Privacy Policy regarding the processing of personal data on the website www.streams.live

(hereinafter referred to as “Policy“)

 

  1. IDENTITY AND CONTACT DETAILS OF THE OPERATOR

 

We, ONLINE VENUES & EVENTS SRL (a limited liability company with its registered office in 7 Aurel Vlaicu St., Rasnov, Brasov county, Romania, a EU affiliate company of OVEIT, INC. a Delaware, USA registered corporation, with office in 8121 Bee Cave Rd. Suite 200, Austin, TX 78746  – “Oveit” / “we” / “Company”), We undertake to ensure the protection of personal data that we process in connection with our website www.streams.live In accordance with the law, we hereby ensure through The processing of personal data relating to the Website (“Policy”) the exercise of the right of each data subject (“Data Subject” / “you” / “yours”) to be informed in a complete and clear manner on the personal data that we process (collect, use, store) when accessing / visiting in connection with our website www.streams.live (“Website”), on the purposes of this processing and on the relevant provisions regarding this processing. Thus, we recommend that you review this Policy when accessing our Website.

 

Through the Website, the Company offers to the concerned Data Subject the opportunity to be informed about the events / shows / activities / conferences (“Services and Products“) in various fields (eg cultural, artistic, sports, business, retail etc.) organized by various profile providers (“Suppliers”), as well as to reserve / purchase tickets / make goods and services purchases from participation in such events / shows / activities / conferences. For some reservations / sales of Services / Products, we can act as sellers / suppliers, and for most operations, we act as intermediaries for suppliers. The online ordering process can be carried out exclusively on streams.live, or can be completed on the websites / platforms of the Service / Product providers.

 

In order to provide some of the services / functionalities available on the Website, it is necessary to process personal data. When the Company is the one that decides the personal data it processes, as well as the purposes and means of processing, the Company acts as the operator of personal data. With regard to certain processing operations (e.g. when the categories of data processed and the means and purposes of processing are indicated by the event providers), the Company acts on behalf of the data operators, in which case detailed information on the processing of personal data (including regarding the transfer of data with the proxy) is, according to the law, on the charge of the given data operators.

 

This Policy applies to the processing of EU / EEA data subjects’ personal data regarding / through / in connection with the Website, in respect of which Oveit acts as a personal data operator, in accordance with the General Data Protection Regulation no. 679/2016 (“GDPR”). If you do not agree with Oveit’s processing of personal data in accordance with this Policy, please contact us for further clarification or do not access and use our Website.

 

You can contact us at:

Address: Rosetti Tower, 6 Maria Rosetti St., 4th fl. sector 2, Bucharest

Phone no.: +40 746 010 144

E-mail: contact@oveit.com

Contact person for data protection affaris: Mihai Drăgan

 

 

  1. GENERAL INFORMATION REGARDING THE DATA PROCESSING THROUGH STREAMS.LIVE

 

Personal Data – Any data or information that helps us identify the data subjects (Users). With the help of certain data, we can directly identify the person concerned (eg name and surname), while other personal information is less obvious (eg the IP of the device used for browsing www.streams.live), but if they are associated with other elements, it help us to identify the data subjects and therefore represent personal data.

 

Through this Policy, we inform you about:

  • The categories of persons whose personal data are covered by the processing;
  • What personal data we collect and process about you when you visit / use the functionalities of the Website;
  • Why and how we collect and process your personal data;
  • What legal basis do we rely on when processing your data;
  • How long we keep your data;
  • How your data is stored;
  • Who we share your data with;
  • What are your rights regarding the data we process.

 

For details and information on the collection and processing of cookies, please see the Cookie Policy, available here: https://streams.live/cookie-policy/

 

Oveit does not aim to process the personal data of individuals under the age of 18; The services / products / information available on the Website are not intended for minors, so if you are under the age of 18, please do not use the Website.

 

The provisions of this document apply with priority over other provisions in the documentation issued by Oveit (eg Website Terms and Conditions / User Agreement).

