Website Terms and Conditions Regarding the Protection of Personal Data

YUM SOFTWARE S.R.L. acknowledges the importance of your personal data and is committed to safeguard its privacy and security. It is therefore important for us to provide you with the information regarding the processing of your personal data in an integrated manner.

YUM SOFTWARE S.R.L. is a Romanian company having its registered office at 175 Floreasca Avenue, Side B, 6th floor, office nr. 2, Bucharest, sector 1 registered with the Trade Register under no. J40/11005/2009, unique identifier RO26215836, email office@yumsoftware.com, duly represented by Madalin ANDREI, as Director, (hereinafter referred to as the “Company”), its core business being “Computer programming activities (client-oriented software)”.

The Company observes the privacy of all customers and the privacy of all visitors on our website and shall treat/process the personal data under appropriate technical and organizational security conditions.

The Company processes the personal data provided directly by you as data subjects, or indirectly upon delivering on any business/contractual relationships.

Personal data is collected either exclusively based on your consent/agreement, if provided knowingly, willingly and voluntarily, or upon the Company’s request, e.g. via one of the online forms we use, i.e. the online contact form, by subscribing to newsletters (after having opted to receive such newsletters), by filling in the data in the account registration form on the Company website, etc.

If you do not agree with any of the provisions herein, do not use our website or do not provide your personal data to us. However, please note that some services might be conditional upon you providing your personal data to us.

YUM SOFTWARE SRL shall only process your personal data only to the extent it is required for the fulfillment of the purposes specified below, in compliance with the legal requirements on data security and privacy.

What personal data does the Company process? In order to carry out its daily business, including any contractual activities, as well as for the purpose of applying the legal requirements, including those regarding the protection of natural persons with regard to the processing of personal data and on the free movement of such data (domestic law and EU community law), the Company might require you to provide certain personal data. For such purposes, the Company shall process, inter alia, the following personal data: your surname and first name, phone/fax number, permanent/chosen address, email address, occupation, workplace, IP address, bank card number, card expiry date, CVV2/CVC2 number, etc.

Personal Data Processing means any operation or set of operations which is performed on your personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, blocking, erasure or destruction.

In order to access the Company’s website, you need not provide any kind of personal data.

Who are the data subjects?

The data subjects whose data may be processed by the Company exclusively for the purposes mentioned below are: the Company’s (present, past or potential) individual customers, visitors, general public, their legal or conventional representatives/attorneys-in-fact.

The consequences of refusing to provide personal data

As data subject, you are required to provide complete, up-to-date and accurate data. In order to be able to provide certain Company-specific services, personal data shall be required, which are needed for the delivery of those services, and refusing to provide such data may make it impossible for the Company to provide the services. When you acquire a product/service provided by the Company, we will collect personal data in connection with the provision of those products/services. Furthermore, if you visit our Company headquarters, we will collect personal data (images, data processed by video surveillance systems, etc.) for the purposes of observing our legal obligations and conducting our daily business (legitimate interest).

By reading these provisions and/or signing any document providing personal data to the Company or by providing personal data in order to purchase the Company’s products/services, the data subjects are informed and/or expressly manifest their consent (agreeing) on the processing of their personal data according to the legal requirements on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (domestic law and EU community law).

If data processing is no longer required to provide any product/service, to perform any legal requirement, nor is it justified by the Company’s legitimate interest, data subjects may object to such processing or may withdraw their previously given consent, without any retroactive effect. For example, data subjects may withdraw their consent to data processing for direct marketing purposes at any time and without being required to indicate any reason. After the settlement of the consent withdrawal request, the data subject shall no longer receive newsletters regarding the products/services offered by the Company.

What are the purposes for collecting personal data?

  • The Company performing its business/contractual activities;
  • Invoicing and receiving the fees for the products/services offered by the Company;
  • Marketing, promotional, advertising, publicity activities, contests, including transmission of general or custom-made business offers; developing and improving products/services;
  • Operational management;
  • Managing client relations; business communication with customers/suppliers by any means of communication;
  • Fulfilling applicable legal requirements;
  • Archiving, statistical purposes;
  • Debt collection/outstanding debt recovery;
  • Settlement of disputes and litigation, enforcing judgments, arbitration resolutions, court orders, etc.

The Company shall treat the information collected from you as confidential and shall not share it with any third parties without your prior express consent.

Who are the recipients of your personal data?

The recipients of the data may be:

  • the Company’s (present, past or potential) individual customers, visitors, general public, their legal or conventional representatives/attorneys-in-fact (for the purpose of performing business/contractual relationships).
  • the Company’s vendors, providers and other business/contractual legal entity partners, public authorities/agencies;
  • Central and local public authorities, court authorities, police, prosecutor’s offices (within the limits of the legal requirements and/or following expressly submitted requests), banking corporations, bailiffs, insurance and reinsurance companies, market research organizations (statistical purposes), etc.

