1. Home
  2. /
  3. GDPR Information

GDPR Information

Processing of personal data


  • Address: Bucharest, Sector 1, Dr. Iacob Felix Street, Nr. 55, Et. 4
  • Reg. Com. nr.: J40/7586/2014
  • WHICH: RO33317138
  • No. contact: 0731.005.336

 DPO – Mariana Nitulescu

  • Address: Bucharest, Sector 1, Dr. Iacob Felix Street, Nr. 55, Et. 4
  • No. contact: 0723.528.967
  • E-mail address:  dpo@telecredit.ro

In accordance with the General Regulation of the European Union on data protection (EU Regulation 2016/679, “GDPR” ) applicable from 25 May 2018,  TELECREDIT IFN SA , informs you: 

Through the OMNICREDIT online platform , Telecredit IFN SA processes the data of the following categories of natural and legal persons: clients / potential clients / former clients, beneficiaries / potential beneficiaries of the credit agreement, persons designated by the client in relation to TELECREDIT, customer debtors. Telecredit processes only the data necessary for the purposes of processing:

▪ name and surname, pseudonym, customer code, CNP or NIF, name of the authorized natural person and CIF;

▪ data on nationality, citizenship and residence (including tax);

▪ data related to the identity document / passport / civil status document / driving license;

▪address (domicile / residence / correspondence address); contact details (landline / mobile phone, fax, e-mail);

▪ sex, family situation, family members, mother’s name before marriage;

▪ data regarding the studies, professional situation, occupation, position, place of work, type of employment contract (determined / indefinite period), date of last employment, data regarding the seniority in work / seniority in profession;

▪ information about the realized incomes and their source, the housing situation and the properties (movable or real estate) owned;

▪ data on financial conduct / liquidity, data on monthly expenses, recurring expenses of a credit or other nature, repayment history of payment commitments assumed, possible disputes with third parties, insurance products owned or to be purchased and the coverages provided by them , expenses with taxes, the number of dependents;

▪ information on fraudulent / potentially fraudulent activity, consisting of data on charges and convictions related to crimes such as fraud, money laundering and terrorist financing;

▪ belonging to a group of clients, participation in other companies, as well as other data included in the contracts concluded with you or generated during the execution of the contract.

▪ banking data, including information about the financial banking products / services held, banking transactions;

▪ data on possible conflicts of interest;

▪ political exposure, if applicable, and the public office held;

▪ data on sanctions, if applicable;

▪ handwritten or electronic signature, as appropriate;

▪ any other personal data, which are brought to our attention in various contexts by customers or by any other person.

The personal data processed can be provided by Telecredit IFN SA:

▪ directly, by you or through a legal or conventional representative or another person acting on your behalf, by filling in the forms or documents provided in order to initiate the contractual relationship, updating data, purchasing products and services, disposal operations, formulating requests in connection with the contractual relationship, regardless of the communication channel used;

▪ by consulting, directly or through private database providers, data made available to the public by government bodies or public or regulatory institutions, such as: Trade Register (portal.onrc.ro), Ministry of Finance (mfinante.ro), the National Agency for Fiscal Administration (anaf.ro), the Ministry of Justice (portal.just.ro), the Electronic Archive of Real Movable Guarantees (aegrm.ro/romarhiva.ro), the National Bank of Romania (Credit Risk Center or Payment Incidents Center), Official Gazette, Romanian Government Portal (data.gov.ro);

▪ by consulting the information available in external public sources, such as the Internet and social networks or by consulting its own database;

▪by the contractual partners of the data subject (for example, partners who make payments of salaries or other income to the data subject or request payments from the data subject’s accounts).

Purposes of processing : The OMNICREDIT online platform processes the personal data declared in order to provide credit and factoring / discounting services for the following purposes, to take steps to carry out the stages related to the credit agreement: customer knowledge, customer credit analysis, risk assessment , bidding, signing the credit / factoring / discounting contract, drawing credit, credit administration, factoring / discounting service, receipts associated with credit agreements, collection / assignment / execution activity, creating the user account, marketing activities, as well as and in order to fulfill legal obligations regarding the audit, knowing the clientele, the purpose of preventing and identifying potential frauds.

Special data We process special
data on your health only for the purpose of identifying credit payment alternatives.

When applying a claim for assignment through the Omnicredit platform, data is collected from publicly available sources such as RECOM, AEGRM, the Ministry of Public Finance, ANAF, the Court Portal, Linkedin, the website of the organization you belong to.