 

  1. CATEGORIES OF PERSONS TARGETED

 

The persons targeted by the processing operations are the Website Visitors, the Users (visitors who have an account on the Website), the Buyers and the Participants, according to the provisions below and according to the Website Terms and Conditions, available at https://oveit.com/terms-service/

 

Processed data / Purposes of data processing / Legal basis

 

          Accessing the Website www.streams.live

 

Processed data / Purposes of data processing / Legal basis:

When the Visitor interacts with the Website (access / visit the Website), various information is automatically transferred between the Visitor’s terminal and our server: the IP address of your terminal connected to the Internet, the date and time of access, the name and URL of the accessed file, the webpage from which it was accessed, the browser used by you and, where applicable, the operating system of your device connected to the internet, and the name of the network provider. Some of these are personal data, within the meaning of the law.

 

Purpose of processing: to ensure an optimal connection, to ensure an easy use of our website, to evaluate the security and stability of the system.

To better understand how we use cookies and how they work, we encourage you to review our cookies policy.

 

The legal basis for the processing of personal data indicated above is represented by our legitimate interest, in accordance with article 6 par. 1 letter f) GDPR. Our legitimate interest results from the purposes of processing the data stated above.

 

Recipients / categories of recipients:

When we act as a data operator, we do not transfer the data collected for the purpose indicated above to third parties.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

Creating a user account on the Website www.streams.live

 

Processed data / Purposes of data processing / Legal basis:

People who create their user account, voluntarily, on the Website, in order to benefit from easier methods of making reservations/purchases of available Services/Products, provide us in the account creation process with the following personal data:

  • name, surname;
  • e-mail address.

 

Purpose of processing: Creating an account on the Website is a necessary formality in order to benefit from easier methods of making reservations/purchases of available Services/Products. We need these mandatory data for these formalities prior to the execution of orders (reservations/purchases) that Users place on the Website.

The same data is collected and processed by us if the User acts as a representative of a legal entity customer, who wishes to place orders on behalf of the legal entity it represents in the booking/purchase process.

 

The legal basis for the processing of personal data indicated above is represented by our legitimate interest, in accordance with article 6 par. 1 letter b) GDPR. Our legitimate interest results from the purposes of processing the data stated above.

 

Recipients / categories of recipients:

When we act as a data operator, we do not transfer the data collected for the purpose indicated above to third parties.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • Logging in to the User account on the Website

 

Processed data / Purposes of data processing / Legal basis:

Users log in (access the User account) by providing the email address with which they are registered on the Website and entering the password set when creating the account.

 

The purpose of processing: accessing data from the User account (order history, etc.) in order to benefit from easier methods of making reservations/purchases of available Services/Products.

The same data is collected and processed by us if the User acts as a representative of a legal entity customer.

 

The legal basis for the processing of personal data indicated above through the execution of the contract (access the data from the User account), in accordance with Article 6 par. 1 letter b) GDPR.

 

Recipients / categories of recipients:

When we act as a data operator, we do not transfer the data collected for the purpose indicated above to third parties.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • Reservation / Purchase of Services / Products

 

Processed data / Purposes of data processing / Legal basis:

Both Visitors (those who do not have a User account) and Users (account holders on the Website) can reserve/purchase Services/Products by completing the booking/order process according to the terms of the Website. Visitors/Users who purchase Services/Products have the status of Buyers.

 

The personal data of the Buyer (Visitor/User) processed in the booking/order process (separately from the information on the Reserved/ordered Services/Products) are: full name, email address, shipping/billing address, mobile phone number. When the Buyer is a legal entity, the personal data processed are: full delegated name, email address, shipping/billing address, mobile phone number. If you make the reservation / purchase using the data from the User account, this data will be processed for order processing, Oveit requesting and further processing the data necessary to issue the invoice: full name, email address, shipping/billing address, mobile phone number.

 

The purpose(s) of processing is(are) to carry out and execute the process of booking/purchasing (selling) Services/Products, such as: selecting the Services/Products, issuing the invoice/proforma invoice by Oveit (in its own name, or on behalf of the Supplier), making payment for the Services/Products (usually by bank card or payment order), providing tickets for the Services/Products purchased (most of the time, in electronic format, at the indicated email address), sending transactional emails (e.g. order confirmation/payment etc.)

