Privacy Policy - wisepharm

This Privacy Policy describes the privacy practices of the website www.wisepharm.eu (the „Site”), a presentation site for Wisepharm, a SaaS software application, offered by High-Tech Systems & Software SRL, a limited liability company, operating under Romania Law, with its headquarters in Bucharest, District 1, Bucurestii Noi Boulevard, nr. 25A, registered with the Trade Registry under no J40/4847/2012, having Sole Registration Code 30126940 (hereinafter the “Company” or “HTSS”).
The scope of this Privacy Policy is to describe what personal data is collected and processed through the Site, the scope and legal grounds of such processing.
1. GENERAL PROVISIONS REGARDING THE COLLECTION AND PROCESSING OF PERSONAL DATA
1.1. Accessing and using the Site represents your consent of the processing of your personal data under the terms of this Privacy Policy and the related Terms of Service.
1.2. This document aims to detail how your personal data is collected and processed and the rights you have with regard to it.
1.3. If you do not agree with this Privacy Policy and the related Terms of Service, please do not continue browsing the Site. It is Your responsibility to read and acknowledge the Privacy Policy and related Terms of Service.
1.4. The security of your personal data is particularly important to us and we ensure that the personal data collected and processed through the Site is kept secure and is not used for purposes other than those mentioned herein or agreed by the parties.

1.5. This purpose may include, as appropriate, the following:
 Browsing the Site;
 Requests from data subjects;
 Initiating and conducting contractual relationships;
 Commercial communications (advertising, marketing, publicity, newsletter), if applicable.
1.6. This Privacy Policy is supplemented by the provisions of the Terms of Service document.

2. DEFINITION OF TERMS
2.1. PERSONAL DATA/ DATA – any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identification element, such as a name, an identification number, location data, an online identifier, or to one or more specific elements, belonging to their own physical, physiological, genetic, mental, economic, cultural or social identities, within the meaning of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR”).
2.2. CONTROLLER: HTSS, as owner of the Site, which collects and processes personal data belonging to the Data Subject, being a Personal Data Controller within the meaning of Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR”).
2.3. DATA SUBJECT – the natural person accessing the Site and/or wishing to enter into a contractual relationship with HTSS, subject to the processing of personal data.
2.4. SERVICES: represents all the functionalities made available to the User through the Site, including, but not limited to, accessing the dedicated pages and sections of the Site, the possibility of request a demo account for Wishepharm, the possibility to contact the Company to obtain more information about Wisepharm.
3. TYPES OF PERSONAL DATA COLLECTED AND PROCESSED
3.1. SIMPLY ACCESSING THE SITE DOES NOT LEAD TO THE PROCESSING OF YOUR PERSONAL DATA, BUT DATA MAY BE OBTAINED AUTOMATICALLY FROM THE CATEGORY MENTIONED IN PARAGRAPH 3.4 BELOW, WITHOUT, HOWEVER, BEING LINKED TO A PERSON. THE PERSONAL DATA THAT WE COLLECT AND PROCESS ARE THE RESULT OF YOUR VOLUNTARY COMMUNICATION.
3.2. The Controller collects, records, processes, archives and finally deletes the personal data of the Data Subject as described in Article 4.
3.3. The data referred to in Article 3.2 may be transmitted in whole or in part to third parties for the purposes of processing.
3.4. As the access to the Site is made online, the software application (internet browser) on the devices used by the Users automatically communicates to the Controller one, several or all of the following data:
 software application type and version (internet browser);
 IP address;
 the type of device used to access the Site;
 date and time of access;
 location;
 domain name;
 domain host.
4. CATEGORIES OF DATA PROCESSED, LEGAL BASIS AND PURPOSE OF PROCESSING OF PERSONAL DATA
4.1. Browsing the Site:
(a) Access of the Site implies the use of cookies to automatically collect technical information among those mentioned in point 3.2.
(b) The purpose of the use of cookies is to improve the browsing experience, providing individualized content tailored to the interests and preferences of the Data Subject.
(c) As a result, to the extent that you have consented to the use of cookies, we will use them to provide you with a personalized and relevant browsing experience on our website.
(d) For more information about the use of cookies, please see our Cookie Policy, available when accessing the Site.
4.2. User Requests:
Following the correspondence sent through the dedicated form available on the Site, in order to answer your requests, we will process your personal data according to the purpose and the grounds mentioned below.
Purpose Categories of data processed Legal basis Duration
Submission of requests by the Users through the dedicated form Company name, Name, Surname of company representative, role in company, e-mail address, telephone number, Conclusion and/or performance of a contract 5 years from the date of transmission of the response
5. PROCESSING OF PERSONAL DATA THROUGH DATA PROCESSORS
5.1. In order to achieve the purposes described above, HTSS may use the services of several contractual partners. These contractors have the capacity of authorised persons and may be provided with your personal data for use within the limits of the obligations they have assumed towards HTSS. The personal data that we disclose to the data processors is limited to the minimum personal information that is necessary for the provision of those services, and we ask them not to use personal data for any other purpose. We make every effort to ensure that all entities we work with store your personal data in a safe and secure manner.
5.2. Personal data indicated above may also be made available or transmitted to third parties in the following situations: (i) public authorities, auditors or institutions competent to carry out inspections and controls on HTSS activities and assets, which request HTSS to provide information, by virtue of the latter’s legal obligations. These public authorities or institutions may be the National Supervisory Authority for the Processing of Personal Data, the Labour Inspectorate, police bodies, the Consumer Protection Authority, the National Agency for Tax Administration; (ii) for compliance with a legal requirement or to protect the rights and assets of our Company or other entities or persons, such as courts of law; (iii) third party acquirers, to the extent that HTSS’ business would be transferred (in whole or in part) and the data subjects’ data would be part of the assets subject to such transaction.
5.3. The persons and entities to whom we may share personal data are the following:
(a) For the purposes of browsing the Site and for purposes relating to the use of cookies, we may transmit personal data to analytics and search engine service providers in order for them to provide maintenance services for our Site;
(b) For direct marketing communications, we may transmit personal data to advertising and marketing agencies that carry out the communication on our behalf.
6. TRANSFER OF PERSONAL DATA ABROAD
6.1. In the context of the operations described above, your personal data may be transferred abroad to countries in the European Union (“EU”) or the European Economic Area (“EEA”).
6.2. We hereby inform you that any transfer made by HTSS to an EU or EEA member state will comply with the legal requirements set out in the GDPR.

