Privacy Policy

CONFIDENTIALITY POLICY REGARDING THE PROCESSING OF PERSONAL DATA

We consider securing the right to personal data protection as a fundamental commitment, so we will dedicate all the resources and efforts required to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR “), As well as with any other applicable legislation on the territory of Romania. Since one of the key principles of this legal framework is transparency, we have prepared this document to let you know how we collect, use, transfer and protect your personal data when interacting with us about products and services including our website.

We reserve the right to periodically update and modify this Privacy Policy to reflect any changes in the way we process your personal data or any changes to your legal requirements. In the event of any such change, we will display on our website the modified version of the Privacy Policy, so please periodically review the contents of this Privacy Policy.

WHO WE ARE AND YOU CAN CONTACT US

Blitzkrieg Association, Romanian legal person, having its registered office in Sibiu, 7, Pompeiu Onofreiu str., Ap.12, Unique tax registration number 36194757, e-mail. info@blitzkrieg.ro (hereinafter “Blitzkrieg” or “us”). For the purposes of data protection law, we are an operator when we process your personal data.

WHAT WE PROCESS

The Operator processes personal data collected through the Site for the processing of orders (including taking over, validating, invoicing) and securing the services to which you are entitled under the Blitzkrieg Ticket to inform you about the organization of the Blitzkrieg event, for evaluation of products and services for the purpose of checking and ensuring access to the event venue.

Generally, the Operator processes the following personal data: name, surname, date of birth, email address, telephone number, country and city from which you provide. The operator processes your identification and contact information to verify and ensure access to the Blitzkrieg event venue and to avoid fraud.
The operator processes the date of birth to ensure that juveniles under 16 can not attend the Blitzkrieg eve. Also, if you are a minor and over 16, you will be asked for parent / guardian consent to participate in the Blitzkrieg event as well as parent and guardian contact details so that the Operator can contact them if you could be involved in exceptional situations.
Also, certain processing underlying these purposes is required by applicable law, including tax and accounting legislation.

WHO CAN ACCESS YOUR PERSONAL DATA?

We store your personal data in Romania on the servers of our online service provider SC ARCSoft-RO SRL, a company that is aligned with the GDPR norms. The operator will also be able to transmit the data to the contractual partners for the purposes described above but only on the basis of a confidentiality commitment from them to ensure that these data are kept secure and that their provision is made according to the law in force (courier, payment services, banking services, other services, insurers).

The operator will provide the data necessary to ensure access to the Blitzkrieg event to the check-in person in charge of providing access to the event venue. This will erase the data within 72 hours of the event closing date.

The operator will be able to transmit your personal data to the public authorities under the law. The data will also be forwarded to accountants, auditors, attorneys or other such external counselors of the Operator.
The operator will be able to disclose such data whenever the law so requires, or where such action is necessary to enable the exercise of the rights provided for by law to bring legal proceedings against any unlawful activity.

HOW WE PROTECT YOUR SECURITY YOUR DATA WITH PERSONAL CHARACTER

We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to industry standards.
The transmission of your personal data is done using state-of-the-art encryption algorithms and stored on secure servers while ensuring data redundancy.

To make payments, we use Netopia Mobile Pay payment processor services. Any payment information is encrypted using HTTPS technology with TLS 1.3 encryption.

Despite the steps taken to protect your personal data, we would point out that the transmission of information via the Internet in general or through other public networks is not completely secure, with the risk that data may be seen and used by third parties unauthorized parties. We can not be responsible for such vulnerabilities of systems that are not under our control.

HOW LONG DO WE STORE PERSONAL DATA?

We will retain your personal data for a reasonable amount of time, calculated based on the purpose for which we process the data. Some data could be retained for longer if they are needed to investigate fraud.

COOKIES

The site contains cookies (very small files that the Operator sends to the users of the Site). These cookies are of two types:

Function Cookies: These cookies enhance the experience of Site Browsing site users and allow them to benefit from features such as preference lists.
Performance cookies: These cookies are used to measure and analyze how the Operator’s customers use the Site. These cookies can continually improve the way the site works and its users experience.
Use of the Site implies the consent of Site users to place these types of cookies on their device and to access them on the next visit to the site. Information on deleting and controlling cookies is available at www.aboutcookies.org. Deleting cookies or blocking any cookies may prevent some site or site functionality from being accessed.