Legal basis for processing : The basis for processing consists of:

– consent regarding the data necessary for the marketing activity, the identification of credit payment alternatives and for the creation of the user account,

– realization of the crediting / factoring / discounting contract, knowing the client, analyzing the client’s creditworthiness, risk assessment, bidding, signing the crediting contract, drawing the credit, managing the credit, receipts associated to the credit agreements, collection / assignment / execution activity,

– as well as the fulfillment of the applicable legal provisions (specific legislation in the field of lending / factoring / discounting, legislation on money laundering and combating acts of terrorism, sectoral legislation)

– The legitimate interest in order to exercise the actions in order to prevent the frauds that may occur in the crediting / factoring / discounting activity, the representation in court for the defense of one’s own rights.

Your personal data are processed by Telecredit IFN SA based on the following legal grounds:

     a. In order to conclude and carry out the contractual relationship according to art.6 paragraph 1 letter b) of the General Regulation on data protection.

In consideration of this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ analyzing requests for services and products and evaluating eligibility;

▪ providing information regarding the requested products and services / from which you benefit, monitoring the fulfillment of contractual obligations, your notification regarding the concluded contracts (eg modification / completion of features / costs / functionalities / benefits products / services, information about due / overdue rates, taking the measures that are required as a result of non-compliance with the respective contractual obligations (eg debt collection / debt collection / declaration of early maturity);

▪ modification of concluded contracts (eg restructuring, refinancing, extension of credit duration, deferral of payment, commitments / payment agreements concluded in the amicable / legal recovery procedure, etc.);

▪ reporting and transmitting the necessary information / documents to the guarantee funds (eg FNGCIMM, FGDB);

     b. In order to fulfill the legal obligations according to art. 6 paragraph 1 letter. c) of the General Regulation on data protection.

In consideration of this legal basis, your personal data are processed by Institutia Telecredit IFN SA for the following purposes:

▪ identifying and knowing the clientele, performing risk analyzes, reporting suspicious transactions, preventing fraud, respectively in order to prevent money laundering and terrorist financing, including by collecting in the computer system the evidence contained in the client’s identity documents;

▪ managing controls and investigations, respectively reporting to authorized authorities / institutions, such as ANAF, ANPC, BNR, CRC, ANSPDCP, ASF / BVB, the National Office for Preventing and Combating Money Laundering, the Deposit Guarantee Fund in the Banking System, according to their competencies;

▪ the realization by way of the forced execution of the amounts due as well as the administration of seizures and seizures, according to the provisions of the Codes of Civil and Criminal Procedure, of the Fiscal Code and of the Fiscal Procedure, including the provisions of the special laws in the matter;

▪ enforcement of court decisions;

▪ performing mandatory audit missions;

▪ revaluation of guarantees, calculation of provisions;

▪ auditing financial statements;

▪ conflict of interest management;

▪ evidence and management of triscis specific to the activity carried out, in accordance with European and international regulations, regarding the minimum capital requirements, supervision of capital adequacy and market discipline of banking institutions;

▪ fulfillment of obligations in fiscal matters, including with respect to taxes and withholding taxes;

▪ granting certain benefits / facilities provided by law.

▪ ensuring physical security through video monitoring, according to the legal provisions regarding the protection of objectives, goods, values ​​and protection of persons;

▪ storage and archiving of information.

     c. In order to fulfill the legitimate interests of the institution according to art.6 paragraph 1 letter f) of the General Regulation on data protection.

In consideration of this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ performing internal analyzes (including statistical analyzes) / market studies, both on products / services and on the customer portfolio, to monitor customer satisfaction and the quality of services and products purchased, to continuously improve and develop products / services / internal processes;

▪ creating profiles, segments, typologies in order to present / supply the most suitable products / services;

▪ design, development, testing and use of existing or new information systems and IT services, storage of databases;

▪ direct marketing, as appropriate;

▪ planning a strategic development, making forecasts on portfolio dynamics, making business forecasts on performance indicators, establishing budgets, establishing cost elements for the institution’s products / services;

▪ monitoring transactions to prevent and investigate fraud;

▪ making internal reports to management bodies, including in order to ensure prudential measures, prevention of operational risk, including fraud, management of refusals to pay;

▪ ensuring a high level of security both at the level of information systems and within the physical locations (eg: territorial units, regional / business centers, headquarters);

▪ concluding and managing financing contracts or assignments of receivables;

▪ debt collection / debt collection;

▪ conflict of interest management;

▪ ascertaining, exercising or defending in court some rights of the institution, recovering damages, as well as setting up evidence and carrying out monitoring in this regard;

▪ registration of interactions through official communication channels, in order to provide proof of the request / agreement / option regarding certain financial-banking services, as the case may be;

▪ video monitoring for the security of spaces and assets in order to prevent circumstances likely to adversely affect the credit institution or the data subject (other situations than those covered by legal obligations);

▪ storage and archiving of information.

     d. Based on your consent according to art.6 paragraph 1 letter a) of the General Regulation on data protection.

