Băncilă, Diaconu și Asociații SPRL is a law firm organized and functioning in accordance with the Romanian laws, headquartered in Bucharest, 15-17 Ion Mihalache Bld., Sector 1, registered with the fiscal authorities under no. RO18694533.
This Privacy Notice is intended to describe the practices Băncilă, Diaconu și Asociații SPRL, as a member firm of Ernst & Young Global Ltd, follows in relation to its Customer Relationship Management systems (CRM systems) with respect to the privacy of all individuals whose personal data is processed and stored in the CRM systems for direct marketing purposes.
“EY” refers to one or more of the member firms of Ernst & Young Global Limited (“EYG”), each of which is a separate legal entity. The Romanian member firms of EYG, each of which is a separate legal entity, are: Ernst & Young SRL, Ernst & Young Assurance Services SRL, Ernst & Young Service SRL and RBăncilă, Diaconu și Asociații SPRL.
2. Who manages EYs CRM systems?
The entity that is managing the CRM systems for the EY member firms globally is EY Global Services Limited (a private company limited by shares in England and Wales, registered office, 6 More London Place, London SE1 2DA, United Kingdom, registered number 5483856).
The personal data stored in our CRM systems is available to all EY member firms (see “Who can access your information” section below). Each EY member firm is the controller for its own contact data stored in the CRM systems.
3. Why do we need your information?
The CRM systems are EYs client/contact relationship management tools that support the marketing operations of EY member firms. Clients and contacts in the CRM systems may be sent to EY thought leadership, marketing materials, learning opportunities, surveys and invitations to events.
Personal data processed in the CRM systems is used for the purposes of sales and marketing. Processing your contact information allows us to communicate with you via electronic mailings, text messages, in hard copy form or from time to time if necessary also via phone.
EY relies on the following basis to legitimize the processing of personal data in its CRM systems:
4. What type of personal data is processed in the CRM systems?
The CRM systems process personal data of former, current and prospective clients (including individuals within a corporate client) of EY member firms. The CRM systems also contain data of other business contacts (such as consultants, regulators, journalists) as well as alumni.
The following data categories are processed in the CRM systems:
5. Sensitive Personal Data
Sensitive personal data reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning sex life or sexual orientation.
EY and, specifically, Băncilă, Diaconu și Asociații SPRL do not intentionally collect any sensitive personal data from you to store in its CRM systems. The CRM systems’ intention is not to process such data unless you explicitly provide sensitive personal data to us (for example dietary requirements if you attend one of our events).
6. Who can access your information?
Access to your personal data is limited by need. All marketing personnel within the EY member firms worldwide have access to your contact information.
We will only disclose your personal data to third parties:
7. International transfer of data
EYs CRM systems are hosted in EYs global data centres in Germany, the United States and Singapore and are accessible globally by all EY member firms.
EY has a comprehensive global privacy compliance program that includes EU-approved Binding Corporate Rules as well as certification to the EU-US Privacy Shield and the Swiss-US Privacy Shield Frameworks administered by the U.S. Department of Commerce. Please see EY’s Binding Corporate Rules page for more information on our Binding Corporate Rules, and EY’s Privacy Shield Notice for more information on how EY complies with the Privacy Shield program. EY will only disclose your personal data to third parties that provide an adequate level of privacy protection.
8. Data retention
Data of contacts who have been out of active use for 18 months will be deleted from our CRM systems. If you want to have your data deleted from our CRM systems or if you wish to object to the processing of your personal data for direct marketing purposes, please email us via firstname.lastname@example.org.
EY is committed to making sure your personal data is secure. To prevent unauthorized access or disclosure, EY has technical and organizational measures to safeguard and secure your personal data. All EY personnel and third parties EY engages to process your personal data are obliged to respect your data’s confidentiality.
10. Controlling your personal data
EY will not transfer your personal data to third parties (other than any external parties referred to in section 6 above) unless we have your permission or are required by law to do so.
You are legally entitled to request details of EY’s personal data about you.
To confirm whether your personal data is processed in our CRM systems or to access your personal data in the CRM systems, contact your usual EY representative or email your request to email@example.com.
11. Rectification, erasure, restriction of processing or data portability
In order to confirm that your personal data is accurate and current or to request rectification, erasure, restriction of processing or a readily portable copy of your personal data, you can contact your usual EY representative or by sending an e-mail to firstname.lastname@example.org.
By submitting your CV (and/or cover letter) on the dedicated page of our Site you agree with the fact that your personal data incorporated under this(/these) document (e.g., name, e-mail, phone number, address, education, professional experience) will be used by Băncilă, Diaconu și Asociații SPRL for the purpose of assessing your application for a position within the law firm.
Băncilă, Diaconu și Asociații SPRL intends to keep your personal data, based on its legitimate interest, for as long as necessary in order to serve the purpose of the envisaged data collection (e.g., for the duration of the respective recruitment process, as well as for future recruitment endeavours). To the extent you wish Băncilă, Diaconu și Asociații SPRL to refrain from using these personal data in the future please inform us by sending an email to email@example.com or by using the contact form on our Site.
The personal data collected during the recruitment process are available to other EY member firms. The human resources personnel within EY Romania member firms have access to these data for the purpose of assessing the application.
If you are concerned about an alleged breach of privacy law or any other regulation, contact EY’s Global Privacy Officer, Office of the General Counsel, 6 More London Place, London, SE1 2DA, United Kingdom or via email at firstname.lastname@example.org or via your usual EY representative. An EY Privacy Officer will investigate your complaint and provide information about how it will be handled.
If you are not satisfied with how EY resolved your complaint, you have the right to complain to your country’s data protection authority. You can also refer the matter to a court of competent jurisdiction.
14. Contact us
If you have additional questions or concerns, contact your usual EY representative or email email@example.com.