owner, Users may object to such processing by providing a reason related to their particular situation to justify the objection.

Users should be aware that, however, if their personal data is processed for direct marketing purposes, they may object to such processing at any time without providing any justification. To find out whether the Owner processes Personal Data for direct marketing purposes, Users can consult the relevant sections of this document.

How to exercise these rights

Any request to exercise the user's rights may be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as soon as possible and always within one month.

Additional information about data collection and processing

Legal action

The User's personal data may be used for legal purposes by the Owner in court or at stages leading to possible legal actions arising from improper use of this Application or related Services.
The User declares that he is aware that the Owner may be obliged to disclose personal data at the request of public authorities.

Additional information about the user's personal data

In addition to the information contained in this privacy policy, this application may provide the User with additional and contextual information regarding certain Services or the collection and processing of personal data upon request.

System logs and maintenance

For operating and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (system logs) and use other personal data (such as IP address) for this purpose.

Information not contained in this Policy

Further details regarding the collection or processing of personal data may be requested from the owner at any time. Please refer to the contact information at the beginning of this document.

How Do Not Track requests are handled

This app does not support “Do Not Track” requests.
To determine whether any of the third-party services they use complies with “Do Not Track” requests, please read their privacy policies.

Changes to this Privacy Policy

The Owner reserves the right to modify this Privacy Policy at any time by notifying its Users on this page and possibly within this Application and/or - to the extent technically and legally feasible - sending a notification to Users through any contact information available to the Owner. It is recommended that you check this page frequently, referring to the date of the last modification listed at the bottom.

If the changes affect the processing activities carried out on the basis of the User's consent, the Owner will collect a new consent from the User, where necessary.

Your California Privacy Rights and How to Exercise Them

Right to know and portability

You have the right to request that we disclose to you:

  • the categories and sources of personal information we collect about you, the purposes for which we use your information, and with whom this information is shared;
  • in the case of sale of personal information or disclosure for commercial purposes, two separate lists in which we disclose:
  • for sales, the categories of personal information acquired by each category of recipients; and
  • for commercial disclosures, the categories of personal information obtained by each category of recipients.

The disclosure described above will be limited to personal information collected or used in the past 12 months.

If we submit our response electronically, the attached information will be “portable”, that is, delivered in a user-friendly format to allow you to transmit the information to another entity without hindrance - provided that this is technically feasible.

The right to request the erasure of your personal information

You have the right to request that we delete any of your personal information, subject to exceptions provided by law (such as, including, but not limited to, where the information is used to identify and correct errors in this application, to detect security incidents and to protect against fraudulent or illegal activities, to exercise certain rights, etc.).

If no legal exception applies, as a result of exercising your right, we will delete your personal information and instruct any of our service providers to do so.

How to exercise your rights

To exercise your rights described above, you must send us your verifiable request by contacting us using the details provided in this document.

To respond to your request, it is necessary to know who you are. Therefore, you can exercise the above rights only by making a verifiable request that must:

  • provide sufficient information to allow us to reasonably verify that you are the person about whom we have collected personal information or an authorized representative;
  • describe your request with sufficient detail that allows us to understand, evaluate and respond appropriately.

We will not respond to any request unless we are able to verify your identity and therefore confirm that the personal information in our possession actually relates to you.

If you are unable to submit a verifiable request in person, you may authorize a person registered with the California Secretary of State to act on your behalf.

If you are an adult, you can make a verifiable request on behalf of a minor under parental authority.

You can send a maximum of 2 applications over a period of 12 months.

How and when we expect to handle your request

We will confirm receipt of your verifiable request within 10 days and provide you with information on how we will process your request.

We will respond to your request within 45 days of receiving it. If we need more time, we will explain the reasons and how much more time we need. In this regard, please note that we may need up to 90 days to fulfill your request.

Our disclosures will cover the previous 12-month period.

If we refuse your request, we will explain to you the reasons behind our refusal.

We do not charge a fee for processing or responding to your verifiable request, unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee or refuse to act upon request. In both cases, we will communicate our choices and explain the reasons behind them.

Legal definitions and references

Personal data (or data)

Any information that, directly, indirectly or in connection with other information — including a personal identification number — enables the identification or identification of a natural person.

Usage Data

Information collected automatically through this Application (or third-party services used in this Application), which may include: IP addresses or domain names of computers used by users using this Application, Uniform Resource Identifier (URI) addresses, time of request, method used to send request to server, size of file received in response, numeric code indicating server response status (successful result, error, etc.), country origin, features of the browser and operating system used by the User, the different time details for each visit (for example, the time spent on each page within the Application) and the details of the path taken within the Application, with special reference to the sequence of pages visited and other parameters about the operating system of the device and/or the user's IT environment.

User

The person using this application who, unless otherwise specified, coincides with the data subject.

Data subject

The natural person to whom the Personal Data relates.

Data Processor (or Data Supervisor)

The natural or legal person, public authority, agency or other body that processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner)

Natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and means of processing personal data, including security measures regarding the operation and use of this Application. The data controller, unless otherwise specified, is the owner of this application.

This application

The means by which the personal data of the user is collected and processed.

Service

The service provided by this Application as described in the relative terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise specified, all references made in this document to the European Union shall include all current Member States of the European Union and the European Economic Area.

Cookies

Small sets of data stored in the user's device.

Legal information

This privacy statement has been developed on the basis of several pieces of legislation, including Article 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy applies exclusively to this application, unless otherwise specified in this document.