Privacy Policy
1. What is personal data?
Under the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
There is no list of personal data, and the GDPR does not require States to make such a list, as a data may become personal data in one context and in another context simply be information without personal data value.
Examples of personal data:
– Name;
– Domicile or residence;
– E-mail address (including addresses such as andrei.popescu@firma.ro);
– Identity card, passport or ID card number;
– Location data (e.g. location data function available on a mobile phone);
– An IP;
– A cookie ID;
– Silhouette of someone from CCTV recordings;
– A license plate number of a car.
2. Information we collect
og2.co.uk uses forms where you can order products from us, comment on articles, create an account, contact us at [contact](https:// og2.co.uk /contact/) or sign up for og2.co.uk newsletters. Detailed below are all the types of data we collect and how we then use it:
– Order Information: Order history, order track.
– Customer Relations: When you contact customer services for information or to make a complaint, we store the information you provide to us, where applicable. For example, the reason you contacted us, which order you were not satisfied with, or if there were any products missing on delivery. Depending on why you contacted us, the personal data may vary.
– Categories of personal data:
– Communication data
– Other information
This information is necessary for us to fulfill our obligations related to your order and to deliver the food products to you (fulfillment of the contract). But it is also in our business interest to provide you with the best shopping experience (legitimate interest).
– Order Delivery Receipt Process: After placing your order, certain processes run in the background, to send your order we need your personal data.
– Communication data
– Device information
– Order information
– Other information
– Billing / company data: If you have provided us with the data of the company where you are a partner, employee, owner or administrator, such as C.N.P. (at P.F.A./I.I.), C.U.I., Trade Register Registration Number, company’s registered office address, bank account, bank name, name and position of the legal representative, we will use this data to conclude contracts previously agreed with you.
– Browser/IP/device data: If you have consented to us collecting it, we will collect details about the browser used, the IP address, the device, such as hardware model, operating system version, unique device identifiers and mobile network information, including telephone number. We use this data to determine how you use our site, the purpose of which is to make changes to make it easier for you to find the information you are looking for.
Unique Device Identifiers (sometimes called Universal Unique ID or UUID) are a string of characters embedded by the manufacturer in a device. It can be used to identify the device exactly (e.g. the IMEI number of a mobile phone). Different device identifiers differ in several ways: validity, whether or not they can be reset by users and how they can be accessed. A given device may have several different unique identifiers. Unique device identifiers can be used for a variety of purposes, including for security and fraud detection, to synchronize services, e.g., incoming messages to a user’s email address, to remember user preferences, and to serve relevant advertisements.
We will also be able to use:
– Application data cache: An application data cache is a data store on a device. It can, for example, allow a web application to run without an internet connection and can improve application performance by allowing content to load faster.
– Browser web data storage: Browser web data storage allows websites to store data in a browser on the device. When used in “local storage” mode, the feature allows data to be saved between sessions (e.g. so that data can be retrieved after the browser is closed and reopened). One technology that allows storing data from the web is HTML 5.
– Cookies and similar technologies: the Cookie Policy is detailed in a separate section on this page.
– Device: A device is a computer that can be used to access our website and services. For example, a device can be a computer, tablet, smartphone, or any other electronic device equipped with the necessary browser capabilities that connects to the internet.
– HTTP source header: The HTTP source header contains the information transmitted by a web browser to a destination web page, typically when you click on a link to that web page. The source HTTP header contains the URL of the last web page accessed by that web browser.
– Non-personally identifiable information: This is information recorded about users in such a way that it no longer reflects or references an individually identifiable user.
– Sensitive Personal Information: This is a special category of personal information associated with confidential medical information, racial or ethnic origin, political or religious beliefs or sexual orientation.
– Server logs: As with most websites, our servers automatically log page requests made when a user accesses our websites. These “server logs” typically include your web request, IP address, browser type, browser language, the date and time of the request, and one or more cookies that can precisely identify your browser.
– Summary: You are under no obligation to provide us with any data, it is strictly at your option, but it is important to understand that without it your relationship with us may be limited, and that certain parts of the website may not function properly, we may not be able to collaborate, or we may not be able to notify you about services in our portfolio that you may be interested in.For our part, the above list does not imply that we are required to collect all of this data, but we may only collect some of it, depending on your choices in your dealings with us.
Marketing
– Advertising: we will send you e-mail to offer you coupons, discounts and promotions, to conduct surveys and studies to improve our services. You can object to further data processing for advertising purposes with each email. Of course, you can contact our Data Protection Officer directly at [Enquiries@og2.co.uk] if you wish to object to the processing of your data for advertising purposes or for further information on this question.
