Black and white crayon drawing of a research lab

General Data Protection Regulation (GDPR)

ICI Bucharest, through this GDPR Policy, informs you about the processing of your personal data and your rights under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (General Data Protection Regulation - GDPR).

1. Contact Information

ICI Bucharest is organized under Government Ordinance no. 57/2002 on scientific research and technological development (as amended) and operates under Government Decision no. 1621/2003 (as amended). You can contact us through the following channels:

  • Email: [email protected]
  • Postal Address: B-dul Mareșal Averescu Nr. 8-10, Sector 1, Bucharest

2. General Principles

This document aims to assure you that the trust you place in us is reciprocal. We take all necessary measures to ensure your visit to our website is secure and pleasant. Should you have questions or concerns about this policy or the terms herein, please contact us via the form on our Contact page.

3. Information We Collect

We collect information from you in the following ways:

  • Directly from you: When you voluntarily provide personal information such as your name, email address, or social media account to access our services.
  • From traffic reports on our servers: Data such as your IP address, time of visit, and location are automatically logged during your site visit.
  • Via cookies: Small files that help improve your interaction with the site. Cookies do not collect data that identifies you personally.

Cookies

Cookies ensure smooth functionality and user experience. You can configure your browser to notify you when cookies are received or to block cookies entirely. However, blocking cookies may impair some site functionalities. For more information, please see our Cookie Policy.

4. Use of Collected Information

The data collected is used in the following ways:

  • Personal information: Used to personalize services, verify your identity, and facilitate agreements or contracts.
  • Traffic data: Helps identify popular sections of the site and ensures the secure administration of our systems.
  • Cookies: Enhance user experience and gather statistical data to improve our services.

5. Objectives of GDPR Policy

We are committed to safeguarding the confidentiality, security, and integrity of your personal data. Data processing is carried out under conditions that respect your rights and comply with applicable laws.

5.1 Lawfulness of Data Processing

ICI Bucharest processes personal data only if:

  • You have provided consent.
  • It is necessary to fulfill a legal obligation.
  • It is required to execute a contract.
  • It protects vital interests.
  • It serves legitimate business interests.

5.2 Ensuring Rights

We ensure transparency regarding the purpose, storage duration, and recipients of your data. If the purpose changes, we will notify you before using your data for the new purpose.

6. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to be informed: About how your data is processed.
  • Right of access: To know if your data is processed and to access that data.
  • Right to rectification: To correct inaccuracies in your data.
  • Right to erasure (“right to be forgotten”): To delete data when no longer necessary or if it was unlawfully processed.
  • Right to restrict processing: As per Article 18 of GDPR.
  • Right to data portability: To receive your data in a structured format where applicable.
  • Right to withdraw consent: At any time, free of charge.
  • Right to lodge a complaint: With a supervisory authority.
  • Right to judicial remedy: If your rights are infringed.

7. Categories of Processed Data

Depending on the purpose, we may process the following categories of data:

  • Identification documents
  • Civil status data
  • Contact details (email, phone)
  • Employment and professional data
  • Social security or health information
  • Publicly available data
  • Images or videos

8. How We Protect Your Data

Only authorized personnel handle your data. Data is stored electronically or archived physically for as long as necessary and in compliance with legal requirements. Upon completion of data processing, data is securely deleted or archived as required by law.

Your data is not shared with third parties without your explicit consent, except for public authorities or other entities as required by law. Aggregate, non-identifiable statistics may be shared with partners to improve services.

We recommend using secure networks and taking precautions to protect sensitive information (e.g., passwords). While we implement strict security standards, data transmission over the internet cannot be guaranteed to be 100% secure.

9. Third-Party Access

We do not disclose personal data to third parties without your consent, except when required by law or to protect our rights. Any third-party service we partner with will follow similar privacy practices, ensuring your data’s confidentiality.

If you use a partnered service, you will be informed, and you may choose whether to share your data. Partnered providers are responsible for their data privacy practices.

If you have questions about this GDPR policy or wish to exercise your rights, please contact us via the Contact page on our website.