Live Chat LoginRegister


Privacy Policy

Overview

Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter referred to as GDPR, Regulation or RGPD in this document) was adopted by the European Parliament and the Council of the European Union on 27 April 2016, its provisions being directly applicable from 25 May 2018. This Regulation expressly repeals Directive 95/46/EC, thus replacing the provisions of Law no. 677/2001 (currently repealed).

The Regulation is directly applicable in all Member States, protecting the rights of all natural persons within the territory of the European Union. From a material perspective, the Regulation applies to all controllers processing personal data. The Regulation does not apply to the processing of personal data relating to legal persons and, in particular, legal entities, including the name and type of legal person and the contact details of the legal person.

Personal data is defined as any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing of personal data involves any operation or set of operations performed upon data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Operator Identity

Considering Article 4, Point 7 of the Regulation, which defines the notion of "controller" as a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data, the controller processing personal data through this website is Zapp Investment & Consulting SRL, located at Str. Aviatorilor, no. 26, Office B, 1st Floor, registered with the Trade Registry Office under no. j40/56/2021, having VAT number 43513727, legally represented by Mihail Tudoroiu, with contact details zappinvestmentconsulting@gmail.com, 0732028349.

Personal Data Collection

What Personal Data is Collected

This website's operator collects, stores, and processes the following personal data about you:

  • Name, surname
  • Contact details (such as email, phone, fax)
  • Visual images or sequences (photographs, video)

Considering that the Regulation primarily prohibits "processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation" (according to Article 9, paragraph 1), situations where such data processing is permitted are then established:

  1. Explicit consent of the data subject is given;
  2. Processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law;
  3. Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent;
  4. Processing is carried out by a foundation, association, or any other non-profit body with a political, philosophical, religious, or trade union aim and on condition that the processing relates solely to the members or former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects;
  5. Processing relates to personal data which are manifestly made public by the data subject;
  6. Processing is necessary for the establishment, exercise, or defense of legal claims or whenever courts are acting in their judicial capacity;
  7. Processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and interests of the data subject;
  8. Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment, or the management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional, subject to the conditions and safeguards referred to in paragraph 3;
  9. Processing is necessary for reasons of public interest in the area of public health, such as ensuring high standards of quality and safety of healthcare and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy;
  10. Processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.

Obtaining Consent

General Information

In order for the processing of personal data to be lawful, GDPR requires it to be based on a legitimate reason, such as the performance or conclusion of a contract, compliance with a legal obligation, or based on the valid consent previously expressed by the data subject. In the latter case, the controller is obliged to be able to demonstrate that the person concerned has given consent for that particular processing. Consent given under Directive 95/46/EC remains valid if it meets the conditions provided by the GDPR. Giving consent must be made through a statement or an unambiguous action that constitutes a freely given, specific, informed, and clear expression of the data subject's agreement to the processing of their personal data. If the consent of the data subject is given in the context of a declaration, electronically or in writing, which also refers to other aspects, the request for consent must be presented in a form that clearly distinguishes it from the other aspects, and it can even be done by checking a box. In order for the processing of personal data to be lawful, GDPR requires it to be based on a legitimate reason, such as the performance or conclusion of a contract, compliance with a legal obligation, or based on the valid consent previously expressed by the data subject. In the latter case, the controller is obliged to be able to demonstrate that the person concerned has given consent for that particular processing. Consent given under Directive 95/46/EC remains valid if it meets the conditions provided by the GDPR.

Cookies

This site uses cookies. They do not harm your computer and do not contain viruses; instead, they contribute to easier, more efficient, and safer use of the site. They are small text files that are stored on your computer and are saved by the browser used.

Many of the cookies used are called "session cookies", which are automatically deleted after visiting this site. Others remain in your computer's memory until you delete them, allowing the browser to recognize it on your next visit.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when you close your browser. Disabling cookies may limit the functionality of this website.