If the invoice/proforma is issued by Oveit for the third-party Provider of the Services/Products, Oveit collects and processes the personal data indicated above, for the purpose indicated, as a proxy of the supplier. Thus, the Supplier (as indicated on the invoice for Services/Products) collects and processes the data through Oveit, related to the invoice/proforma, as a data operator.

 

In cases where part of the process of order/purchase Services/Products is carried out/completed on the Supplier’s website (by directing to, or directly to its website), there may be personal data that the Supplier may collect directly from the Buyer – such processing operations are not the responsibility of Oveit on the Website.

 

If the Buyer selects the option of online payment by banking card, it is directed to the platform of the respectiv card processing provider – PayPal (www.paypal.com), Stripe (www.stripe.com), Netopia (www.mobilpay.ro), which collects financial data directly from the Buyer. Oveit has access to the data: name and surname; Transaction ID, transaction date, value, transaction status, date on which the related acquisition amount was collected; billing / shipping / invoice dates; non-acceptance by the issuing bank of the User’s card and the reason for non-acceptance sent by the bank, which may be for instance: “the associated fraud score is too high” – “the bank will make subsequent checks”; “insufficient funds”; invalidation of the transaction by the card processor.

Oveit is not a data controller, does not have access to and does not process (nor store), personal data such as the the Buyer’s bank account, card number, CVV. This data is processed by the entity authorizing the transaction or by another entity authorized to provide card identification data storage services, of whose identity the User will be informed by the data operator, prior to the actual entry of the card details used for online payment.

 

The processing of the personal data indicated above is necessary for the execution of the contract to which the data subject is a party (online contract of reservation / purchase of Services / Products), the legal basis being article 6 par. 1 lit. b) GDPR.

 

Recipients / categories of recipients:

When we act as a data operator, as a rule we do not transfer the data collected for the purpose indicated above to third parties. As an exception, certain data are processed at our request by authorized third parties, carefully selected and audited by us, with whom we have a contractual relationship, according to art. 28 GDPR.

We use the third party Mailgun Technologies, Inc., as the provider of the platform for sending transactional emails (order completion, ticket or purchase delivery etc.), so that the collaboration with Mailgun determines a data transfer to their servers. The transmission of data takes place in accordance with the principles of the so-called Privacy Shield as well as on the basis of the so-called EU Standard Contractual Terms. Mailgun’s data processing policy is at https://www.mailgun.com/privacy-policy/.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • The execution of obligations regarding the reserved / purchased Services / Products

 

Processed data / Purposes of data processing / Legal basis:

If the seller / supplier is Oveit, the execution of the related obligations (ensuring access to the event, providing the Product etc.) is the responsibility of Oveit, which processes the personal data from the User’s account on the Website, the email address and/or the telephone number of the User for the purpose of executing the online contract concluded with the User when making the purchase of Services / Products.

 

When the Provider is bound by the execution of the obligations related to the reservations / purchases of Services / Products, the above data are processed to ensure the execution of these obligations (e.g. access to the event, fulfilment of event services, fulfillment of the event, fulfilment of the products delivery etc.).

 

Sometimes, Oveit may collect from the Buyer of the Services / Products and process (either as an operator or most often as a proxy) personal data from the actual participants to the events (Participants), the processing of Participants’ data being necessary for the execution of the obligations realted to the events, which are contracted in consideration of that person. For instance, we can collect about a Participant: name, surname, position, brand represente; sometimes we collect and process information about the Participant’s preferences, strictly necessary to ensure the participant’s access to all benefits of the event (e.g. social interests, goods and products of interest, dietary intrests, interests in participation to sub-events etc.), or mobile phone number (e.g. when for the execution of the Services / delivery of the Products it is necessary of the direct relationship between Supplier and the Participant). In such situations, the Buyer who provides the data to Oveit assumes the provision of the data with the full power of attorney / authorization of the Participant / in the execution of the stipulation for another.

