Data Privacy Policy

 Flashnet takes your privacy extremely serious and respects your rights to personal data protection and privacy. Our Privacy Policy concerns the personal data we collect through our website or other electronic environments (social media, email) as well as those we collect in live interactions (meetings, trade fairs, telephone, interviews or other interactions), also including personal data we might receive through our contractual partners (ex. recruitment agencies).

Please read this Privacy Notice carefully to understand how we handle your personal information. If you don’t agree with our privacy policy, please don’t use our website or don’t send us any of your personal data.

For any questions, requests or suggestions concerning your personal data, the way it is processed or the purpose of processing, please contact us at  dataprotection@flashnet.ro

1. Who we are

Flashnet is a Romanian based company, with its headquarters in Brasov.

The fact that we process your personal data collected through our website https://www.flashnet.ro/ (hereinafter “website”, “our website” or similar), as well as through other electronic means of communication (social media, email etc.) or outside the electronic environment, makes us a data controller, in accordance with the terms and definitions set by the (EU) Regulation no. 679/2016 (also known as the “GDPR”), approved by the European Parliament on the 27th of April 2016.

2. Definitions

According to GDPR, the below terms and definitions have the following meaning:

  1. Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular or by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  2. Data subject: a natural person whose personal data are processed;
  3. Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  4. Controller: any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
  5. Processor: any natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  6. Consent: means any freely given, specific unambiguous statement or clear affirmative action of the data subject’s intent, by which he or she, signifies its agreement to processing of their personal data.

3. Personal data collected, ways of processing, legal ground and retention period – brief description

Ways in which we collect personal data:

  • Provided by you – we collect personal data that you provide to us by completing contact forms on our social media pages and on our website, by sending them in e-mail to our corporate e-mail addresses, by discussing with us by phone or by filling any other physical (paper based) forms, papers containing your name, e-mail address, phone number, physical address or any other personal data that you choose to share with us;
  • Observed by us – we collect personal data directly via our web presence using cookies, regarding your IP (Internet Protocol) address, geographic location, and all other personal data you chose to make publicly available via your social media profile you are using in order to establish contact with us;

Google reCAPTCHA

Functional, Marketing

Usage

We use Google reCAPTCHA for spam prevention. Read more

Sharing data

For more information, please read the Google reCAPTCHA Privacy Statement.

Functional

Name
Expiration
6 months
Function
Provide spam protection

Marketing

Name
Expiration
session
Function
Read and filter requests from bots
Name
Expiration
session
Function
Read and filter requests from bots
Name
Expiration
persistent
Function
Read and filter requests from bots

WordPress

Functional

Usage

We use WordPress for website development. Read more

Sharing data

This data is not shared with third parties.

Functional

Name
Expiration
session
Function
Store browser details
Name
Expiration
session
Function
Read if cookies can be placed
Name
Expiration
persistent
Function
Store user preferences
Name
Expiration
1 year
Function
Store user preferences
Name
Expiration
persistent
Function
Store logged in users

Complianz

Functional

Usage

We use Complianz for cookie consent management. Read more

Sharing data

This data is not shared with third parties. For more information, please read the Complianz Privacy Statement.

Functional

Name
Expiration
365 days
Function
Store information about cookies that have been detected on the site
Name
Expiration
365 days
Function
Store accepted cookie policy ID
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store if the cookie banner has been dismissed
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Store cookie consent preferences
Name
Expiration
365 days
Function
Read to determine which cookie banner to show

Google Analytics

Statistics

Usage

We use Google Analytics for website statistics. Read more

Sharing data

For more information, please read the Google Analytics Privacy Statement.

Statistics

Name
Expiration
2 years
Function
Store and count pageviews
Name
Expiration
1 year
Function
Store and count pageviews

Google Adsense

Marketing

Usage

We use Google Adsense for showing advertisements. Read more

Sharing data

For more information, please read the Google Adsense Privacy Statement.

Marketing

Name
Expiration
persistent
Function
Store and track conversions
Name
Expiration
persistent
Function
Provide ad delivery or retargeting

WPML

Functional

Usage

We use WPML for locale management. Read more

Sharing data

This data is not shared with third parties.

Functional

Name
Expiration
1 day
Function
Store language settings

Google Fonts

Marketing

Usage

We use Google Fonts for display of webfonts. Read more

Sharing data

For more information, please read the Google Fonts Privacy Statement.

Marketing

Name
Expiration
expires immediately
Function
Read user IP address

YouTube

Marketing

Usage

We use YouTube for video display. Read more

Sharing data

For more information, please read the YouTube Privacy Statement.