Cookies that are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored in accordance with Article 6(1)(f) of the GDPR, which states that processing is lawful only if and to the extent necessary for the legitimate interests pursued by the controller or by a third party. Therefore, the operator of this website has a legitimate interest in storing certain cookies to ensure error-free technical optimization. Other cookies (such as those used to analyze your browsing behavior) are also stored and will be treated separately in this document.

Server Log Files

The provider of this site automatically collects and stores information that your browser automatically transmits to us through server log files. These are:

  • Type and version of browser
  • Operating system used
  • URL of the page that initially generated the request for displaying the page or current object (Referrer URL)
  • Hostname of the computer accessing the Date
  • Time-related server access data IP address

The legal basis for processing such data is represented by Article 6(1)(b) of the GDPR, which allows the processing of data when it is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.

Contact Form

If you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your questions and any further ones. We do not share this information without your permission. Therefore, we will process all the data you enter into the contact form only with your consent [in accordance with the provisions of Article 6(1)(a) of the GDPR]. You can revoke your consent at any time, with an informal email being sufficient. The data processed before we receive your request may still be legally processed. We will retain the data you provide on the contact form until:

  • request deletion of the data;
  • revoke your consent for their storage, or if the purpose
  • for their storage is no longer valid.

Any mandatory legal provisions, especially those regarding mandatory data retention periods, are not affected by the above.

Contact via Email, Phone, or Fax

If you contact us via email, phone, or fax, your request, including all personal data you provide, will be stored and processed by us for the purpose of handling your request, based on your consent.

Therefore, we will process all the data you provide based on the following legal provisions within the GDPR:

  • only with your consent - in accordance with the provisions of Article 6(1)(a) GDPR
  • for the performance of a contract or in the pre-contractual stage - in accordance with the provisions of Article 6(1)(b) GDPR
  • for the purpose and legitimate interest pursued by us, namely the efficient processing of requests sent by you - in accordance with the provisions of Article 6(1)(f) GDPR.

We will retain the data you provide in this manner until:

  • you request deletion of the data;
  • you revoke your consent for their storage, or if
  • the purpose for their storage is no longer valid, in all situations except mandatory data retention periods.

Registration on the Website

You can register on this website to access additional functions and services offered by our company. In this regard, the data entered by you will be used and processed for the purpose of using the respective service or function for which you have registered. Mandatory data requested during registration must be provided by you in full, otherwise the registration process will be rejected.

To inform you about important changes, such as those within our website or technical changes, we will use the email address specified by you at the time of registration.

The processing of personal data provided during the registration procedure is done only with your consent and in accordance with the provisions of Article 6(1)(a) GDPR. You can revoke your consent at any time, with an informal email being sufficient. We will continue to store the data collected during registration as long as you remain registered on this website, but mandatory storage periods remain valid and will be respected.

Authentication via Facebook

If you do not wish to register directly on this site, you can connect via Facebook (Connect). This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

To connect using Facebook, press "Login with Facebook" or "Connect with Facebook" and you will be automatically redirected to this platform, where you will be asked for your username and password details, thus connecting to this website with your Facebook profile. In this way, we will have access to all data stored on Facebook, for example (and not limited to):

  • Name
  • Profile picture
  • Email address
  • Facebook ID
  • Friends network
  • Likes (Facebook likes)
  • Birthdate
  • Gender
  • Country
  • Language

This data will be used to create and personalize your account on this website.

For more information, you can access the Facebook Terms and Conditions, as well as the Privacy Policy, provided at https://www.facebook.com/privacy and https://www.facebook.com/legal/terms.

Considering the ruling of July 16, 2020 (pronounced in case C-311/18 - Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the European Court of Justice has stated that the protection provided by the EU - US Privacy Shield is not adequate.

