1. General information
- H4l Băneasa S.R.L
- H4l Millennium Real Estate S.R.L.
- H4l Pipera S.R.L.
- H4l Sebastian Park S.R.L
- H4l West Garden S.R.L.
- S.C. H4l Development S.A.
Street Gara Herăstrău 4C, Green Court B, 020334, Bucharest, Romania
+40 784 369 369
2. h4l commitment regarding the processing of personal data
The processing of personal data primarily considers the optimal functioning of the h4l.ro website. The processing of personal data and all our actions are carried out in accordance with the h4l Values and Principles (https://h4l.ro/en/terms-and-conditions/), respecting private and family life, communications, the protection of personal data, freedom of thought, conscience and religion, freedom of expression and information, freedom to conduct a commercial activity, the right to an effective remedy and a fair trial, as well as cultural, religious and linguistic diversity.
The legal provisions on which h4l is based on the protection of personal data are those mentioned in 2016/679 (EU) Regulation of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free circulation of this data and repealing Directive 95/46/EC (General Data Protection Regulation), as well as in Law 190/2018 on measures to implement the General Data Protection Regulation. This Policy presents the principles applicable to the h4l.ro website regarding the collection and processing of your personal data.
3. Personal data and other information
The personal data and other information collected and processed on the h4l.ro website are as follows:
- information that you give us on the h4l.ro website, at the time of registration or when you correspond with us by phone, email or any other method of communication or when you fill out a form.
- information shared with us by other companies that have had your prior consent in terms of sharing this data with us, such as: a) information received from your employer in order to facilitate your use of the h4l.ro website and the services presented on the website;
- information that we collect automatically when you use the h4l website (cookies – a small file stored in your computer’s browser that stores information about how you navigate the h4l website. Cookies do not contain any information that could identify you directly as a person, they only indicate your computer in the form of randomly assigned numbers and letters). The cookies used by us are of the following types:
- cookies collected during a browsing session that remember you based on a randomly generated ID as you use the h4l.ro website, so that you are not asked to provide the same information that you have already specified on the site. These cookies are deleted as soon as you leave the site or close your browser.
- persistent cookies. Persistent cookies allow the h4l website to remember your preferences when you return. For example, if you choose to use the h4l.ro site in Romanian on your first visit, when you return, the site will automatically appear in Romanian.
- advertising cookies. These cookies can be used to learn about your general interests, based on your searches on the h4l.ro website. For example, that data allows us to send you advertisements for services that are suitable for you.
- analytical cookies. These cookies show us how the h4l.ro website works.
Other personal data and information.
4. Collection and processing of personal data on h4l.ro
Purpose of data collection and processing
We will use the information collected, both separately and in combination, a) to be able to offer you our services through the website, b) to make statistics about your preferences in order to identify opportunities to improve our services, c) to be able to keep in touch with you and inform you about our offers, d) to answer to your questions or requests for information, e) to help you manage your preferences regarding the h4l.ro website.
We will not share this personal data entrusted by you, except when we have your consent for this purpose, to prevent the violation of the law and/or the rights guaranteed by law (e.g. information security), when there is a legal requirement in this regard or when the transfer of personal data takes place in the context of a takeover of goods/enterprise.
We do not sell your personal data to other merchants. It is possible to distribute information that does not identify you personally to other companies, for the purpose of presenting the h4l.ro website and the trends visible on it.
We will also share the minimum necessary amount of your personal data with other companies that help us do our business, such as the companies that host our website, that help us correspond with you or analyze the data you submit. We only work with those companies that have the highest security standards in terms of personal data.
5. Processing and storage
As of August 15, 2022, personal data is processed and stored in HubSpot. Prior to this date, personal information was processed and stored in both HubSpot and WordPress Elementor.
We will retain your personal data only as long as necessary to achieve the purpose for which it was collected or as required by law.
6. Deletion of personal data
Personal data will be processed at the latest when you request their deletion or withdraw your consent. If you do not issue such a request, the personal data will be deleted after the following schedule: no more than 5 years after the last use.
You can contact us here: firstname.lastname@example.org, phone: +40 784 369 369. Your requests will be processed in a maximum of 5 working days.
We will comply with your requests according to the law: e.g. in the event that you wish to have your personal data deleted from our database, we will keep your email in our records so that our systems recognize that you no longer wish to receive marketing communications at your email address.
7. Security measures implemented to protect the information transmitted by you
he h4l.ro website will use the personal data transmitted by you in the strictest possible way, using the smallest volume of data and implementing the necessary control and security measures.
The measures we adopt to protect and secure your personal data are the following: server-firewall measures, intrusion detection and prevention systems, complex and unique passwords, encryption, staff training on obligations in the field of personal data processing, identifying incidents and risks, restricting access and protecting physical security.
Any complaints regarding data security breaches, whether actual or only potential, are reviewed within 48 hours and immediate measures are in place to prevent any unauthorized disclosure of personal data.
8. Your rights over personal data
We respect your rights regarding the personal data transmitted to the h4l.ro website and we want to encourage you in their full exercise. Thus, according to the law, you have the following rights regarding your personal data:
- Regarding cookies: You can set your browser in such a way that it refuses all cookies or indicates the moment when a cookie is sent to your computer, but in this way you can prevent the h4l.ro website from working properly. You can also set your browser to delete cookies every time you end your browsing session.
