GDPR information

Personal data processing

Society – TELECREDIT IFN SA

  • Adress: 55 Dr.Iacob Felix St. 4th floor, 2nd District, Bucharest
  • Trade Registry no.: J40/7586/2014
  • CUI (unique registration code): RO33317138
  • Contact no.: 021.9933

 DPO – Liana Serb

  • Adress: 55 Dr.Iacob Felix St. 4th floor, 2nd District, Bucharest
  • Nr. contact: 0723529502
  • Email: dpo@telecredit.ro

According to the General Regulation of the European Union on Data Protection (EU Regulation 2016/679, “GDPR”) applicable since 25th of May 2018, TELECREDIT IFN SA informs you:“GDPR”) aplicabil din data de 25 mai 2018, TELECREDIT IFN SA, vă informeaza: 

Through the OMNICREDIT online platform OMNICREDIT Telecredit IFN SA processes the data of the following categories of natural and legal persons: clients / potential clients / former clients, beneficiaries / potential beneficiaries of the credit agreement, persons designated by the client in relation to TELECREDIT, customer debtors. Telecredit processes only the data necessary for the purposes of processing:

 

▪ name and surname, alias, client code, CNP (Numerical Personal Code) or NIF (Fiscal Identification Number), name of authorized natural person and CIF (Fiscal Identification Code);

▪ data on nationality, citizenship and residence (including tax);

▪ data concerning the identity document/passport/civil status document/driving license;

▪ address (domicile/residence/mailing address); contact details (telephone/mobile, fax, e-mail),

▪ gender, family situation, family members, mother’s name before marriage;

▪ data on studies, employment, occupation, position, place of employment, type of employment contract (fixed/open term), date of last employment, data on employment history/seniority in the profession;

▪ information about the income earned and its source, housing situation and property owned (whether movable or immovable);

▪ data on financial behavior/liquidity, monthly expense data, recurring expenses such as credit or other nature, repayment history of outstanding commitments, possible disputes with third parties, insurance products owned or to be purchased and cover provided therein, expenses for taxes and charges, number of dependants;

▪ information on fraudulent/potentially fraudulent activity, consisting of data on allegations and convictions related to offenses such as fraud, money laundering and terrorist financing;

▪ membership of a group of customers, ownership in other companies, and other data included in contracts entered into with you or generated during the performance of the contract.

▪ banking data, including information about the banking products/financial services owned, banking transactions;

▪ data on possible conflict of interest;

▪ political exposure, if any, and the civil service position;

▪ data on penalties, if any;

▪ handwritten or electronic signature, as appropriate;

▪ any other personal data brought to our attention in various contexts by customers or any other person.

The personal data processed may be provided to Telecredit IFN SA:

▪ directly by you or through a legal or contractual representative or other person acting on your behalf, by completing forms or documents made available for the purpose of entering into the contractual relationship, updating data, purchasing products and services, ordering operations, making requests relating to the contractual relationship, irrespective of the channel of communication used;

▪ by consulting, directly or through private database providers, data made publicly available by government bodies or public or regulatory institutions, such as: The Register of Commerce (portal.onrc.ro), the Ministry of Finance (mfinante.ro), the National Agency for Fiscal Administration (anaf.ro), the Ministry of Justice (portal.just.ro), the Electronic Archive of Collateral Securities (aegrm.ro/romarhiva.ro), the National Bank of Romania (Credit Risk Central or Payment Incident Central), the Official Gazette, the Romanian Government Portal (data.gov.ro);

▪ by consulting information available from external public sources, such as the internet and social networks or by consulting its own database;

▪ by the data subject's contractual partners (e.g. partners who pay wages or other income to the data subject or request payments from the data subject's accounts).