Therefore, the transfer of personal data to the USA and other countries outside the European Economic Area (EEA) is based on the European Commission's Standard Contractual Clauses (SCC). The Commission has issued two sets of standard contractual clauses for transfers of data from data controllers in the EU to data controllers established outside the EU or the European Economic Area (EEA). It has also issued a set of standard contractual clauses for transfers of data from data controllers in the EU to processors established outside the EU or EEA. For more information on these clauses, we recommend accessing https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-dataprotection/standard-contractual-clauses-scc_ro

Facebook uses Standard Contractual Clauses as an adequate guarantee for data protection, in accordance with the level of protection guaranteed by the GDPR.

For more details, visit: https://www.facebook.com/legal/EU_data_transfer_addendum

Authentication via Google

We collect Email scope from Google, please see https://developers.google.com/identity/protocols/oauth2/scopes?hl=en for more info

Purpose of processing the collected data

Some of the data collected on this site are used for:

  • Providing services for your benefit (for example, resolving any issues regarding our products and services, providing support services, etc.)
  • Optimal functioning and optimization of this site (statistical and analytical) - We constantly aim to provide you with the best experience on our site, which is why we may collect and use certain information related to your satisfaction level during your navigation on this site, and we may invite you to complete suggestion questionnaires or similar.
  • Advertising and promotion activities online. You can request at any time, through the means described in this document, to stop the processing of your personal data for marketing purposes, and we will comply with your request as soon as possible.
  • Periodic user notification - We want to keep you informed about our offers. In this regard, we may send you any type of message containing general and thematic information, information about offers or promotions, as well as other commercial communications such as market research and opinion polls. For communications of this kind, we rely on the prior consent obtained from you. You can change your mind and withdraw your consent at any time.
  • Defending our legitimate interests. There may be situations where we will use or transmit information to protect our rights and business activity. These may include: measures to protect the website and the user of our website from cyber attacks; measures to prevent and detect fraud attempts, including the transmission of information to competent public authorities; measures to manage other types of risks.

The processing of personal data is carried out in accordance with the provisions of the General Data Protection Regulation, based on both the consent of the data subject and the reasons of contractual performance or the legitimate interests pursued by the controller (except where the interests or fundamental rights and freedoms of the data subject prevail, requiring the protection of personal data, especially when the data subject is a child).

Users' Rights

Your rights regarding personal data and the means of exercising them are: Right to Information, Right of Access, Right to Rectification, Right to Erasure of Data, Right to Restriction of Processing, Right to Data Portability, Right to Object, Right Not to be Subject to Automated Decision-Making, Right to Lodge a Complaint and to Address Judicial Courts, Right to Withdraw Consent.

  • Right to Information - you can request information regarding the processing activities of your personal data, the identity of the controller and its representative, or about the recipients of your data;
  • Right of Access - you can obtain from the controller confirmation of whether or not personal data concerning you are being processed, and if so, access to that data and the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the right to request the controller to rectify or erase personal data or restrict processing or to object to processing etc.
  • Right to Rectification - you can rectify inaccurate personal data or complete it;
  • Right to Erasure of Data - you can obtain the erasure of data if their processing was not lawful or in other cases provided by law;
  • Right to Restriction of Processing - you can request the restriction of processing if you contest the accuracy of the data, as well as in other cases provided by law;
  • Right to Data Portability - you can receive, in certain conditions, the personal data you provided to us in a format that can be automatically read or you can request that such data be transmitted to another controller;
  • Right to Object - you can object in particular to processing based on the legitimate interest of the controller;
  • Right Not to be Subject to Automated Decision-Making - you can request and obtain human intervention in respect of such processing or you can express your own point of view regarding this type of processing;
  • Right to Lodge a Complaint and to Address Judicial Courts - you can lodge a complaint regarding the processing of personal data with the National Authority for the Supervision of Personal Data Processing and/or you can address judicial courts to enforce your rights;
  • Right to Withdraw Consent - in cases where processing is based on your consent, you can withdraw it at any time. The withdrawal of consent will only have effects for the future, processing carried out before the withdrawal will remain valid.