 

We will indicate such (additional) categories of data and (additional) categories of data subjects, as far as possible, in this Policy; or, if possible, some elements regarding the processing of these additional categories of data / data subjects will be able available for review on the pages of the Website(s) where the reservation / purchase is made, or even in the Internet pages of the Supplier, to which you will be directed to complete the process, booking / purchase of Services / Products.

 

The processing of the personal data indicated above is necessary for the execution of the contract to which the data subject is a party (execution of the obligations related to the Services / Products), the legal basis being article 6 par. 1 letter b) GDPR.

 

Recipients / categories of recipients:

When we act as a data operator, as a rule we do not transfer the data collected for the purpose indicated above to third parties. As an exception, certain data are processed at our request by authorized proxies, carefully selected and audited by us, with which we have a contractual relationship, according to art. 28 GDPR.

We use the third party Mailgun Technologies, Inc., as the provider of the platform for sending transactional emails (order completion, ticket or purchase delivery etc.), so that the collaboration with Mailgun determines a data transfer to their servers. The transmission of data takes place in accordance with the principles of the so-called Privacy Shield as well as on the basis of the so-called EU Standard Contractual Terms. Mailgun’s data processing policy is at https://www.mailgun.com/privacy-policy/.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

          Order cancellation / event cancellation / refund of amounts paid by Buyers / other changes

 

Personal data / Purposes of data processing / Legal basis:

When you decide to cancel an order or cancel an event and we will be obliged to reimburse you the price already paid, we will need to process your personal data for the following purposes: (i) to cancel your order / reservation /  tickets from our database and make it available for selling to other people, (ii) to inform you by e-mail on such order / reservation / ticket cancelation (using your e-mail), (iii) to re-pay you the money paid to us for the products / tickets / services you have canceled (we will process your banking card / bank account, name and surname), and (iii) to issue you a cancelation invoice, if the case may be (using your name, surname and your address).

 

The legal basis for data processing in this specific cases is a legal obligation to which the operator is subject to (Article 6 para. 1 letter c) GDPR, whereby we are obliged to repay you the money or to issue cancelation invoice (if the case may be).

 

Recipients / Categories of recipients:

Certain data (e.g. banking card details, bank details, name and surname) related to repayment of the price of the canceled order / ticket / reservation / event will go to the banking card payment processor / processing bank that will need to perform the money repayment.

 

Storage time:

The data is stored for 10 years (as regards the evidence for money repayment), or 5 to 10 years (for canceling invoice, if the case may be) under accounting and fiscal legislation, after which it is automatically deleted.

 

  • Contact by e-mail / Phone call

 

Personal data / Purposes of data processing / Legal basis:

The personal data that you send to us voluntarily, when you contact us by phone or e-mail, are treated confidentially by us. We use your data exclusively to respond to your request (by responding to a request, by resolving a complaint, etc.). The legal basis for data processing is the legitimate interest, in accordance with Article 6 para. 1 letter f) GDPR, and thus, try to ensure your satisfaction as a Visitor / User / Buyer.

Recipients / Categories of recipients:

When we act as a data operator, as a rule we do not transfer the data collected for the purpose indicated above to third parties.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • Audit and reporting / Procedures and investigations of judicial authorities and/or agencies

 

Personal data / Purposes of data processing / Legal basis:

Personal data regarding the relationship with the data subject (usually included in invoices / proformas, orders, contractual correspondence etc.) may be processed for the purpose of the audit, for submission of tax and accounting statements to the tax authorities (if applicable), such as and in exceptional situations, when in accordance with the law, we can provide to the competent authorities and institutions, within formal procedures / investigations or other approaches provided by law. The legal basis for data processing is compliance with the legal obligations imposed by the applicable legal provisions, in accordance with Article 6 para. 1 letter c) GDPR.

 

Recipients / Categories of recipients:

When we act as a data operator, as a rule we do not transfer the data collected for the purpose indicated above to third parties (other categories of recipients than those indicated).

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • Defending the rights of Oveit in court

 

Personal data / Purposes of data processing / Legal basis:

Personal data relating to the User’s account, invoices / proformas, orders placed and the execution of contracts with Buyers, and other personal data we hold under this Policy, may be processed by us when defending our rights in court to recover amounts due, or when we protect our interests against unjustified claims / claims, in order to formulate specific objections, written conclusions, requests and other legal documents.

