The National Institute for Research - Development in Informatics - ICI Bucharest, editor of the SIC journal informs you through this GDPR policy about the processing of your personal data and the rights you have under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the processing of personal data and the free movement of such data, and repealing Directive 95 / 46 / EC (General Data Protection Regulation).

1. Contact details

The SIC journal, edited by the National Institute for Research - Development in Informatics - ICI Bucharest, having the website https://sic.ici.ro can be contacted in the following ways:

• e-mail: sic@ici.ro
• at the address: National Institute for Research - Development in Informatics –

ICI Bucharest, 8-10, Maresal Averescu Avenue, Sector 1,

Bucharest

2. Overview

The purpose of this document is to demonstrate to you that the trust you place in us is not one-sided and that, in return, we will take all the necessary steps to make your visit to our website as pleasant and consequence-free as possible.

If you have any questions or concerns about the terms used below, or any other questions about the way in which we maintain the privacy of your information, please contact us using the contact form on the website.

3. What kind of information do we collect from you through our website?

SIC collects information from its users through its website as follows: directly from the user, from traffic reports recorded by the server hosting the website, and through cookies.

The information that comes directly from the user is provided voluntarily by you when you subscribe to a service we offer. For example, we may ask you for your name, email address, social media account, or other personal information. This information helps us correctly identify you and provide the service you request without creating awkward situations such as name confusion, incorrect rights transfers, etc.

The information in the server traffic report is recorded based on your visit to our website. When you visit a website, you disclose certain information about yourself, such as your IP address, the time of your visit, the location where you accessed our site.

Information provided by cookies: For the proper functioning of the website, we use cookies, which have the task of ensuring easy interaction between users and websites. The cookies we use do not collect data that reveals your identity, so we cannot identify you with their help. You can configure your browser to either notify you when you receive a cookie or to refuse to accept them. Please note that some areas of our website may not display normally if you have set your browser to refuse cookies.

At the same time, please be advised that whenever you voluntarily disclose personal information online, that information may be collected and used by unauthorized parties. We want to assure you that SIC will do everything possible to protect your personal information, but we cannot ensure the security of any information you transmit to us if the environment from which you transmit it is unsuitable, and you do so at your own risk.

Our website contains links to other websites. SIC and ICI Bucharest have no responsibility for the way they manage their data.

4. How and when is the information used?

We use the information collected from you in several ways, depending on its type:

• Information provided directly by the user: This information is used only for the purpose of personalizing the services offered to you and verifying your identity in order to execute any contracts/agreements/partnerships between you and us following your use of the services we offer.
• Information collected from server traffic report: This type of information helps us identify which sections of our website are of interest to users. We also collect our users' IP addresses to help us safely manage our computer system or to prevent criminal activity.
• Information collected through cookies: We use cookies to give you the best possible experience on our services and to obtain statistical information that allows us to improve our services. They allow us to store your login details and preferences so that you do not have to re-enter them on your next visit.

5. GDPR Policy objectives

The confidentiality and protection of the data we collect from you is of paramount importance to us. The processing of personal data is carried out in conditions that ensure security, integrity and confidentiality, respect for the rights of data subjects and compliance with applicable legislation in this area.

5.1. Ensuring the legality of the processing of personal data

SIC processes personal data in the course of its activities under the following conditions:

• the data subject has given his / her consent;
• the processing is necessary to comply with a legal obligation to which it is subject;
• the processing is necessary for the performance of a contract, and the data subject is a party;
• the processing is necessary in order to protect the vital interests of the data subject or of another natural person concerned;
• the processing is necessary for the purposes of the legitimate interests of the operator

5.2. Ensuring the rights of the data subject

SIC respects the individual's right to privacy.

When SIC processes personal data, it informs the data subject what data it collects, what the purpose of the collection is, the recipients or categories of recipients of personal data, the duration of the data storage and its deletion after the expiry of the storage period.

If the purpose of the processing of personal data changes, SIC shall inform the data subject before processing the data to fulfil the secondary purpose.

6. The rights of the data subject

In accordance with the GDPR Regulation and in strict compliance with the scope provided by the European legislator, you have the following rights:

• the right to information - the data subject has the right to be informed about the aspects of the processing of personal data;
• the right of access - the data subject has the right to obtain confirmation from SIC as to whether or not personal data concerning him or her are being processed. If this is the case, she has the right of access;
• the right to rectification - the data subject has the right to have the operator rectify the personal data concerning him/her and, depending on the purpose of their processing, he/she has the right to request their completion;
• the right to delete data when the data are no longer necessary for the purposes - the person objects to the processing and there are no legitimate grounds for the processing or the data have been processed unlawfully;
• the right to restriction of processing in accordance with Article 18 of EU Regulation No 679/2016.
• the right to data portability - the data subject has the right to receive the personal data he/she has provided in a structured format if the following conditions are met at the same time: the processing is based on consent/contract/partnership etc. and has been carried out by automated means.
• the right to withdraw his/her consent at any time, free of charge;
• the right to lodge a complaint with the National Authority for monitoring Personal Data Processing;
• the right to go to court.

7. Personal data processed and used by SIC

Depending on the purpose of the processing of personal data, SIC may process (and is not limited to) the following categories and types of data:

• data contained in identity documents;
• data on marital status;
• contact details (telephone, fax, e-mail);
• occupation;
• place of work and name of employer;
• vocational training data;
• social security and / or health insurance number;
• medical information;
• family and military situation;
• data from public sources;
• images;
• criminal record data.

8. How do we protect the information we collect from you?

The data collected from you will be processed only by authorized personnel.

The personal data processed and used by SIC will be stored electronically or archived physically for the period necessary to achieve the purposes for which they were collected and in accordance with the applicable legal provisions. Once the processing of the personal data has ceased, it will be destroyed or archived in accordance with the applicable legal provisions.

We do not disclose the collected data to third parties without your explicit and prior consent, with the exception of public authorities, national or EU bodies, in order to carry out their activities (in accordance with GDPR, Art. 6).

Any traffic statistics of our users that we share with third parties are provided as a data set only and do not contain any personally identifiable information about an individual user.

Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Consequently, despite our efforts to protect your personal information, we cannot guarantee or warrant the security of any information you transmit to us to and from our online services. We therefore warn you that any information sent to us is done so at your own risk.

When we receive the information you submit, we warrant that we will make every effort to ensure its security in our systems, in accordance with the security standards imposed by applicable Romanian legislation.

9. Who has access to the information collected from you?

Notwithstanding the above, SIC does not disclose personal information about its users to third parties through its website without first obtaining the users' express consent in this regard.

At the same time, however, SIC may disclose personal information when expressly provided for by law or when necessary to protect our rights and interests.

In summary, when you visit our Site and ask us to disclose information about you, that information will only be provided to our Site unless the service or information is provided in partnership with another Site or service.

Any time such a service is provided in partnership with another site, you will be notified because it is necessary to share your personal information with the partner site or service. If you do not want your information to be shared, you may proceed accordingly by not allowing the transfer of information by not using that particular service.

If you choose to consent to the sharing of personal information, you must understand that a service provider in a partnership may have separate privacy and data collection practices. SIC has no control over, and cannot guarantee, all of the legal aspects associated with the use of these independent confidentiality practices.

* To receive and register the requests, it is mandatory to provide the following data of the data subject: name, surname, postal address of domicile or residence for communication, and in case of its electronic transmission it is mandatory to mention the e-mail address. To certify the identity, the submitted applications will be signed in handwriting.