In consideration of this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ for the verifications / queries that are the basis of the credit risk analysis within the databases represented by the Credit Risk Center and ANAF, in case you request a credit product;

▪ for profiling for marketing purposes and for direct marketing;

▪ in order to make the audio recording of telephone conversations, in order to improve the quality of services;

▪ granting certain benefits / facilities provided by law, based on your request which will represent the implicit consent;

▪ analysis of the behavior on the occasion of accessing the OMNICREDIT website, by using cookies, both of the credit institution and of the third parties.

If you have not agreed to perform these operations, they will not be performed.

Categories of recipients : Thus, in order to facilitate the development of activities related to the credit agreement and in order to fulfill legal obligations, Telecredit IFN SA communicates these data to public authorities and bodies, operators, third parties or its proxies or other categories of recipients such as:

  • In order to fulfill some legal requirements or at their request, to: the National Bank of Romania, the National Office for Prevention and Combating Money Laundering, statutory auditors, other state authorities.
  • Service providers (including consultants, experts, notaries, law firms, collection companies, executors, IT & C service providers, marketing and courier service providers, archiving companies, banking institutions)
  • At the express request: ANPC, judicial authority, central and local public authorities, police, market research organizations.

The categories of proxies

The data transmission is made according to concrete situations, limited to the processing objective and ensuring us through the concluded contract regarding the observance of the requirements of the Regulation. In addition, the proxies are subject to the provisions of the Regulation similar to the operators (including regarding the requirement to delete or return data).

Remember : The use of the proxies is justified by business reasons, most of the time we are talking about specialized, professional services that can manage the necessary volumes and ensure the technology through which the Operator can fulfill his duties.

The data are not transmitted simultaneously to all proxies.

Categories of proxies:

  • Accounting firm (Bucharest)
  • Server hosting company (Bucharest)
  • Accounting software company (Cluj)
  • Debt collection company (Bucharest)
  • Bailiffs’ Offices (Romania)
  • Fiscal authorities
  • Payment Processors (Bucharest)
  • Banking institutions (Bucharest)
  • Communication service providers (Bucharest)

This type of communication is occasional or permanent, depending on the situation.

Processing duration : In order to determine the period for which the data will be processed, we take into account the contractual duration until the expiration of the contractual obligations, the NBR regulations and the archiving deadlines by the archiving law, the order of the Minister of Finance. In addition for guarantees by consent, the duration is as long as it is in force.

If you do not agree to the processing of data as indicated above, we will be unable to offer you our services, we will not be able to conclude the credit agreements you request from us or we will not be able to execute the credit agreement in which you are / you will be a part. During the collection of personal data, the required fields will be marked separately with *.

The processing (including storage) of personal data is carried out during the validity of the contracts and in accordance with the legal provisions in force, from the end of the financial year during which the documents underlying the accounting records were prepared, according to the applicable legislation. in the field of accounting and legal norms regarding the archiving of documents, respectively during the existence of another justifying legal basis, if applicable.

Personal data will be processed in order to know the clientele and to prevent money laundering and terrorist financing for at least 5 years from the date of termination of the business relationship.

The personal data transmitted to the Credit Risk Center are stored by it for 7 years from the date of registration.

In the event that you have previously expressed your consent for the processing of your personal data for direct marketing purposes, your data will be processed for this purpose during the contractual relationship, as well as for a period of 5 years from its termination. If you withdraw your consent, your data will no longer be processed for this purpose, without the withdrawal of consent affecting the legality of previous processing operations.

It is possible that, following the fulfillment of the legal archiving deadlines, the credit institution may order the anonymization of the data, thus depriving them of personal character and to continue the processing of the anonymous data for statistical purposes.

Processing of personal data for direct marketing purposes 

To the extent that you have agreed, Telecredit IFN SA and / or its partners process for direct marketing purposes (1), for the creation of profiles (2), personal data such as: name, date of birth, address, address e -mail, phone number.
In order to fulfill the direct marketing purpose, Telecredit IFN SA, through the specialized departments, selects and analyzes (3) one or more of the personal data mentioned above. In addition, they can be used: sex, marital status, occupation, field of occupation, income, employer, socio-demographic data, IP address, data on online behavior (web pages visited), data on the device used, with the mention that the entire data set is not used at the same time.

(1) Direct marketing involves the transmission of commercial offers, newsletters, campaign invitations, personalization of offers, administration of any consumer loyalty or reward programs associated with the Client’s account, personalization of communication with its clients using personal data related to customer history, previous options or product or service preferences and the like. We say to the extent that you have agreed, because if you have expressed your disagreement, your data will not be processed for direct marketing purposes.
(2) “profiling” means any form of processing of personal data which consists in using personal data to assess certain personal aspects relating to a natural person, in particular to analyze or provide for aspects of the economic situation, behavior, the place where the individual is.
(3) Selection and analysis are not purposes different from the initial purpose, nor stand-alone processing operations, but ways in which the direct marketing goal is achieved.