The legal basis for data processing is our legitimate interest in exercising any defenses / rights before the courts, or public / control authorities or institutions, in accordance with the GDPR.

 

Recipients / Categories of recipients:

When we act as a data operator, as a rule we do not transfer the data collected for the purpose indicated above to third parties. We may share data with support and representation service providers, carefully selected by us, who are bound by confidentiality obligations under the law.

 

Storage time:

The data is stored for 10 years, after which it is automatically deleted.

 

  • The Share button and the Like button on Facebook

 

The Share plugin is a feature that Facebook social media platform makes available to allow you to share your experience on our Website with your Facebook friends. This plug-in allows us to act as associated personal data operators; Facebook processes the data according to the functionalities of these plug-ins, managed by Facebook. Thus, by highlighting the Share button on the Website, we do not collect your personal data. Our website does not receive the information that appears in the plug-in and we are not automatically notified of the actions you take by pressing the Share button. Also, once you click the Share button on Facebook on our initial presentation page on the Website: the Website will be able to connect your action with your Facebook profile. If you are not already logged-in to Facebook, when you visit the Website you will be asked to log-in to your Facebook account before you can use the Share plug-in.

 

We do not receive data from your Facebook account, by pressing the Like button.

 

  • Data protection of representatives / contacts of legal entities (including Service / Product providers)

 

In this section we present relevant information when you contact Oveit, respectively when we take steps to negotiate, conclude and execute a contract with the User / Buyer / Supplier for which you act as a representative / contract person (including when it comes to a Service / Product Provider interested in using / contracting the ticketing / live streaming solution / live stream shopping / application.

Your data that we process may differ depending on the interactions and categories of services contracted by the User / Buyer / Supplier that you represent. Therefore, some of the information listed below may not be relevant to you.

This information applies to the processing of personal data performed by ONLINE VENUES & EVENTS SRL (a limited liability company with its registered office in 7 Aurel Vlaicu St., Rasnov, Brasov county, Romania, a EU affiliate company of OVEIT, INC. a Delaware, USA registered corporation, with office in 8121 Bee Cave Rd. Suite 200, Austin, TX 78746  – “Operator“).

 

How do we collect your personal data and what types of data do we process?

In principle, we obtain your data directly from you or from the User / Buyer / Supplier for whom you act as a representative / contract person.

However, we may need some data that we obtain from other companies, authorities or other third parties, e.g. information offices, tax authorities or public sources.

Relevant personal data: personal / identifying data (name, surname, address, e-mail address, telephone number), associated with the data of the User / Buyer / Supplier, legal entity, for which you act as a representative / contract person (company name, data contained in extracts from the trade registry, tax number).

 

Legal purposes and grounds of processing

In order to fulfill the legitimate interests (Art. 6 Par. 1 letter f GDPR)

We process your personal data for the purpose of carrying out specific activities of negotiation, conclusion and execution of the contract with the User/Buyer/Supplier for which you act as a representative/contact person, as well as for communication with you in connection with any resulting matter from such a relationship.

The basis for processing your personal data for these purposes is our legitimate interest in providing services specific to our field of activity and managing the relationship with the User/Buyer/Supplier for which you act as a representative/contact person.

In order to fulfill the legal obligations (Art. 6 Par. 1 letter c GDPR)

Depending on the services contracted by the User/Buyer/Supplier for which you act as a representative/contact person, we process your personal data and for the purpose of fulfilling our legal obligations, for instance, our fiscal obligations, archiving.

 

Access to your personal data

Within the Operator, the access to your data will be provided to those departments that need them to fulfill the contractual obligations and the applicable legal obligations, depending on the contractual relationship with the User/Buyer/Supplier for which you act as a representative/contact person.

For the purposes of processing, if necessary, your data is also transmitted to our contractors or service providers (e.g. hosting providers, IT service providers who provide maintenance for the systems we use as your data storage source), companies within the Oveit group and competent public authorities (e.g. ANSPDCP, ANPC, ANAF).