Marketing

Name
Expiration
session
Function
Store location data
Name
Expiration
6 months
Function
Provide ad delivery or retargeting
Name
Expiration
session
Function
Store and track interaction
Name
Expiration
8 months
Function
Store user preferences

Burst Statistics

Statistics (anonymous)

Usage

We use Burst Statistics for website statistics. Read more

Sharing data

This data is not shared with third parties.

Statistics (anonymous)

Name
Expiration
1 month
Function
Store and track interaction

Google Ads

Marketing

Usage

We use Google Ads for advertising. Read more

Sharing data

For more information, please read the Google Ads Privacy Statement.

Marketing

Name
Expiration
90 days
Function
Provide ad delivery or retargeting
Name
Expiration
expires immediately
Function
Store information for remarketing purposes

Miscellaneous

Purpose pending investigation

Usage

Sharing data

Sharing of data is pending investigation

Purpose pending investigation

Name
WP_DATA_USER_99
Expiration
Function
Name
wpml-job-list-collapsed
Expiration
Function
Name
continueReview
Expiration
Function
Name
long_tasks_event_log
Expiration
Function
Name
ate_widget_fetch_time
Expiration
Function
Name
apolloLastRefreshInt
Expiration
Function
Name
wpfdCategoriesState
Expiration
Function
Name
events_data
Expiration
Function
Name
wz_userId
Expiration
Function
Name
wpfdSelectedCatId
Expiration
Function
Name
ate_widget_url
Expiration
Function
Name
long_tasks_span_log
Expiration
Function
Name
gtm_session_threshold
Expiration
Function
Name
gtm_session_start
Expiration
Function
Name
gtm_page_view
Expiration
Function
Name
cmplz_task_filter
Expiration
365 days
Function
Name
Expiration
Function
Name
_wpfd_current_category_param
Expiration
Function
Name
_gcl_gs
Expiration
Function
Name
lfuuid
Expiration
Function
Name
_wpfd_current_file_param
Expiration
Function
Name
_wpfd_categories_col_width
Expiration
Function
Name
itsec-hb-login-9cea867ad8a21a87b857d1813a69f132
Expiration
Function
Name
qm-container-height
Expiration
Function
Name
injectionTimeStart
Expiration
Function
Name
currentTabId
Expiration
Function

What categories of personal data we are processing and for what purposes?

  • Data obtained from your interaction with our website`s technologies (ex. cookies): IP (Internet Protocol) address, functional cookies, tracking cookies for Google and Facebook, data regarding the device you use to access our website. We process this information to assure the functionality of our website and determine the level of its efficiency, to analyze web traffic and to promote our services in the online environment.
  • Contact information: name, email address and phone number provided are processed by us in order to establish communication and commercial relation with you based on your intent.
  • Data obtained from the content of the messages you send us: we process these data in order to be able to answer to your enquiries and also be able to provide you with accurate information.
  • Data included in your CV (curriculum vitae, resume): name, e-mail address, phone number and other contact information, marital status, age, gender, professional performance and educational path followed are processed by us for the purpose of evaluating your fitness within our job requirements and for having the possibility of getting in contact with you.

What are the legal grounds of our personal data processing?

All personal data processing activities carried out by Flashnet described in this privacy policy have legal grounds in the EU Regulation no. 679/2016 (GDPR).

Data processed based on your consent: we process certain personal data such as profiling data and cookies for online advertising and email addresses for direct marketing purposes;

Data processed based on our legitimate interests: we process certain personal data such as (functional cookies, contact information you provide to us, the content of the messages you send us, data from CV’s we receive) based on our legitimate interests to continuously develop the quality of the services we provide, respond to inquiries we receive and communicate with people interested in our services, sell our products/services and recruit new employees.

What is the retention period of collected personal data?

In order to respect the principle of “storage limitation” set by GDPR, we only store personal data for the periods of time necessary for us to fulfill the purposes for which we collected and processed the personal data and also to respect all the legal obligations we have in this respect.

Do we transfer personal data to 3rd parties?

We may transfer certain personal data to third parties having contractual relation with us, based on that contractual relation and only for the purpose of fulfilling that contractual relation.

We can send personal data to certain categories of third parties in the European Economic Area we have contractual relations with in order to pursue our legitimate interests described in this privacy policy.

We take the necessary steps to verify that our partners handle personal data according to GDPR requirements and implement the necessary technical and organisational measures to protect your personal data.