Operator's Data Processing Obligations

Hosting

Personal data registered on this website is stored on BlueHost servers. The processing of the provided and stored data complies with the following legal provisions:

  • Art. 6(1)(a) GDPR - BlueHost processes data based on your consent, obtained after proper and complete information;
  • Art. 6(1)(b) GDPR - BlueHost processes data for the purpose of fulfilling contractual obligations;
  • Art. 6(1)(f) GDPR - BlueHost processes data for the purpose of pursuing legitimate interests of the controller.

Regardless of the purpose for which personal data is processed, the principles of legality, fairness, and transparency are respected, as well as the principle that the processed personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

For more information regarding the processing of personal data by BlueHost, visit https://www.bluehost.com/hosting/info/privacypolicy

We have a contract/agreement/legal document (including the possibility of including and agreeing to the clauses from the Terms and Conditions of the website) concluded with BlueHost to ensure the processing of personal data in accordance with legal regulations. We fulfill our obligations under Article 28 of the GDPR by choosing an external service provider that provides sufficient guarantees for the implementation of appropriate technical and organizational measures, so that the processing complies with the requirements set out in the regulation and ensures the protection of your rights.

Data Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential information. This encryption can be recognized by you through the lock icon that appears in the browser bar and by changing the address of the browser from http:// to https://. Once this type of encryption is activated, the transmitted or transferred data cannot be viewed by third parties.

According to the GDPR, in case the breach of personal data security is likely to result in a high risk to your rights and freedoms, the operator of this website will inform you promptly about this breach, unless the provisions complementary to the same Regulation become incidents (art. 34 para. 3).

Data Protection Officer

As the provisions of the GDPR are not applicable (art. 37 para. 1 - according to which the Controller and the processor shall designate a data protection officer whenever:

  1. The processing is carried out by a public authority or body, except for courts acting in their judicial capacity;
  2. The core activities of the controller or the processor consist of processing operations which, by their nature, scope, and/or purposes, require regular and systematic monitoring of data subjects on a large scale; or
  3. The core activities of the controller or the processor consist of large-scale processing of special categories of data pursuant to Article 9 or personal data relating to criminal convictions and offences referred to in Article 10).

Regarding the obligation to appoint a Data Protection Officer, for any information or clarifications regarding the functioning of this website, please contact us at the following details:

  • Name: Alexandru Dumitrescu
  • Email: contact@zappads.co.uk
  • Phone: 0732028349
  • Correspondence address: Str. Avionului, nr 26

Records of Processing Activities

According to the GDPR Regulation, the controller or the processor should maintain records of processing activities under its responsibility for a reasonable period. These records should include all of the following information:

  • The name and contact details of the controller
  • The purposes of the processing
  • The description of the categories of data subjects and of the categories of personal data; the categories of recipients to whom the personal data have been or will be disclosed; if applicable/possible:
    • Transfers of personal data
    • The envisaged time limits for erasure of the different categories of data
    • A general description of the technical and organizational security measures

The detailed obligation above does not apply to an enterprise or organization with fewer than 250 employees, unless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data or personal data relating to criminal convictions and offenses.

Appropriate Technical and Organizational Measures

Considering the current state of technology, the context, and the purposes of the processing, as well as the risks for the rights and freedoms of individuals, the controller implements appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific purpose of the processing is processed.

Notification to the supervisory authority in case of personal data breach

According to Article 33(1) of the GDPR, in the event of a personal data breach, we will notify the National Supervisory Authority for Personal Data Processing without undue delay and, if possible, within 72 hours from the time we become aware of it, unless it is unlikely to result in a risk to the rights and freedoms of individuals.