 

Obligation to provide data

If you contact us directly, the provision of your data is necessary in order to be able to handle your requests. The processing of your personal data if it is transmitted to us by the User/Buyer/Supplier for whom you act as a representative/contact person, or are collected by us from other sources, it is necessary in order to negotiate, conclude and execute the contract. In the absence of the processing of your data, we will not be able to manage the contractual relationship with the User/Buyer/Supplier for which you act as a representative/contact person and/or we will not be able to fulfill the related legal obligations.

 

Data transfer to third countries

We do not transfer your data to third countries (i.e. outside the European Economic Area (EEA)), with the exception of Oveit group companies, namely, OVEIT, INC. a Delaware, USA registered corporation, with office in 8121 Bee Cave Rd. Suite 200, Austin, TX 78746.

 

The rights of data subjects

Data subjects have the right to obtain, upon request and free of charge, information on his/her personal data that we process, as well as access to such data. In addition, under the conditions provided by law, you have the right to correct erroneous data, as well as the deletion of personal data in accordance with the law, the right to data portability, the right to restrict processing and the right to engage in data processing. In addition, the data subjects may address the competent supervisory authority – The National Supervisory Authority For Personal Data Processing based in Bucharest, 28-30 G-ral. Gheorghe Magheru Bd., Sector 1, zip code 010336 (www.dataprotection.ro).

For more information about the rights you have as a data subject, as well as for the exercise of these rights, you can contact the person designated by us with responsibilities regarding data protection, having the following contact details: contact@oveit.com

 

  1. HOW LONG WE KEEP YOUR DATA

 

Your data is kept for as long as is necessary for the purposes described in this Policy, as set out above.

 

For the purposes for which we use your prior consent as legal ground, we will retain your data until you withdraw your consent to the processing for that purpose. However, we will retain your data in order to be able to defend our rights in court or to report to the competent authorities.

 

In cases where the storage of data for a certain period is provided by law, we will respect such a period of storage. Issued invoices / supporting documents will be kept for the period provided by the fiscal/accounting legislation (e.g. 10 years for fiscal invoices, 5 years for accounting documents).

 

  1. HOW YOUR DATA IS STORED

 

Oveit has implemented all necessary and organizational measures to ensure that your data is collected, processed and stored securely, including against unauthorized access and unauthorized use. These measures are:

 

  • Specific means of IT security: firewall filters that protect networks and IT infrastructure;
  • Appropriate administrative and organizational measures to ensure the preservation, confidentiality by the persons who have access to your data, through training and individual assumption of liability and responsibilities, including by signing contracts / clauses for maintaining the confidentiality of data;
  • Access to your data is strictly limited to persons who need to have access to it in order to fulfill the purposes mentioned in this Policy;
  • Periodic review of the processes and procedures for collecting, processing and storing your data;
  • Rigorous evaluation and selection of support service providers.

 

Also, in cases where Oveit acts as a Proxy of Providers, your personal data will be accessed and processed by the Suppliers (e.g. event organizers) in accordance with their own privacy / data security policies, which are of public availability.

 

  1. WITH WHOM WE SHARE YOUR DATA

 

All Oveit employees, collaborators, associates and management, as well as Oveit service providers, who come into contact with and / or process your data (suppliers – as Oveit proxies) must act in accordance with the provisions of this Policy and with the declarations / agreements / contracts for data processing signed with Oveit.

Oveit may provide your personal data collected to its business partners, pursuant to the confidentiality / data processing agreements concluded with them, as follows:

 

  • mobile application development service providers;
  • payment / banking service providers;
  • site creation, maintenance and website service providers;
  • hosting service providers – e.g. www.digitalocean.com

 

  1. WHAT ARE YOUR RIGHTS REGARDING THE DATA WE PROCESS

 

The right of access represents your right to obtain a confirmation from us regarding the data we process, which concerns you. Thus, you can request the following information:

  • Purposes of processing;
  • The categories of personal data concerned;
  • Recipients or categories of recipients to whom the data have been or are to be disclosed;
  • The period for which the data or criteria used for the determination are expected to be stored;
  • The existence of the right to request us to rectify or delete your data or to restrict the processing or the right to oppose the processing;
  • The right to lodge a complaint with the supervisory authority;
  • The source regarding the data taken over by third parties;
  • Whether there is an automated decision-making process including profiling and, where appropriate, the logic used and the importance and consequences of such processing.

 

The right to rectification gives you the option to request that we correct, without undue delay, your inaccurate personal data. The correction must be communicated to each recipient to whom the data were transmitted, unless this proves impossible or involves disproportionate (evident) efforts.

 

The right to delete data (“right to be forgotten”) gives you the option to request that your personal data be deleted, without undue delay, if one of the following reasons applies:

  • they are no longer necessary for the purposes for which they were collected or processed;
  • you withdraw your consent (used as a basis for processing) and there is no other legal basis for processing;
  • you object to the processing and there are no legitimate reasons that prevail;
  • personal data have been processed illegally;
  • personal data must be deleted in order to comply with a legal obligation;
  • personal data were collected in connection with the provision of services within an information based society.

 

The right to restrict processing may be exercised if you find one of the following situations:

  • contest the accuracy of the data that will be in return restricted for the period that will allows the verification of the rightness of the data;
  • the processing is illegal, and you oppose the deletion of personal data, requesting in exchange the restriction;
  • if Oveit no longer needs the personal data for the purpose of processing, but you request it for the establishment, exercise or defense of a right in court;
  • if you objected to the processing for the period of time in which it is verified whether the legitimate rights of the operator prevail over those of the person in question.

 

The right to data portability is your right to receive personal data in a structured, commonly used and automatically readable format, as well as the right to have this data transmitted directly to another operator, if this is feasible from a technical point of view.

 

The right to object refers to your right to object to the processing of personal data when the processing is necessary for the performance of a task that serves a public interest or when it refers to a legitimate interest of the operator. When the processing of personal data is for the purpose of direct marketing, the data subject has in particular the right to object to the processing at any given time.

 

However, if you wish to object to the processing on the basis of our legitimate interest, we may continue processing if we have and present legitimate interests that demonstrate further processing and prevail over your interests, rights and freedoms or if the purpose of processing in further will be the finding, exercise or defense of a right in court.

 

The right to file a complaint with the A.N.S.P.D.C.P.

 

You have the right to file a complaint with the A.N.S.P.D.C.P. if you consider that we infringe your rights regarding the processing of your personal data – Bucharest, 28-30 G-ral. Gheorghe Magheru Blvd., Sector 1, zip code 010336, http://www.dataprotection.ro.

 

THE MODIFICATION OF THIS POLICY

 

This Policy may be modified or updated at any time by Oveit, by making the updated versions available to the data subjects, through www.streams.live

 

DEFINITIONS:

In this Policy, the following terms have the following meanings:

  • personal data” means any information relating to an identified or identifiable individual/natural person (“data subject”); an identifiable individual/natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data, an online identifier, or one or more many specific elements, specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity;
  • processing” means any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as the collection, recording, management, structuring, storage, adaptation or modification, extracting, consulting, using, disclosing by transmission, dissemination or otherwise making available, aligning or combining, restricting, deleting or destroying;
  • restriction of processing” means the marking of stored personal data in order to limit their further processing;
  • operator” means the individual/natural or legal person, public authority, agency or other body which, alone or in association with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by European Union or national law, the operator or the specific criteria for its designation may be legislated under the European Union or national law;
  • proxy of the operator” means the individual/natural or legal person, public authority, agency or other body which processes personal data on behalf of the operator;
  • recipient” means the individual/natural or legal person, public authority, agency or other body to whom the personal data are disclosed, whether or not it is a third party. However, public authorities to which personal data may be communicated in the course of a particular investigation in accordance with European Union or national law shall not be considered as recipients; the processing of such data by the public authorities concerned shall comply with the applicable data protection rules, in accordance with the purposes of the processing;
  • consent” of the data subject means any manifestation of the free, specific, informed and unambiguous will of the data subject by which he/she accepts, by an unequivocal statement or action, that the personal data concerning him/her be processed.
  • N.S.P.D.C.P. = The National Supervisory Authority For Personal Data Processing