Third parties we may send personal data to:

  • Web hosting provider
  • Marketing services provider
  • HR services provider

4. Detailed description of the scenarios of our personal data collection:

How we can enter in possession of your personal data?

By opting to send us a CV/resume in order to show your interest in working with us, you provide us some of your personal data together with your personal skills and your educational and professional background.

The personal data we collect from you is the ones that are provided to us by you in the following ways:

Resume provided through our website, recruitment platforms, direct email to one of our registered e-mail addresses or brought directly to our headquarters;

Data you provide during the interviews or tests held during the recruitment process;

What type of personal data we are processing and in what purpose?

Contact information: such as family name, first name, e-mail address, phone number, address;

History of studies and work experience;

Personal skills and qualifications;

Other personal information: such as age, date of birth, marital and family status, date and place of birth, or any other information you consider relevant for the application and that you decide to share with us;

We process your personal data in our legitimate interest in the process of recruiting new employees and we are keeping them after the recruiting process ended only if we have your consent of doing so. Your personal data processing is limited to the process on recruiting new employees.

Why we need your personal data to be disclosed and what happens if you refuse to do so?

Your personal data is requested in order to be able to evaluate your professional fitness to the vacant positions in our company and to the company culture as well as to establish a professional communication with you on the grounds of your application. Not providing the minimum and essential information requested makes the process impossible to be completed and your application will be disregarded.

What is the retention period of collected personal data?

In the case of accepted candidates: data will be kept for the entire duration of the employment contract and even afterwards if legally required, for the period set for in the relevant legislation.

In the case of unfitted candidates: data will be kept until the recruitment period ends. If considered, based on the consent of the candidate, provided information can be kept for another year for eventual future opportunities.

 Do we transfer personal data to 3rd parties?

We reserve the right to share information with our HR consultants or HR outsourcing companies. Also, the online platforms we use in the recruitment and communication process might have access to the data you provide (social media networks through which you contact us, Google, Bestjobs, Ejobs, etc.). We do not transmit this data to other third parties or other countries without your consent.

What are the security measures we implemented for avoiding security incidents?

To reduce the risk of security incidents regarding collected personal data, a series of security measures have been implemented:

Limiting access of unauthorized persons to our premises by implementing an access control system;

Complying with all the physical security requirements set by the legislation;

Securing electronic access through: secure servers, password policies, IT security softwares, firewall;

Continuous training of our employees regarding data protection and data privacy obligations and limiting their access to personal data with relevance of their job requirement compliance;

Security measures implemented by third parties are assured by contractual obligations;

Are your personal data used in automatic profiling process?

Your personal data provided for HR and recruiting purpose are not used to make decisions following an automatic profiling process.

How we can enter in possession of your personal data?

By accessing our website you allow the technologies which contribute to the normal functioning of our website to collect certain personal data of yours; These information make part of the category of data directly observed by us.

What type of personal data we are processing and in what purpose?

Data from your interaction with the website (IP, geographic location data, cookies, data about the type of device used to access the website).

We process these data on the grounds of our legitimate interest in analyzing the audience and improving our website’s structure and content, to improve the relevance of the information we provide and to protect ourselves from cyber attacks and fraud.

We also process analytics and advertising cookies based on consent.

The summary of all types of data processing is:

  • continuous improvement of our services,
  • ensuring the website’s functionality and optimization
  • investigation and resolution of potential fraud or security incidents
  • market analysis and promoting our services online

Why we need your personal data to be disclosed and what happens if you refuse to do so?

  • Data which enables the proper functioning of our website:

Providing these data is mandatory because it allows access to and use of our website. If you did not provide this data, you could not properly access or use the website.

  • Data for website optimization, analytics and advertising:

Providing these data is not mandatory, you can decide whether you want to give your consent in order to process them. In the case you choose not to give us your consent, you will not be able to receive advertising messages from us and we will not be able to analyze the way in which you interact with our website.

To give or retract consent please use the “cookie settings" button on the bottom-right.

What is the retention period of collected personal data?

We do not store cookies. Cookies are stored on your own browser and you can delete them at any time.

The only data we have access for a longer period of time (38 months) is the data Google Analytics provides us about how the visitors which have given consent for analytics cookies have interacted with our website.

Do we transfer personal data to 3rd parties?

The following third parties will be able to access these data: our web hosting provider, Google, Facebook.

The servers on which this data is stored are located within the European Union or are part of Privacy Shield, guaranteeing the handling of personal data according to GDPR standards.

What are the security measures we implemented for avoiding security incidents?