YOUR RIGHTS

The General Data Protection Regulation recognizes a series of rights with respect to your personal data. You can request access to your data, correct any mistakes in our files, and / or you can oppose the processing of your personal data. You can also exercise your right to complain to your competent supervisory authority or to appeal to the courts. As the case may be, you may also have the right to request the deletion of your personal data, the right to restrict your data processing and the right to data portability.

More information about each of these rights can be obtained by consulting the table below.

In order to exercise your rights, you can contact us using the contact details listed above. Please note the following if you want to exercise these rights:

  • Identity. We take seriously the confidentiality of all records that contain personal data. For this reason, please send us your requests regarding such records using the e-mail address of the records. Otherwise, we reserve the right to verify your identity by requesting additional information to confirm your identity.
  • Fees. We will not charge a fee to exercise any right with respect to your personal data, unless your request for access to information is ungrounded, repetitive or excessive, in which case we will charge a reasonable amount in such circumstances. We will inform you of any fees applied before you resolve your request.
  • Response time. We plan to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made several requests, in which case we will respond within a maximum of two months. We’ll let you know if we’ll need more than a month. We may ask if you can tell us exactly what you want to receive or what you are worried about. This will help us to act faster and shorten the response time to your request.
  • Rights of third parties. We do not have to respect an application if it adversely affects the rights and freedoms of other people concerned.

THE RIGHTS OF THE CONCERNED PERSON

ACCESS

  • to confirm that we process your personal data;
  • to provide you with a copy of this data;
  • to provide you with other information about your personal data, such as what we have, what we use, who we divulge, whether we transfer them abroad and how we protect them, how long we keep them, what rights you have , how can you make a complaint from where we obtained your data to the extent that the information has not already been provided by this information.

RECTIFICATION

  • You may ask us to rectify or complete your inaccurate or incomplete personal data.
  • We may try to verify the accuracy of the data before correcting it.

DELETING DATA

You may ask us to delete your personal data, but only if:

  • they are no longer necessary for the purposes for which they were collected; or
  • You have withdrawn your consent (if data processing is based on consent); or
  • you have a legal right to oppose you; or
  • these have been illegally processed; or
  • we have a legal obligation to do so.

We do not have to comply with your request for deletion of your personal data if processing of your personal data is required:

  • to comply with a legal obligation; or
  • to establish, exercise or defend a right in court.

There are certain other circumstances in which we are not obliged to comply with your request for data deletion, although these are the most likely circumstances in which we may decline your request

RESTRICTION OF DATA PROCESSING

You may ask us to restrict the processing of personal data, but only if:

  • their accuracy is contested (see rectification section) to allow us to verify their accuracy; or
  • processing is illegal, but you do not want the data to be deleted; or
  • they are no longer necessary for the purposes for which they were collected, but you need them to find, exercise or defend a right in court; or
  • you have exercised the right to oppose you, and checking whether our rights are prevailing is in progress.

We may continue to use your personal data as a result of a restriction request if:

  • we have your consent; or
  • to establish, exercise or secure the defense of a right in court; or
  • to protect the rights of Blitzkrieg or any other natural or legal person.
  • Data portability

You may ask us to provide your personal data in a structured, commonly used and readable form or request that it be “ported” directly to another data operator, but in each case only if:

  • processing is based on your consent or on the conclusion or performance of a contract with you; and
  • processing is done by automatic means.

OPPOSITION

You may oppose at any time, for reasons related to your particular situation, the processing of your personal data on our legitimate interest if you believe that your fundamental rights and freedoms prevail over this interest.

You can also oppose any time processing your data for direct marketing (including creating profiles) without any reason, in which case we will cease processing as soon as possible.

AUTHORIZING DECISIONS

You can ask that you not be the subject of a decision based solely on automatic processing, but only when that decision:

  • produces legal effects with regard to you; or
  • affects you in a similar way and to a significant extent.

This right shall not apply if the decision taken following automatic decision-making:

  • we are required to conclude or run a contract with you;
  • is authorized by law and there are adequate safeguards for your rights and freedoms; or
  • is based on your explicit consent.

COMPLAINTS

You have the right to complain to the Surveillance Authority about the processing of your personal data. In Romania, the data protection supervisory authority’s contact data is as follows:

The National Supervisory Authority for Personal Data Processing
Avenue G-ral. Gheorghe Magheru no. 28-30, Sector 1, postal code 010336, Bucharest, Romania
Phone: +40.318.059.211 or +40.318.059.212;
E-mail: anspdcp@dataprotection.ro

Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will do our best to resolve any issues amicably.

Blitzkrieg Association, 2019

Scroll to Top