The Company shall ensure personal data confidentiality and shall not provide such personal data to any third parties other than those specified herein.

Personal data processing for promotional (marketing) purposes.

Personal data provided by the data subjects (such as: surname and first name, email address, fax number, mobile phone/landline number) shall be processed by Company subject to complying with the rights of the data subjects, particularly with the right to information and right to object, for the following purposes: marketing (including direct marketing), contests, advertising lotteries, conducting commercial communication for the Company’s products and services, including those developed together with its partners, by any means of communication, including by means of electronic communication services. The personal data provided by the data subjects may be used for promotional (marketing) purposes and for the products and services of other Company partners, subject to complying with the rights of the data subjects. If the Company intends to use your personal data for direct marketing purposes (after opt-in by the data subject), data subjects shall be informed in advance. Data subjects may exercise their rights to prevent such processing by selecting the appropriate boxes in the forms/documents used for collecting personal data. Irrespective of the situation, if you want the Company to no longer process your personal data, you may expressly request us to stop any data processing. Furthermore, when you wish to no longer receive newsletters or information materials from the Company, you may unsubscribe by clicking the “Unsubscribe” button.

In your relationship with the Company, you have the following rights under the applicable legal requirements: right to access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object and automated individual decision-making.

Term of personal data processing

In order to achieve the above-mentioned purpose, the Company shall process the personal data for the entire period when it conducts its business, until such time when the data subject or their legal representative expresses their right to object/erasure (unless the Company processes the data on the grounds of a legal requirement or legitimate interest). After the completion of the personal data processing operation for the purpose for which it was collected, if the data subject or their legal representative does not exercise their right to object/erasure under the law, such data shall be archived by the Company for the period stipulated in the Company’s internal procedures and/or shall be destroyed.

What security measures are used to protect your data?

To prevent the unlawful use, as well as any misuse of personal data, we use security methods and technologies, as well as proper policies and working procedures in order to protect the collected personal data. The security of data transmitted via de Internet can never be fully guaranteed. While the Company makes all efforts to protect personal data, the security of data transmitted to the Company’s website cannot be fully guaranteed. Any data transmission shall be at the risk of the data subjects. Once the personal data is received, the Company uses strict safety procedures and measures against unauthorized and unlawful use, destruction, accidental loss or disclosure of personal data.

Banking data security.

For card payments (e.g. purchasing products online), the sales are made with the aid of online payment solutions provided by third parties authorized by the Company. In order to remove the risk of unauthorized persons getting hold of, or misusing or unlawfully using personal data, the third parties authorized by the Company guarantee the lawfulness and security of personal data (card number, expiry date, etc.) and of the information systems used.

Requirements for personal data transfers outside EU and the European Economic Area

Data transfers outside EU and the European Economic Area can only be made under the requirements of the domestic and EU law on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

What are your rights?

By reading this document, the data subjects have been made aware of their rights under the applicable legal requirements, i.e. right to access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object and automated individual decision-making. Furthermore, when processing is carried out based on consent, data subjects shall have the right to withdraw their consent at any time in a written form addressed to the Company under the terms of the applicable laws. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Data subjects shall also have the right to object at any time, free of charge and without providing any reason to the processing of personal data for direct marketing purposes, using the opt-out options included in the marketing materials, if any.

For the other purposes, data subjects shall be entitled to object at any time and free of charge to the processing of personal data provided to the Company, specifying the concerned data and purpose, only for grounded and legitimate reasons relating to their particular situation, unless the Company demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims. In case of unjustified objection, the Company shall be entitled to continue processing such data.

By reading this document, data subjects acknowledge and understand that the personal data provided to the Company constitute essential elements for accessing the services provided by the Company and/or for carrying out the business/contractual activities.

If data subjects directly or indirectly exercise their above-mentioned rights in a manifestly unfounded or excessive way, in particular because of their repetitive character, the Company may either:

  • charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested;
  • or refuse to act on the request.

Furthermore, if data subjects directly or indirectly exercise their above-mentioned rights in a manifestly unfounded or excessive way, in particular because of their repetitive character, the Company shall be entitled to terminate the Agreement with the Client without any other formality or intervention by the courts of law, safe for a notification.

In order to exercise your rights, you may contact the Company directly by sending a written, dated and signed request to: data.protection@yumsoftware.ro, or by mail to the following correspondence address: 175 Floreasca Avenue, Side B, 6th floor, office nr. 2, Bucharest, sector 1. The application shall be accompanied with a legible copy of the signatory’s identification document.

Data subjects shall also have the right to lodge a complaint with a supervisory authority and to seek a judicial remedy.

These provisions may be amended/updated from time to time. Please check these provisions each time you use the Company’s website in order to be at all times up-to-date with these provisions. By using the Company’s website or the Company’s services through the website after such changes/amendments are made, you shall be deemed to have accepted the new provisions.