Data Protection Policy

The Board of Directors and management of S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L., located in Iasi at 3 Palat Street, Building E3 , 4th floor , zip code 700032, are committed to complying with all relevant EU and Member State laws in respect to personal data, and the protection of the “rights and freedoms” of individuals whose information S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L. collects and processes in accordance with the General Data Protection Regulation (GDPR).

Compliance with the GDPR is described by this policy and other relevant policies such as the Information Security Policy (CEN_ISMS_GDPR_DOC_5.2_INFORMATION SECURITY POLICY), along with connected processes and procedures.

The GDPR and this policy apply to all of S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L.’s personal data processing functions, including those performed on customers’, clients’, employees’, suppliers’ and partners’ personal data, and any other personal data the organisation processes from any source.

Local Security Officer / GDPR Owner is responsible for reviewing the register of processing annually in the light of any changes to S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L.’s activities (as determined by changes to the data inventory register and the management review) and to any additional requirements identified by means of data protection impact assessments. This register needs to be available on the supervisory authority’s request.

This policy applies to all Employees/Staff [and interested parties] of S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L. such as outsourced suppliers. Any breach of the GDPR will be dealt with under S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L.’s disciplinary policy and may also be a criminal offence, in which case the matter will be reported as soon as possible to the appropriate authorities.

Partners and any third parties working with or for S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L., and who have or may have access to personal data, will be expected to have read, understood and to comply with this policy. No third party may access personal data held by S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L. without having first entered into a data confidentiality agreement [document reference], which imposes on the third-party obligations no less onerous than those to which S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L. is committed, and which gives S.C. CENTRIC IT SOLUTIONS ROMANIA S.R.L. the right to audit compliance with the agreement.