 

Processing purposes: OMNICREDIT online platform processes the personal data declared for providing crediting and factoring/discount services for the following purposes, in order to take measures for performing the stages related to the crediting contract: know-you-customer, analysis of customer creditworthiness, risk assessment, offer, signing the crediting/factoring/discount contract, credit drawdown, credit management, factoring/discount service management, cashing related to credit contracts, collecting/transfer/execution activities, creating user account, marketing activities, as well as for the purpose of fulfilling the legal obligations on audit, know-your-customer, purpose of preventing and identifying potential frauds.

Special data
We process special data on your health only for the purpose of identifying payment alternatives for the credit.

Upon applying through Omnicredit platform a receivables transfer application, data is collected from publicly available sources such as RECOM, AEGRM, Ministry of Public Finances, ANAF, Courts of Law Portal, LinkedIn, the website of your organization.

Legal grounds for processing: The basis of processing consists of:

– consent regarding the data necessary for the marketing activity, the identification of credit payment alternatives and for the creation of the user account,

– realization of the crediting / factoring / discounting contract, knowing the client, analyzing the client's creditworthiness, risk assessment, bidding, signing the crediting agreement, drawing the credit, managing the credit, receipts associated with the credit agreements, collection / assignment / execution activity,

– as well as the fulfillment of the applicable legal provisions (specific legislation in the field of lending / factoring / discounting, legislation on money laundering and combating acts of terrorism, sectoral legislation)

– The legitimate interest in order to exercise the actions in order to prevent the frauds that may appear in the crediting / factoring / discounting activity, the representation in court for the defense of one's own rights.

Your personal data are processed by Telecredit IFN SA on the following legal bases:

     a. For the purpose of concluding and carrying out the contractual relationship in accordance with Article 6 (1) (b) of the Data Protection General Regulation

Considering this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ analysis of applications for services and products and assessment of eligibility;

▪ provide information on the products and services requested/received, monitor the fulfillment of contractual obligations, notify you on the contracts concluded (e.g. change/add-on features/costs/features/products benefits/services, information on due/overdue rates, take the necessary action as a result of failure to comply with those contractual obligations (e.g. collection of debt/recovery of claims/declaration of expected maturity);

▪ modification of contracts concluded (e.g. restructuring, refinancing, extension of lending duration, deferred payment, commitments/payment agreements concluded in the amicable/legal recovery procedure, etc.);

▪ reporting and transmission of necessary information/documents to guarantee funds (e.g. FNGCIMM, FGDB);

     b. In order to fulfill legal obligations under Article 6(1)(c) of the Data Protection General Regulation.

Considering this legal basis, your personal data are processed by the Institution Telecredit IFN SA for the following purposes:

▪ identification and knowledge of customers, carrying out risk analysis, reporting suspicious transactions, preventing fraud, i.e. for the purpose of preventing money laundering and terrorist financing, including by collecting in the IT system the data shown in the customer’s identification documents;

▪ management of checks and investigations, namely carrying out of reports to authorized authorities/institutions such as ANAF, ANPC, BNR, CRC, ANSPDCP, ASF/BVB, the National Office for Preventing and Fighting Money Laundering, the Fund for Guaranteeing Deposits in the Banking System, according to their competences;

▪ enforcement of sums due and administration of garnishment and seizures, as provided for by the Civil and Criminal Procedures Codes, the Fiscal and Fiscal Procedures Code, including the provisions of the special laws in this area;

▪ enforcement of courts decisions;

▪ carrying out mandatory audit missions;

▪ revaluation of collateral, calculation of provisions;

▪ auditing of financial statements;

▪ management of conflict of interest;

▪ recording and management of risks specific to the work carried out, in accordance with european and international regulations, relating to minimum capital requirements, supervision of capital adequacy and market discipline of banking institutions;

▪ tax compliance, including concerning the withholding taxes and charges;

▪ granting of certain benefits/facilities provided by the law.

▪ ensuring physical security through video monitoring, in accordance with legal provisions on the protection of objectives, property, values and the protection of individuals;

▪ storage and archiving of information.

     c. In order to fulfill the institution's legitimate interests under Article 6 (1) (f) of the Data Protection General Regulation.

Considering this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ conduct internal analyzes (including statistical analyzes)/market studies, both on products/services and on the customer portfolio, to monitor customer satisfaction and quality of services and products purchased, to improve and further develop products/services/ internal processes;

▪ developing profiles, segments, typologies to present/deliver the most suitable products/services;

▪ design, development, testing and use of existing or new IT systems and IT services, database storage;

▪ direct marketing, where applicable;

▪ planning strategic development, forecasting portfolio dynamics, producing business forecasts on performance indicators, budgeting, setting of cost items for the institution's products/services;

▪ monitoring transactions to prevent and investigate fraud;

▪ conducting internal reporting to management bodies, including for prudential measures, preventing operational risk, including fraud, and managing refusals to pay;

▪ ensuring a high level of security both at the IT system level and at physical locations (e.g. territorial units, regional/business centers, headquarters);

▪ conclusion and management of financing contracts or debt disposals;

▪ debt collection/recovery of claims;

▪ management of conflict of interest;

▪ establishing, exercising or defending in court the rights of the institution, recovering damages and establishing evidence and monitoring thereof;

▪ recording interactions through official communication channels, with the aim of providing evidence of the application/agreement/option for certain financial-banking services, where applicable;

▪ video monitoring for the security of premises and goods in order to prevent circumstances that may adversely affect the credit institution or the person concerned (other than those covered by legal obligations);

▪ storage and archiving of information.

     d. Upon your consent in accordance with Article 6(1)(a) of the Data Protection General Regulation.

Considering this legal basis, your personal data are processed by Telecredit IFN SA for the following purposes:

▪ for the checks/queries underlying the credit risk analysis in the databases represented by the Credit Risk Central and the ANAF, if you request a credit product;

▪ for marketing profiling and direct marketing;

▪ to make telephone audio recording, in order to improve the quality of service;

▪ granting certain benefits/facilities provided by law, upon your request that will represent consent by default;

▪ analyzing the behavior on the occasion of accessing the OMICREDIT website, using cookies, both of the credit institution and of third parties.

If you have not agreed to carry out these operations, they will not be carried out.

 

Categories of recipients: Thusly, in order to facilitate the performance of action in relation to the crediting contract and for the fulfillment of legal obligations, Telecredit IFN SA communicates such data to the authorities and public bodies, operators, third parties or its attorneys or other categories of recipients such as:

  • For the fulfillment of certain legal requirements or upon their request, to: the National Bank of Romania, the National Office for Preventing and Fighting Money Laundering, legal auditors, other state authorities.
  • Services providers (including consultants, experts, notary offices, law firms, collection firms, receivers, IT & C services providers, marketing and courier services providers, archiving companies, banking institutions)
  • Upon the express request of: ANPC, courts of law, central and local public authorities, police, market research organizations.

Categories of attorneys

The transfer of the date is made depending on concrete cases, limited to the processing objective and making sure through the concluded contract that the Regulation requirements are met. Additionally, the attorneys are subject to the provisions of the Regulation similar to controllers (inclusively in terms of the request to erase or return the data).

Remember: The use of attorneys is justified by business reasons, most of the times for specialized professional services that can manage the required volumes and provide the technology through which the Controller can fulfill its attributions.

The data is not sent to all attorneys at the same time.

Categories of attorneys:

  • Accounting company (Bucharest)
  • Servers hosting company (Bucharest)
  • Accounting software company (Cluj)
  • Receivables collection company (Bucharest)
  • Receiver offices (Romania)
  • Tax authorities
  • Payments processors (Bucharest)
  • Banking institutions (Bucharest)
  • Communication services providers (Bucharest)

This type of communication is occasional or permanent, depending on the case.

Processing termIn order to determine the period for which the data will be processed, we take into account the contractual duration until the expiration of the contractual obligations, the NBR regulations and the archiving deadlines by the archiving law, the order of the Minister of Finance. In addition to the guarantees by consent, the duration is as long as it is in force.

If you do not agree to the data processing according to the one specified above, we cannot provide our services, we cannot conclude the crediting contracts you request or we cannot perform the crediting contract in which you are /will be part. During the collection of personal data, the mandatory fields shall be distinctly marked with *.

Processing (including storage) of personal data shall be carried out during the period of validity of contracts and in accordance with the legal provisions in force, as from the date of the end of the financial year in which the documents underlying the entries in the accounts were drawn up, under applicable accounting law and legal rules on archiving of documents, i.e. for the duration of any other legal basis justifying the case.

Personal data will be processed for the purpose of customer knowledge and prevention of money laundering and terrorist financing for at least 5 years from the date of termination of the business relationship.

Personal data transmitted to the Credit Risk Central shall be stored for 7 years from the date of registration.

If you have given prior consent to the processing of your personal data for direct marketing purposes, your data will be processed for this purpose during the duration of the contractual relationship and for a period of 5 years after its termination. If you withdraw your consent, your data will no longer be processed for this purpose without any withdrawal of consent affecting the legality of previous processing operations.

The credit institution may, following the legal time limits for archiving, order the anonymity of the data, thereby depriving it of its personal character and continue the processing of anonymous data for statistical purposes.

 

Personal data processing for direct marketing 

To the extent you agreed, Telecredit IFN SA and/or its partners process for direct marketing (1), for profile creation (2), personal data such as: name, date of birth, address, email, phone number. For the fulfillment of direct marketing purpose, Telecredit IFN SA, through specialized departments, select and analyze (3) one or several personal data specified above. Besides this, the following may also be used: gender, marital status, occupation, occupation field, income, employer, socio-demographic data, IP address, data about online behavior (visited web pages), data about the used device, with the specification that the entire data set is not used at the same time.

1) Direct marketing implies the sending of commercial offers, newsletters, invites to campaigns, offer customization, management of any loyalty or rewarding programs for consumers related to Client account, customization of communication with its customers using personal data related to clients history, previous options or products or services preferences and others as such. We say, to the extent you agreed, as if you expressed your disagreement, your data cannot be processed for direct marketing.
(2) “profile creation” means any form of personal data processing that consists of using personal data to assess certain personal matters referring to an individual, especially in order to analyze or provide matters concerning the economic situation, behavior, place where the individual is.
(3) selection and analysis are not purposes different from the initial purpose, nor freestanding processing operations, but methods through which direct marketing purpose is fulfilled.

Recipients of personal data

Depending on your relationship with our institution, as appropriate, your personal data may be transmitted to:

▪ the data subject or the legal or contractual representatives of the data subject;

▪ counterparties of the institution (such as debt collection/claim recovery agents and field agents, couriers, notaries, lawyers, consultants, accountants, authorized evaluators, censors and auditors, IT service providers, physical and/or electronic archiving services or other service providers, subject to the obligation of confidentiality with regard to the data transmitted);

▪ providers of market research, marketing communication services;

▪ entities with which the credit institution has concluded financing agreements or debt disposals;

▪ associated operators such as FNGCIMM, the Rural Credit Guarantee Fund, the Credit Risk Central (established within the BNR), the Payment Incident Central (established within the BNR), the Central Depositary, i.e. to other associated operators as regulated under the legal provisions in force;

▪ the National Bank of Romania, ANAF, the National Office for Preventing and Fighting Money Laundering, the Competition Council, the Financial Supervisory Authority, the Fund to Guarantee Deposits in the Banking System,

▪ judicial/investigative authorities, judicial courts, central public authorities, local public authorities, judicial enforcement officers.

The data transmitted to third parties will be adequate, relevant and not excessive in relation to the purpose for which it was collected and which allows transmission to a particular third party.

The need for processing personal data

Your personal data are required to fulfill the above mentioned purposes. Failure to provide the necessary personal data may cause delays in the availability of certain products and services or make it impossible for us to provide the services and/or product requested.

If you oppose processing of data for purposes based on the legitimate interest, we inform you that this option will be analyzed and, depending on the particular situation of the data subject, you will receive a response under the Data Protection General Regulation.

In case of data processing operations based on your consent, we note that failure to consent will result in the failure of the operation.

Rights of individuals in relation to the personal data processing

According to the General Data Protection Regulation 679/2016, individuals have the right to access, information, rectification, erasure or forgetfulness, portability of data, restriction of processing and opposition.

Right to information 
Individuals have the right to be informed about the collection and use of their personal data.

Right to access
Individuals have the right to access personal data and additional information. The right to access allows individuals to know and verify the legality of processing.

Right to rectify
The individuals’ right to rectify inaccurate personal data or to supplement them if they are incomplete.

Right to data erasure (“right to be forgotten”)
The right of individuals to have their personal data deleted. The right to be erased is also known as the "right to be forgotten."

Right of portability
The right to data portability allows persons to obtain, reuse and have their personal data transferred to another operator, for own purposes within various services. In case this is technically possible, we will transfer your personal data.

Right to opposition
Individuals are entitled to oppose to: processing based on the legitimate interest or fulfillment of a public interest task/exercising public authority (including profiling), direct marketing (including profiling) and processing for the purpose of scientific/historic research and statistics.

Right to restrict the processing
Individuals are entitled to obtain the restricting of their personal data processing.

Rights related to the automated decisional process, including the creation of profiles 
The concerned person is entitled to not be the subject of any decision based exclusively on automated processing, including the creation of profiles, which produces legal effects that regarding the concerned person or affect them in a similar way to a significant extent. In case you gave us your consent for the processing of personal data, you are entitled to withdraw such consent at any time.
In cazul in care ne-ati oferit consimtamantul pentru prelucrarea de date personale aveti dreptul de a va retrage oricand acest consimtamant.

Individuals are entitled to submit, directly or through attorney, a complaint to a supervision authority. If any of your data is incorrect or outdated, please notify us as soon as possible.
Daca unele din datele dumneavoastră sunt incorecte sau neactualizate, va rugam sa ne informati in cel mai scurt timp posibil.

For any requests you might have about the exercising of the rights specified above or the withdrawal of the consent, as well as for any questions regarding the ones hereby communicated, please contact Telecredit IFN SA at email: dpo@telecredit.ro in atentia Responsabilului cu Protectia Datelor si/sau la adresa poștală Str. Dr. Iacob Felix, nr. 55, sector 1, Bucuresti.

If you make a request for the exercise of your rights in relation to personal data processing, our institution will respond to this request without delay, within a period of no more than one month, under the conditions laid down in the Data Protection General Regulation.

Measures implemented by Telecredit IFN SA to ensure personal data protection

Telecredit IFN attaches great importance to your personal data and understands to comply with legal requirements for the protection of personal data. To this end, the institution appointed a data protection officer, adopted an internal regulatory framework on personal data protection, including the management of security incidents, addressing of data subjects’ requests, data protection impact assessment, regular training and testing of employees to deepen and raise awareness of data protection activity, we have implemented technical and organizational measures to ensure the confidentiality, integrity and availability of personal data. The credit institution has also taken data protection measures, including in its relations with partners to which it transfers personal data, depending on their relationship with the institution (procedural representatives or associated operators). Products and services described on this site, the content and design, and the trademarks or logos presented, are the exclusive property of Telecredit or other contractual partners of Telecredit, and cannot be reproduced or used by any other third party, reproduction and use of the content for purposes other than personal use shall be prohibited under the sanction of the applicable law. The activity on the website is in accordance with Law 365/2002 on e-commerce. Also, access to the customer account requires a user name and password, and our recommendation is not to disclose this password to anyone.

#cameradegardapentruafacerilemici

Ghidul antreprenorului român!

Înscrie-te și tu acum, suntem mai mulți