– Email marketing: We want to prevent generic newsletters and unoperated marketing measures. Therefore, we will select transactions that match your interests and will contact you if we think the information would be helpful to you. You can object to further processing of data for advertising purposes with each e-mail. Of course, you can contact our Data Protection Officer directly at [Enquiries@og2.co.uk] if you wish to object to the processing of your data for advertising purposes or for further information on this question.
– Merger and acquisition, change of ownership: We also want to inform you that in the event of a merger with or acquisition by another company, we will disclose information to that company. We will require the company to comply with legal data protection regulations.
– Other information: If you voluntarily decide to share information that goes beyond the mandatory disclosures, we are, of course, happy to do so. In this way, we can continue to improve our service. This is data you voluntarily provide when using our website, but also information from other sources, such as social media or other (public) databases (e.g. user IDs of other platforms).
– Quality evaluation: In order to provide you with better service at all times, we regularly evaluate the success or potential causes of unsuccessful marketing measures. For this, we analyze, for example, whether our newsletters are open and the content is also chosen.
3. To whom this information is transferred
We will only disclose your personal data for the purposes and to those third parties listed below. We will take appropriate steps to ensure that your personal data is processed, secured and transferred in accordance with applicable law. We will transfer your personal data, where strictly necessary on a need-to-know basis, to the following categories of third parties:
(a) companies that provide products and services to us (processors), such as:
– Media agencies such as those who run promotional campaigns and those who manage the og2.co.uk website;
– Market research services: analysis, advertising, strictly for the needs of og2.co.uk;
– Infrastructure agents (other parties who manage email newsletter, SMS marketing or other marketing, customer support or sales activities on our behalf), strictly for og2.co.uk;
– Information technology systems providers and support, including email archiving, telecommunications providers, back-up and disaster recovery services and cyber security services.
(b) External Service Provider – Supports our operations in providing IT solutions and infrastructure or security to our business operations, such as identifying and resolving malfunctions.
(c) other parties, such as public authorities and public institutions, accountants, auditors, lawyers and other external consultants, whose work involves a need to know such data or where we are required by law to make such disclosure.
We will also disclose your personal data to third parties:
1. If you give us your consent to this disclosure;
2. To persons who demonstrate that they are acting lawfully on your behalf;
3. Where it is in the legitimate interests of og2.co.uk to manage, grow and develop its business;
4. If we sell the business or parts of it, we may disclose your personal data to the prospective purchaser of the business or parts of it, having regard to the need to maintain business continuity;
5. If og2.co.uk or a substantial part of its assets are acquired by a third party, in which case the personal data processed by og2.co.uk will form part of the transferred property.
II. If we are required by law to disclose a particular type of information, in the case of lawful requests by government officials, or where we are required to comply with national security or law enforcement requirements or to prevent unlawful activity.
1. to respond to any complaints, to protect our rights or the rights of any third party, to protect the safety of any person, or to prevent any unlawful activity; or
2. to protect the rights, property or safety of og2.co.uk, our employees, customers, suppliers or others.
Some recipients (including our affiliates) may use your data in countries outside the European Economic Area. See the dedicated section below for more details on this.
Restrictions on use of information by third parties
Any third parties to whom we disclose your personal information in accordance with the above are limited (by law and by contract) in their ability to use your personal information only for the purposes specifically identified by us. We will always ensure that any third parties to whom we disclose your personal information are subject to confidentiality and security obligations in accordance with the contracts signed with them and applicable laws. However, for the avoid of doubt, this may not be applicable where disclosure is not our decision. Except in the situations expressly detailed above, we will never disclose, sell or rent your personal information to a third party without notifying you and, where applicable, obtaining your consent.
4. What rights do you have as a user of the site?
These are your rights in the context of our collection and processing of your data:
– The right to be informed about how your data is collected and used;
– The right to access the data we hold about you;
– The right to request rectification of the data we hold about you;
– The right to request erasure of data we hold about you;
– The right to request that we stop sending marketing messages to you;
– The right to request that we send your personal data to you or to another controller;
– The right to lodge a complaint, with reference to the use of your data, to the competent bodies;
– The right to withdraw your consent.
The above rights are not absolute and there are exceptions to them, under well-defined conditions. For any questions, please contact us by sending an email.
5. Contact Information
Please direct your questions regarding the subject matter of data protection and any requests to exercise your legal rights to us at [Enquiries@og2.co.uk] We will investigate and attempt to resolve any request or complaint regarding the use or disclosure of your personal information. If you are not satisfied with our response, you may make a complaint to the National Data Protection Supervisory Authority. You can find more information about the process at [http://dataprotection.ro/?page=procedura_de_solutionare_a_plangerilor](http://dataprotection.ro/?page=procedura_de_solutionare_a_plangerilor).