Informing the data subject about the personal data breach

Referring to the provisions of Article 34 of the GDPR, in the event that a personal data breach is likely to result in a high risk to the rights and freedoms of individuals, we will inform the data subject without undue delay about this breach, unless:

  • Appropriate technical and organizational protection measures have been implemented, and these measures have been applied to the personal data affected by the personal data breach, especially measures ensuring that personal data becomes unintelligible to any person not authorized to access it, such as encryption;
  • Further measures have been taken to ensure that the high risk to the rights and freedoms of data subjects mentioned above is no longer likely to materialize;
  • It would require a disproportionate effort. In this situation, a public communication is made instead or a similar measure is taken to inform the data subjects in an equally effective manner.

Social Media

Facebook plugins (Like & Share Button)

This service uses social plugins ("plugins") managed by the social network facebook.com. The plugins can be identified by a Facebook logo (a white "f" on a blue plate or a "thumbs up" sign) or are labeled with the addition of the phrase "Facebook Social Plugin." The list and appearance of Facebook plugins can be viewed here: https://developers.facebook.com/docs/plugins/. By using the Like extension, you will appreciate our website's Facebook page without needing to leave it. By using the Share extension, you will distribute our website or specific content from it on your personal Facebook page without needing to leave the website.

Through the plugin, Facebook receives information about the pages you access on our website. If you are logged in to Facebook at the same time, Facebook can associate the actions you take on our page with your personal account. When you interact with the plugins, such as clicking the Like button or sharing specific content from the site, the corresponding information is transmitted directly from your browser to Facebook and stored there. Even if you are not a Facebook member, there is still the possibility that the social network obtains and stores your IP address.

By clicking one of these buttons, you agree to the use of this plugin and, consequently, to the transfer of personal data to Facebook. We do not have control over the nature and purpose of the data transmitted, as well as over the subsequent processing. Regarding the purpose and extent of data collection, processing, and further use by Facebook, as well as permissions and privacy settings, you can refer to Facebook's privacy policies.

If you do not want Facebook to associate your visit to this site with your Facebook account information, you have the option to log out.

Instagram Plugin

This service uses social plugins ("plugins") managed by the social network Instagram, functions provided by Instagram Inc., headquartered at 1601 Willow Road, Menlo Park, CA 94025, USA. The plugins can be identified by an Instagram logo or are labeled with the addition of the phrase "Instagram Social Plugin."

Through the plugin, Instagram is informed about the actions you take on our page. If you are logged in to your personal account on the social network at the same time, it can associate the actions taken on the page with your Instagram account and, implicitly, with you personally. When you access the plugins, the corresponding information is transferred from your browser to the social network and stored there. Even if you are not an Instagram member, there is still the possibility that it obtains and stores your IP address.

By clicking one of these buttons, you agree to the use of this plugin and, consequently, to the transfer of personal data to Instagram. We do not have control over the nature and purpose of the data transmitted, as well as over the subsequent processing. Regarding the purpose and extent of data collection, processing, and further use by Instagram, as well as permissions and privacy settings for users, you can consult Instagram's privacy policies at: https://help.instagram.com/155833707900388.

If you are an Instagram member and do not want it to collect your data through the plugin and link it to the data already stored on Instagram, you must log out of the social network before visiting this site.

Google+ plugin

This service uses social plugins ("plugins") managed by the social network Google+. The plugins can be identified by a Google+ logo.

Through the plugin, Google receives information about the pages you access on our website. If you are logged in to the social network at the same time, Google can associate the actions you take on the page with your Google+ account and, implicitly, with you personally. When you interact with the plugins, the corresponding information is transferred directly from your browser to Google+ and stored there. Even if you are not a Google+ member, there is still the possibility that it obtains and stores your IP address.

By clicking one of the plugin buttons, you can express your agreement to their use and, consequently, to the transfer of personal data to Google+. We do not have control over the nature and purpose of the data transmitted, as well as over the subsequent processing. Regarding the purpose and extent of data collection, processing, and further use by Google+, as well as permissions and privacy settings for users, you can consult Google+'s privacy policies at: https://policies.google.com/privacy?hl=en.

