Personal Data Protection Policy for Business Contacts

Personal Data Protection Policy for Business Contacts

This document serves to inform you as a business contact of the Messer Romania Gaz SRL about the processing of your personal data.

Personal Data means any information that can be related to you as a natural person. This also includes information that can only be related to you indirectly, in particular by reference to an identifier such as a name, an identification Number, location data or an online identifier. A natural person is also considered to be identifiable if it can be identified on the basis of one or more factors specific to the physical, physiological, genetic, psychological, economic, and cultural or social identity of that natural person.

  1. Scope of Application; Responsible entity for your data

The Messer Romania Gaz SRL (herein after “Messer”) is responsible for the processing of your business contact information and contract-related data within the frame of the business relationship with your employer/ your company.

  1. Contact details of the controller and the data protection officer
    1. Contact details of the controller

Messer Romania Gaz SRL 24 Delea Veche Street

A Building, Floor 2, 3

RO-024102 Bucharest S2 Phone: +40 21 327 36 24

    1. Contact details of the data protection officer

The contact details of each data protection officer of Messer is:

24 Delea Veche Street A Building, Floor 2, 3

RO-024102 Bucharest S2 Phone: +40 21 327 36 24

E-Mail: 

  1. Which Data is Messer processing?

In the normal course of business relationship and the contractual business, Messer will process the following types of personal information:

  • Information for the customer data base- Customer Relationship Management (“CRM”), as name, business telephone number and business e-mail address;
  • Name and surname, business telephone number, business e-mail address, business postal address;
  • Further information on your position in your company and activities with respect to Messer;
  • Information needed for compliance and risk management, including quality assessments of the products and services of your employer / your company.
  • Information needed for pick up/delivery of goods, as name, serial and number of the identity card, car registration plate. This data is processed for the customer’s empowers too;
  • Security information of all persons entering Messer location including customers, customer’s empowers, etc.: video images, name, serial and number of the identity card, car registration plate.

This data is hereinafter referred to as “business contact data”.

  1. What does Messer do with the Data?

In the normal course of customer relationship and the contractual business, Messer will conduct the following processing activities (purpose):

  • Business contact data is processed in order to conclude, execute, fulfill and terminate agreements with other companies;
  • Business contact data is stored in Messer CRM system and processed to establish and maintain a business relationship with you and your company;

  • Business contact data and contract-related data may be processed for the purposes of internal reporting;
  • Business contact data and contract-related data is processed within the frame of supplier management;
  • Business contact data and contract-related data is processed for the purpose of compliance and risk management, including quality assessments of the products and services of your company.
  1. General Information
  1. Your rights

On request, you have the right to obtain information on your stored personal data. Additionally, you have the right to obtain the rectification of inaccurate personal data, the right to obtain a restriction of excessively processing of personal data as well as the right to obtain the erasure of unlawfully processed personal data or data which is stored too long (as far as there are no legal obligations to store the data). Furthermore, you have the right to receive your personal data, which you have provided to Messer. The data will be given to you (or a third party you name), in a structured, commonly used and machine-readable format (right to data portability).

We also refer to your right to object the data processing (right of objection) in the section below d).

In order to exercise your rights, you can write an e-mail to .

  1. General Information about the legal Basis of all listed Processes

The processing of your business contact data by Messer is based on Art. 6 para. 1 lit. (f) General Data Protection Regulation („GDPR”). According to Art. 6 para 1 lit. (f) GDPR the processing of personal data is lawful if the processing is necessary for the purpose of the legitimate interests pursued by Messer, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data. Messer’s legitimate interest consists in the use and maintenance of the contact details of contractual partners or potential future partners.

You can object to this data processing for marketing purposes at any time without giving any reason.

Furthermore, you can generally object to this data if there are reasons which exist in your particular situation and which speak against the data processing. In order to do so you can write an e-mail to the data protection officer.

  1. General Information about Messer Information Services as a recipient of Data

The IT-systems with which your data is processed are hosted exclusively by the companies within Messer Group. In this context, the companies within Messer do only carry out data processing activities on behalf and according to the instructions of Messer.

  1. Informații Generale privind perioada de stocare

Data of business contacts and contract-related data is generally only deleted if you object to the further processing.

All personal data of business contacts that was processed within the frame of the conclusion and the execution of an agreement is stored according to the applicable tax- and accounting law.

  1. Information according to Art. 13 para. 2 lit. e GDPR:

Providing your personal data as a business contact is not a statutory or contractual requirement or a strict requirement to enter into a contract / business relationship.

You are not obliged to provide your personal data. There are no consequences, if you fail to provide your personal data. However, using your personal data as the contact person of your company facilitates the business relationship between Messer and your company respectively your employer.

 

Personal Data Protection Policy for Business Contacts                                                                                                    18.06.2019