Information referring to art. 13 of the European Regulation n. 679 of 27 April 2016

Omnia Medica s.r.l. wishes to inform you that the European Regulation n. 679 of 27 April 2016 on the processing of personal data ("GDPR") provides the protection of individuals and to the processing of their personal data.

Under Article 13 of the GDPR, we provide, therefore, the following information:

1. Identification details of the Data Controller

The Data Controller is Omnia Medica s.r.l., f.c. and VAT RO 30638478, with registered office in Str. Paris n. 8, c.a.p. 300592, Timisoara, Romania, e-mail address: info@omniamedica.ro

2. Purpose of the data processing

The processing of personal data, including particular ones, is aimed at allowing:

• • the fulfillment of the obligations arising from office (for example, calculation and payment of the consideration; application of tax legislation);
• • the management of the assignment (for example, monitoring of activities);
• • the management of any litigation (for example, breach of contract, warnings, transactions, arbitrations, legal disputes);
• • the fulfillment of legal obligations related to the assignment.

3. Legal basis of the processing

The legal basis that justifies the processing of personal data is represented by the contract of appointment, by the fulfillment of legal obligations, as well as by your explicit consent.

4. Processing methods

The processing of personal data for the purposes set out in the previous paragraph takes place using both automated methods, on electronic or magnetic support, and non-automated methods, on paper. The processing of personal data will take place in compliance with the rules of confidentiality and security provided for by the law, by the consequent regulations and by internal provisions.

5. Place of processing

Personal data are currently processed and stored in paper form at the registered office of the Data Controller, located in Str. Paris n. 8, c.a.p. 300592, Timisoara, Romania. They are also processed, on behalf of the Data Controller, by professionals and/or companies appointed to carry out technical, development, management and administrative - accounting activities. The digital archiving of documents is carried out by the Server Plan company.

6. Data retention period

Personal data will be processed for the entire duration of the assignment and also subsequently for the fulfillment of all legal obligations. In particular, the personal data collected for administrative and accounting management purposes are kept for 10 years, as per the terms of the law for the conservation of administrative, accounting and financial documentation.

7. Compulsory or optional nature of providing data and consequences of any refusal to provide it

The provision of personal data is mandatory for everything required by legal and contractual obligations. Any refusal to provide them, in whole or in part, may make it impossible for the Data Controller to execute the contract or to properly carry out all the obligations connected to it, such as those of a salary, tax, etc.

8. Data communication and dissemination purpose

In the management of personal data, the following categories of subjects may become aware of the same:

• • our collaborators or employees, in charge of processing the data as part of their duties;
• • natural and/or legal persons, public and/or private, when the communication is necessary or functional to the establishment and management of the assignment;
• • professionals or service companies for business administration and management who operate on behalf of our company;
• • all subjects whose right of access to personal data is recognized by virtue of legislative provisions.

9. Rights referred to in Chapter III of the GDPR

We inform you that, by submitting a specific request to the Data Controller, through the e-mail address: info@omniamedica.ro, you have the right:

• • to withdraw consent at any time (Article 7 of the GDPR);
• • to request access to data (Article 15 of the GDPR), to obtain information on the data processed, on certain aspects of the processing and to receive a copy of the data processed (Article 13 of the GDPR);
• • to request the rectification or updating of data (Article 16 of the GDPR);
• • to request the cancellation or removal of data (Article 17 of the GDPR);
• • to request the limitation of data processing. In this case, the Data Controller will not process the data for any other purpose other than their conservation (Article 18 of the GDPR);
• • to oppose the processing of personal data (Article 21 of the GDPR);
• • to data portability. You have the right to receive your data or have it transferred to another owner; you have the right to receive your data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its unhindered transfer to another owner (Article 20 of the GDPR); to lodge a complaint with the Guarantor (art . 77 of the GDPR) or to take the appropriate judicial offices (Article 79 of the GDPR).