If you are a Google+ member and do not want it to collect your data through the plugin and link it to the data already stored on Google+, you must log out of the social network before visiting the site.

Newsletter

To receive a newsletter, it is necessary to provide a valid email address, along with specific information to identify the owner of this address. Also, your consent is required for receiving the newsletter, and therefore, we inform you that any other personal data will be collected and stored only based on your agreement. The data collected in this way is processed only for the purpose of transmitting the newsletter and will not be transmitted to third parties. Therefore, we will process any data you enter in the contact form only with your consent, in accordance with the provisions of Article 6 (1) lit. a GDPR.

Plugins and Tools

YouTube

Our website uses plugins from the YouTube platform, which is operated by Google. The website operator is YouTube, LLC, Cherry Ave 901, San Bruno, CA 94066, USA.

If you visit a page on our website where a YouTube plugin has been integrated, a connection to YouTube's servers will be established. As a result, the YouTube server will be notified of which pages you have visited.

In addition, YouTube may introduce various cookies, through which information about visitors to our site can be obtained. Among other things, this information will be used to generate video statistics in order to improve the usability of the site and prevent fraud attempts.

If you are logged into your YouTube account while visiting our site, you allow YouTube to directly associate your browsing patterns with your personal profile. You have the option to prevent this by logging out of your YouTube account.

The use of YouTube is based on our interest in presenting online content in an appealing manner. According to Art. 6 para. 1 lit. f) GDPR, this is a legitimate interest.

Considering the Decision of July 16, 2020 (pronounced in case C-311/18 - Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the European Court of Justice has ruled that the protection provided by the EU-US Privacy Shield is not adequate. Therefore, the transfer of personal data to the US and other countries outside the European Economic Area (EEA) should be based on the Standard Contractual Clauses (SCC) of the European Commission.

For more information on how YouTube handles user data, please see YouTube's privacy policy at: https://policies.google.com/privacy?hl=en.

Google Maps

This site uses Google Maps, a mapping and location service, through an API. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, United States of America.

To ensure data protection on our website, you will find that Google Maps has been deactivated when you visit our site for the first time. A direct connection to Google's servers will not be established until Google Maps is autonomously activated, i.e., with your consent in accordance with Article 6 (1) lit. a) GDPR. This will prevent data transfer to Google during your first visit to our site. Once you have activated the service, Google Maps will store your IP address. It is usually subsequently transferred to a Google server in the United States, where it is stored. The provider of this website has no control over this data transfer once Google Maps has been activated.

Considering the Decision of July 16, 2020 (pronounced in case C-311/18 - Data Protection Commissioner/Facebook Ireland Limited, Maximillian Schrems), the European Court of Justice has ruled that the protection provided by the EU-US Privacy Shield is not adequate.

Therefore, the transfer of personal data to the USA and other countries outside the European Economic Area (EEA) is based on the Standard Contractual Clauses (SCC) of the European Commission. The Commission has issued two sets of Standard Contractual Clauses for transfers of data from EU data controllers to data controllers established outside the EU or the European Economic Area (EEA). It has also issued a set of contractual clauses for transfers of data from EU data controllers to processors established outside the EU or EEA. For more information on these Clauses, we recommend visiting https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractualclauses-scc_ro.

Google Maps uses Standard Contractual Clauses as an adequate safeguard for data protection, in accordance with the level of protection guaranteed by the GDPR. For more information, please consult Google's Privacy Policy at the following address: https://policies.google.com/privacy

Conclusion

This privacy policy for the processing of personal data is generated in accordance with the provisions of Regulation No. 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, as well as other applicable national legal provisions.

We reserve the right to make any additions or modifications to this policy. We recommend consulting the Policy regularly for accurate and updated information regarding the processing of personal data.

For more details regarding this GDPR Policy, as well as for exercising any of the aforementioned rights, a written notification can be sent to the contact details indicated above.