This policy refers to aspects related to the personal data protection of TOTEM Communication company, headquartered in 27 Popa Soare Street, Bucharest 2, 023981, Romania, hereinafter referred to as “TOTEM”.
Vision
Within the current and, especially, future circumstances and business environment, personal data protection is essential to us, as well as to our Customers and Partners. This is why we commit to protect our information and that of our Customers and Partners, to monitor, assess and improve the adequacy and effectiveness of this protection in terms of personnel, methods and assets, including hardware and software.
Mission
Ensuring the protection of personal data, their confidentiality, integrity and availability under conditions consistent with legal, regulated and other requirements undertaken in this field.
Area of Applicability
All personal data processing, transferring and storing activities, all the personnel involved and all relevant assets in all departments of the company, including hardware, software, storage media, documents and records.
Goal
The Policy’ purpose is to protect the personal data of TOTEM, their clients, their partners and collaborators and the data of the persons who are subject to their projects.
Principles
- Compliance with the laws, fairness and transparency. Personal data will be collected and processed legally, fairly and transparently, to protect the individual rights of data subjects.
Limitation to the specified purpose. Personal data will only be collected for explicit and legitimate purposes and will not be processed in a manner incompatible with the initial purposes.
Data accuracy / Data updating. Personal data will be accurate and, where necessary, constantly updated. TOTEM will take all necessary measures to promptly remove or rectify any inadvertency.
- Limitation to the required data. Personal data will be adequate, relevant and limited to the strictly necessary. Personal data will not be stored for longer than necessary.
- The rights of Personal data subjects. TOTEM observes the rights of all data subjects, including the rights to access their data, the restriction of data processing or deletion, and their accuracy. TOTEM will provide clear and unambiguous information about the manner and purpose regarding the collection and processing of subjects’ personal data.
- Removing personal data. The period of personal data storage will be defined. TOTEM deletes the personal data that is no longer necessary in relation to the purposes for which they have been collected or if the consent has been withdrawn and no other legitimate purpose for data processing is applied.
Data processing security / Data security. Personal data will be processed safely. Appropriate technical and organizational measures will be taken regarding data security, against unauthorized processing or alteration, against loss or destruction, as well as against unauthorized disclosure of and access to the personal data transmitted, stored or processed. TOTEM fully ensures the integrity, availability, privacy and authenticity of personal data. In the event of an incident, TOTEM is able to restore, in a timely manner, the availability and access to personal data.
Implicit protection of personal data. TOTEM will implement the appropriate technical and organizational measures to ensure that only the personal data necessary for the specified purposes are processed. The principle of implicit data protection will be followed during the development of new products.
- Responsibility. TOTEM undertakes the responsibility for all activities regarding personal data processing. TOTEM manifest their responsibility and are able to demonstrate their compliance.
Final Decisions
To ensure the success of the personal data protection mission, TOTEM Communication management has appointed a Person Responsible with Data Protection, who will carry out the Policy and provide support and guidance for its implementation.
For the implementation of this Policy, internal procedures for personal data protection have been activated.
Each person in management position within TOTEM is responsible for the implementation and success of the current policy in his/her management area, including the involvement and performance in this regard of the subordinated personnel.
Each Employee has the obligation to know, comply with and support this Policy and the applicable provisions included in the personal data protection documentation provided by TOTEM
The Personal Data Protection Policy of TOTEM will be periodically reviewed.
The Personal Data Protection Policy has been approved by the TOTEM management.