7. RIGHTS AND OBLIGATIONS OF DATA SUBJECTS
7.1. The Users are aware of the general rights they benefit from as data subjects under the legislation on the processing of personal data, namely: the right of information and access to personal data; the right to rectification or erasure of data; the right to request restriction of data processing; the right to data portability; the right to object to the processing of personal data concerning them; the right to address the courts and supervisory authority (in Romania the supervisory authority is the National Supervisory Authority of Personal Data Processing ).
7.2. The Users are aware that the rights mentioned above are not absolute rights and accept that there is a possibility that certain data used for the fulfilment of the purpose cannot be deleted (e.g., personal data for which there are reporting obligations to the authorities or for which there is a storage obligation).
7.3. The Users have the following obligations:
 to provide true, accurate and complete data in accordance with the form on the Site, as well as in accordance with HTSS requests. If the data provided is not true, accurate and complete or has changed, the User has the obligation to inform the Controller via the Site or by e-mail at the email address mentioned on the Site of this fact and to provide the correct information as soon as possible;
 to ensure that data is updated whenever necessary;
 not to publish obscene, defamatory, threatening or malicious information, reviews and evaluations towards the Controller, its employees/collaborators, nor material or information prohibited by the legal provisions in force.
7.4. In case of breach of obligations by the Users, the Controller has the right to take all legal measures to ensure the return to the previous situation (deletion of information published by the User, blocking access to the Site, etc.), as well as to hold liable the Data Subject in question.
8. DELETION OF PERSONAL DATA
8.1. Certain Data may be stored for the period of time necessary to fulfil the purpose. We may also store certain Data after the purpose for which it was collected has been fulfilled in order to fulfil our legal obligations, settle disputes, etc.
8.2. Once the processing period indicated above expires and HTSS no longer has legal or legitimate grounds to process your personal data, the data will be deleted in accordance with its procedures, which may involve archiving, anonymization or destruction.
9. MODIFICATION OF PRIVACY POLICIES
9.1. This Privacy Policy may be subject to change as a result of legislative changes or changes occurring at the HTSS or the Site level;
9.2. The amended/updated Privacy Policy shall be published on the Site and shall take effect from the time of publication, thus being available to the Data Subject;
9.3. By continuing to use the Site, the Users agree to the new provisions of the Privacy Policy and are deemed to have acknowledged them.
If Users do not agree with one or more of the current or future provisions of the Privacy Policy, they will not be able to access the Site and its content.
DISCLAIMER
DATA SUBJECTS FULLY UNDERSTAND AND AGREE THAT ALL THE PERSONAL DATA OF DATA SUBJECTS IS PROVIDED VOLUNTARILY, EITHER BY THE CLIENT, THE CLIENT REPRESENTATIVE AND/OR THE USER AND THAT THE COMPANY TAKES NO LIABILITY IN THE ACCURACY OF THE PERSONAL DATA PROVIDED. IN THE EVENT THAT THE PERSONAL DATA IS PROVIDED BY THE CLIENT OR THE CLIENT REPRESENTATIVE, THE DATA SUBJECT FULLY UNDERSTANDS AND AGREES TO THE FACT THAT THE CLIENT OR THE CLIENT REPRESENTATIVE HAS THE RIGHT TO DISCLOSE SUCH PERSONAL DATA TO THE COMPANY AND / OR THE SUB-PROCESSORS. THE COMPANY CANNOT BE HELD LIABLE FOR ANY LOSS OR DAMAGE CAUSED TO THE DATA SUBJECT, AS A RESULT OF THE PROCESSING OF PERSONAL DATA PROVIDED BY THE CLIENT, THE CLIENT REPRESENTATIVE AND/OR THE USER.