To reduce the risk of security incidents regarding collected personal data, a series of security measures have been implemented:

Limiting access of unauthorized persons to our premises by implementing an access control system;

Complying with all the physical security requirements set by the legislation;

Securing electronic access through: secure servers, password policies, IT security softwares, firewall;

Continuous training of our employees regarding data protection and data privacy obligations and limiting their access to personal data with relevance of their job requirement compliance;

Security measures implemented by third parties are assured by contractual obligations;

Are your personal data used in automatic profiling process?

We do not conduct any automatic profiling and we do not make decisions as a result of the automatic profiling of the processed data. However, external analysis and reporting services (Google Analytics) can use your data for complex profiling processes. To avoid this, we recommend one of the options below:

Cancel the acceptance for analysis and marketing cookies from our cookie management application

Unsubscribe from cookies directly from your browser or navigate the Internet in ‘incognito’ mode provided by your browser

How we can enter in possession of your personal data?

When you choose to write us a message through the contact form on our website or interact with us on a social media platform, you offer us personal data about yourself. We are collecting and using this information in order to be able to get in contact with you and to provide you an adequate and comprehensive response.

Personal data may be disclosed to us directly from you or we may observe/complete them from sources which are publicly available (social media platforms on which you contact us on).

Contact data (name, surname, email address, phone number): We process these data on the basis of our legitimate interest in selling our services and answering your queries.
The purpose of processing these data is public communication, answering to your requests in the most effective way and developing new business relationships.

Additional data (company, the content of your messages): These data can be processed if you show an interest in working with us.
We process these data based on our legitimate interest in selling our services and products and answering your queries. The purpose of their processing is to respond as efficiently as possible to your requests and to prepare for the commencement of business relationships.

Why we need your personal data to be disclosed and what happens if you refuse to do so?

We need this data to answer your questions or requests.

In the event that you refuse to provide us with this data, we will not be able to contact you, respond to your questions or requests or develop new business relationships with you.

What is the retention period of collected personal data?

We will keep your personal information for as long as needed to be able to answer your questions and interact with you. If you are a customer or potential customer, we will process and keep your business information in our CRM/database, in order to develop and maintain a business relationship.

Do we transfer personal data to 3rd parties?

We do not transmit this data to third parties or other countries without your consent.

What are the security measures we implemented for avoiding security incidents?

To reduce the risk of security incidents regarding collected personal data, a series of security measures have been implemented:

Limiting access of unauthorized persons to our premises by implementing an access control system;

Complying with all the physical security requirements set by the legislation;

Securing electronic access through: secure servers, password policies, IT security softwares, firewall;

Continuous training of our employees regarding data protection and data privacy obligations and limiting their access to personal data with relevance of their job requirement compliance;

Security measures implemented by third parties are assured by contractual obligations;

Are your personal data used in automatic profiling process?

These data are not used to make decisions following an automatic profiling process.

5. Your rights in relation your personal data

According to the GDPR, all data subjects have the following right regarding their personal data:

  1. Right of access to data: You have the right to access your personal data in order to check the lawfulness of its processing or to find out what personal data related to you we are processing and for what purpose. You also have the right to request the list of personal data processed by us.
  2. Right to rectification: if you consider that the personal data we collected and are processing about you is incomplete or inaccurate, you have the right to request their rectification.
  3. Right to erasure or “the right to be forgotten”: You may request the deletion of your personal data and we have the legal obligation to comply with your request in cases when this data is no longer necessary for the purposes for which we were processing it, or when your personal data was processed based on your consent and in the situation when personal data is processed based on a legitimate interest and there is no overriding legitimate interest to continue processing of if the processing is unlawful or without any legal basis for their processing;
  4. Right to restrict processing: You may request the restriction of the processing of your personal data. In this case, we will not delete your personal data, but we will stop processing it.
  5. Right to data portability: You have the possibility to transfer your personal data from one operator to another or to ask us to transfer your personal data to you to use for your own purposes;
  6. Right to object: You may oppose to the processing of your personal data for purposes such as direct marketing or other purposes based on our legitimate interests, such as profiling.
  7. Right of not being subject to automated decision making and profiling which can cause harm: You have the right not to be the subject of a decision based solely on automatic processing that could have significant legal effects or which could affect you in a meaningful way;

In addition to these rights, you have the right to withdraw your consent at any time where it is applicable.

If you wish to exercise any of the rights in the list above, please contact us at:

You also have the right to file a complaint with the supervisory authority (ANSPDCP – http://www.dataprotection.ro/) about how your personal data is processed by Flashnet

6. Contact

For any questions or requests relating to your personal data processed by Flashnet please contact us at: