PRIVACY AND COOKIES POLICY
This Privacy and Cookies Policy (hereinafter: the Policy) applies to all companies operating within the Roaming Group (hereinafter: “Roaming” or “we”).
Roaming companies may have their own privacy policies on their websites that describe how we handle personal information on those websites and within those companies. In such cases, if privacy policies on those websites differ from this Policy, the privacy policies published on the websites of those companies will take precedence.
This Policy applies to all personal data we collect about you, whether you have provided us with your personal data directly or we have otherwise obtained your personal data.
“Personal data” means any information relating to a natural person whose identity has been determined or is determinable, directly or indirectly, in particular by reference to an identifier, such as a name and identification number, location data, an online identifier or to one, or more features of physical, physiological, genetic, mental, economic, cultural and social identity of that natural person.
At Roaming, we respect your privacy as our existing and potential customers, and we are also committed to protecting the privacy of all others who entrust us with their personal information.
What data we collect
The categories of personal data collected by Roaming, in the capacity of the controller, are exclusively related to the services we provide. In this regard, we may collect the following categories of personal data relating to you:
- Identification data and business information that you share with us when establishing a business relationship and during business cooperation, such as name and surname, company you work for, job title and other contact information (e-mail address, telephone number, fax number, etc.);
- Information obtained when visiting our website and sending inquiries / requests;
- Information obtained when sending a CV or applying for one of our open job positions;
- Information collected during organization of promotional events and projects that we organize;
- Any other information that someone may provide to us, regarding a specific request.
All personal data that we collect (employees of clients, or others) are assessed through the risk assessment method of the ISO / IEC 27001: 2013 standard which is implemented within the whole Roaming Group, ie all available organizational and technical measures are taken to protect the security of this data.
How we collect personal information
We collect personal information mainly directly from you, during business cooperation with you, as our clients (including the data processing procedure before conclusion of the contract), through our website or when you request additional information from us regarding the services we provide.
In certain situations, we also collect personal data from reliable third parties, and we may also engage third parties to collect personal data that would help us achieve a specific purpose.
For what purposes do we use your personal information
We use all the personal information we collect to be able to provide you with the agreed service. Additionally, we collect personal data for the purpose of hiring new employees, as well as for the purpose of responding to your requests and inquiries.
Legal basis for processing personal data
Roaming collects and uses your personal information for the purposes described in this Policy, based on one of the following legal bases:
- Conclusion / execution of the contract. We may process your personal data in order to fulfill the contractual obligations arising from the contract with you or your company or to take action before concluding the contract;
- Consent. We will ask for your consent when it is necessary to process your data for one or more specific purposes;
- Compliance with legal obligations. In certain cases, the processing of your data is necessary for us to meet our legal obligations;
- Processing, in certain cases, may be necessary in order to protect the vital interests of the data subject or of another natural person;
- Legitimate interest. Roaming, in the following cases, bases the processing of personal data on a legitimate interest:
– Processing of personal data, even after expiration of the deadlines for data retention, in order to defend the interests of Roaming within the proceedings before various state bodies (courts, inspections, etc.).
– Video surveillance of Roaming premises as well as the area around Roaming business premises for security reasons. Roaming will display a video surveillance notice to keep people informed.
– In other cases, when the processing is necessary in order to achieve the legitimate interests of the controller or a third party, unless those interests are overridden by the interests or fundamental rights and freedoms of the data subject, which we assess in each particular case.
When collecting personal data, you may always choose not to provide us with the necessary data, except when we collect information under the law. However, in that case, please note that we may not be able to adequately establish, maintain or terminate a business relationship with you or your company, nor provide you with the required information.
Personal data protection
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have established appropriate physical, electronic and management procedures to safeguard and secure the information we collect online. We are certified according to the ISO / IEC 27001: 2013 standard, which primarily confirms that we are compliant with information security requirements from the point of view of human resources management, transmission media management, incident management, compliance with all laws, regulations and other regulatory requirements.
How long we keep your data
We store personal data until the purpose for which they were initially collected is fulfilled, in accordance with our internal acts and legal obligations to keep data.
After fulfilling the purpose for which the personal data was collected, we will delete your personal data, unless we need to retain this data to fulfill certain legal obligations or resolve potential disputes.
If the personal data is collected on the basis of given consent, after the withdrawal of the consent, we will stop processing your data.
Who we share your personal information with
As Roaming is a global organization, any of your data provided to us may be shared or processed by our affiliates, but only when there is an appropriate legal basis for such processing and when appropriate technical and organizational measures have been applied.
Under certain conditions, we may share your personal data with certain third parties in accordance with the contractual arrangements with those persons, in which case we will notify you and arrange our relationship with these persons in accordance with the positive regulations. All third parties are obliged to treat personal data as strictly confidential and to process the data only for the purpose of providing appropriate services.
In case of data transfer to other countries, the transfer will be made only to those countries or parts of countries to which such transfer is allowed according to the positive regulations governing the protection of personal data, that is only to those countries that provide an adequate level of protection for natural persons which is at least equal to the level of protection guaranteed by our positive regulations. If there is a need to transfer your personal data to countries or parts of countries that do not provide an adequate level of protection, Roamaing will implement the standard contractual clauses, and you will be notified of such transfer and possible risks associated with such transfer. In any case, you have the right to refuse consent to such transfer of your data.
If necessary, we may, upon request, submit personal data to the competent state authorities, public authorities which, for the purpose of enforcing legal obligations, have the right to access personal data.
Cookies do not in any way provide access to your computer or any information about you other than the information that you choose to share with us. You can accept or reject cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies.
Our website uses “first party” cookies (cookies set by Roaming), and “third party cookies” (cookies set by the third party providing the services). We use solely “first party” cookies that are necessary for the functioning of our website, while we use “third party” cookies for statistical purposes (Google analytics).
Our website uses the following types of cookies:
Our website also uses the Google Analytics service, which has its own set of cookies (https://analytics.google.com). The information collected by Google Analytics, such as the number of visitors to our website and the length of time spent on the website, is anonymous.
You can delete accepted cookies manually at any time in your browser settings. For more information, please visit the “Help” page on your internet browser.
Please note that if you delete or refuse to accept cookies on our website, we will not be able to remember which language you have chosen.
Links to other websites
Our website may contain links to other websites. However, when you use these links to leave our website, you should be aware that we have no control over the content of other sites. Therefore, we cannot be held responsible for the protection and privacy of any personal information you provide while visiting such sites. You should be careful and always look at the privacy statement that applies to the website you are visiting.
Management of your personal data
In accordance with the positive regulations governing the matter of personal data protection, you have the following rights:
- Right of access – you have the right to request to inspect or get a copy of all personal data we hold about you;
- Right to rectification – you have the right to request the rectification of inaccurate or incomplete personal data that we have about you;
- Right to erasure – you have the right to request the erasure of your data, if it is no longer necessary, when the law requires erasure of data or when the processing of data is illegal;
- Right to restrict processing – you have the right to request a restriction on the processing of your data in situations prescribed by the applicable positive regulations concerning the protection of personal data;
- Right to data portability – you have the right to request the transfer of your data to third parties;
- Right to object – you have the right to object to the processing of your data when we rely on our legitimate interest in the processing of data, when your rights outweigh our interests;
- Right to withdraw consent – if we process your personal data on the basis of consent, you have the right to request the withdrawal of consent at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out prior to the withdrawal of consent.
We will not sell, distribute or rent your personal information to third parties unless we obtain your permission or when we are legally required to do so.
You can exercise all rights regarding your personal data by sending a request to the e-mail address: email@example.com.
If you believe that we do not process your personal data in accordance with the law, you can file a complaint to the Commissioner for Information of Public Importance and Personal Data Protection.
Information about children
Roaming does not knowingly collect information about children under the age of 16 or about children without parental / guardian permission. If we learn that we have collected personal information from a child under the age of 16, we will delete it without delay. If you believe that we may have any information about children under the age of 16, please contact us immediately and without hesitation, and we will take appropriate measures to investigate and resolve the situation.
Cooperation with regulatory authorities
Roaming has appointed a Data Protection Officer (DPO).
The DPO will ensure appropriate communication with the competent privacy regulator in Roaming. The DPO will conduct investigations, deal with complaints and report violations. The DPO will monitor regulatory changes and consult with the regulatory body where the implementation of regulatory or technological changes raises doubts.
How to contact us
If you have any questions or comments regarding this Privacy and Cookies Policy, please feel free to send us an email at: firstname.lastname@example.org.
This Policy will be subject to regular revisions, and we will post any updated version on this website. Thereby, we will deem that you have read and consent to the terms of our Policy on the processing of personal data for the above purposes. If the Policy changes, we intend to take every reasonable step to ensure that all changes are posted on our website within a reasonable period of time.
Belgrade, May 7, 2020