Recipients of personal data

Depending on the relations you have with our institution, as the case may be, your personal data may be transmitted to:

▪ the data subject or the legal or conventional representatives of the data subject;

▪ contractual partners of the institution (such as debt collection / debt collection agencies and field agents, couriers, notaries, lawyers, consultants, accountants, certified appraisers, auditors and auditors, IT service providers, archiving services in physical and / or electronic format or other service providers, bound by the obligation of confidentiality regarding the transmitted data);

▪ market research services, transmission of marketing communications;

▪ entities with which the credit institution has concluded financing contracts or assignments of receivables;

▪ associated operators, such as: FNGCIMM, the Rural Credit Guarantee Fund, the Credit Risk Center (established within the NBR), the Payment Incidents Center (established within the NBR), the Central Depository, respectively to other associated operators as they are regulated according to the legal provisions in force;

▪ state authorities, according to their competencies and applicable legislation, such as: National Bank of Romania, ANAF, National Office for Prevention and Combating Money Laundering, Competition Council, Financial Supervisory Authority, Bank Deposit Guarantee Fund;

▪ judicial / investigative authorities, judicial authorities, central public authorities, local public authorities, bailiffs’ offices.

The data transmitted to third parties will be adequate, relevant and not excessive in relation to the purpose for which they were collected and which allows the transmission to a certain third party.

The need to process personal data

Your personal data is necessary in order to fulfill the purposes mentioned above. Failure to provide the necessary personal data may cause delays in the availability of certain products and services or may make it impossible for us to provide the services and / or the requested product.

If you object to the processing of data for purposes based on legitimate interest, we inform you that this option will be analyzed and, depending on the particular situation of the data subject, you will receive a response according to the General Data Protection Regulation.

In the case of data processing operations based on your consent, we mention that the lack of consent will lead to the non-performance of the respective operation.

The rights of individuals in connection with the processing of personal data

According to the General Regulation on data protection 679/2016, individuals benefit from the right of access, information, rectification, deletion or forgetfulness, data portability, restriction of processing and opposition.

Right to information 
Individuals have the right to be informed about the collection and use of their personal data.

Right of access
Individuals have the right to access personal data and additional information. The right of access allows people to know and verify the legality of processing.

Right of rectification The
right of individuals to rectify inaccurate personal data or to complete them if they are incomplete.

The right to delete data (“the right to be forgotten”) The
right of individuals to have their personal data deleted. The right to be erased is also known as the “right to be forgotten.”

The right to portability The
right to data portability allows people to obtain, reuse and transmit their personal data to another operator, for their own purposes within the various services. If this is technically possible, we will transfer your personal data.

Right to object
Individuals have the right to object to: processing based on legitimate interest or fulfilling a task of public interest / exercising public authority (including profiling), direct marketing (including profiling) and processing for scientific / historical research and statistics .

The right to restrict the processing of
natural persons have the right to obtain the restriction of the processing of their personal data.

Rights related to the automated decision-making process, including profiling 
The data subject has the right not to be subject to a decision based exclusively on automatic processing, including profiling, which produces legal effects concerning the data subject or similarly affects him to a large extent. significant.
If you have given us your consent for the processing of personal data, you have the right to withdraw this consent at any time.

Individuals have the right to submit, directly or through a proxy, a complaint to a supervisory authority.
If some of your data is incorrect or out of date, please inform us as soon as possible.

For any requests you may have regarding the exercise of the rights mentioned above or the withdrawal of consent, as well as to ask us any other questions regarding those communicated herein, you can contact Telecredit IFN SA by e-mail:  dpo@telecredit.ro  to the attention of the Data Protection Officer and / or to the postal address Str. Dr. Iacob Felix, no. 55, sector 1, Bucharest.

If you submit a request regarding the exercise of your rights regarding the processing of personal data, our institution will respond to this request, without delay, within a maximum of one month, under the conditions provided by the General Regulation on data protection.

The measures implemented by Telecredit IFN SA in order to ensure the protection of personal data

Telecredit IFN attaches great importance to your personal data and understands to comply with the legal requirements regarding the protection of personal data. In this regard, the institution appointed a data protection officer, adopted an internal regulatory framework on personal data protection, including the management of security incidents, resolving data subject requests, data protection impact assessment, training and periodic testing of employees. in order to deepen and raise awareness of the data protection activity, it has implemented technical and organizational measures to ensure the confidentiality, integrity and availability of personal data. The credit institution has also taken data protection measures.