- Regarding your personal data: according to the legal provisions regarding the protection of individuals with regard to the processing of personal data and the free circulation of this data, you are guaranteed the following rights: (i) the right to be informed, (ii) the right to access the data, (iii) the right to rectification, (iv) the right to data deletion, (v) the right to restrict processing, (vi) the right to data portability, (vii) the right to object, and (viii) the right not to be subject to a decision based solely on automated processing, including profiling.
To exercise any right regarding your personal data, you can contact us here: email@example.com, telephone +40 784 369 369. Your requests will be processed in a maximum of 5 working days.
9. Policy towards minors
We do not intend to collect information from minors. We do not target minors as potential beneficiaries of the services offered on the h4l.ro website.
Cookies set in a visitor’s browser by HubSpot
The HubSpot tracking code sets a series of tracking cookies when a visitor accesses the website. These cookies fall into two general categories:
Essential/necessary cookies: essential cookies that do not require consent.
Consent cookies: cookies included in the GDPR consent banner.
(Expires: 13 months)
This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from denying cookies because it still allows anonymized information to be sent to HubSpot.
(Expires: 13 months)
This cookie is used to consistently serve visitors the same version of an A/B test page they have previously viewed.
(Expires: end of session)
When you visit a password-protected page, this cookie is set so that future visits to the page in the same browser do not require authentication again. The cookie name is unique for each password-protected page.
This cookie is used to determine and save whether the chat widget is open for future visits. It resets to close the widget again after 30 minutes of inactivity.
(Expires: 30 minutes)
This cookie is used to prevent the welcome message from appearing again for a day after it has been rejected.
(Expires: 1 day)
This cookie is set when visitors log in to a website hosted by HubSpot.
(Expires: 1 year)
Consent banner cookies
Primary visitor tracking cookie. It contains the domain, the utk, the initial history (first visit), the last hour of time (last visit), the current time (this visit), and the session number (increments for each subsequent session).
(Expires: 13 months)
This cookie is used to keep track of a visitor’s identity. This cookie is sent to HubSpot when submitting the form and is used to deduplicate contacts.
(Expires: 13 months)
This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session count and timestamps in the __hstc module. Contains the domain, viewCount (increments each Page/View in a session) and session start time.
(Expires: 30 min)
Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted the browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
(Expires: end of session)
This cookie is used to recognize visitors who communicate through the messaging tool. If the visitor leaves the site before being added as a contact, they will have this cookie associated with their browser. If you chat with a visitor who later returns to the site in the same cooked browser, the messaging tool will load their conversation history.
(Expires: 13 months)
If you use HubSpot’s ad tool to select and install the Facebook pixel on pages with the HubSpot tracking code, HubSpot will link the placement of that pixel with the cookie notification banner. If you require denying consent through this banner, the Facebook pixel will not be able to set cookies on a visitor until they opt out.
If you have manually placed the pixel code in the pages (for example, by editing the HTML site header), HubSpot will not be able to control which Facebook visitors are able to set cookies.
For more information, see the Facebook business tools terms and the Facebook cookie opt-in guide.
Cookies from third party systems
HubSpot cannot control the cookies placed by third-party scripts on the website. When a visitor accepts cookies through the HubSpot consent banner, they accept only HubSpot cookies. However, you can put code in place to know when a user has accepted or declined HubSpot’s cookie tracking, and then send that information to the third-party system. Learn more about using the HubSpot consent banner for third-party scripts.
Learn about removing cookies created by the HubSpot tracking code that are included in the GDPR consent banner. When a visitor’s cookies are removed, the visitor will be considered “new” and will see the cookie banner the next time they visit the website.
Personal data protection - HubSpot
In order to optimize the experience you have in the digital communication environments used by h4l.ro, we have implemented the CRM system offered by HUBSPOT. This system involves a series of activities, which we explain below:
1. Information we collect
When you visit our website
You are free to explore the website without providing any personal information about yourself. When you visit the website or register for the subscription service, we ask you to provide personal information about yourself and collect browsing information.
This refers to any information you voluntarily submit to us that personally identifies you, including contact information such as your name, email address, company name, address, telephone number and other information about you. Personal information may also include information about you that is available on the Internet, such as from Facebook, LinkedIn, Twitter and Google.
Personal information includes navigation information. Browsing Information refers to information about your computer and your visits to the website, such as your IP address, geographic location, browser type, referral source, duration of visit, and pages viewed. See the “Use of Browsing Information” section below.
When you view content we provide, we automatically collect information about your computer hardware and software. This information may include your IP address, browser type, domain name, Internet Service Provider (ISP), files viewed on our site (eg HTML pages, graphics, etc.), operating system, data from click, access times and reference site, addresses. This information is used by HubSpot to provide general website usage statistics. For these purposes, we link this automatically collected data to Personal Information such as name, email address, address and telephone number.
Information we collect from third parties
From time to time, we may receive personal information about you from third-party sources, including partners with whom we offer co-branded services or engage in joint marketing activities and publicly available sources such as social media sites.
2. How we use the information we collect
We never sell personal information.
We will never sell your Personal Information to third parties.
Use of personal information
to improve your browsing experience by personalizing the website and improving the communication service;
to send you h4l information or content that we think may be of interest to you by post, email or other means and to send you marketing communications about our business in accordance with your communication preferences;
promoting our services, products and sharing promotional and informational content in accordance with your communication preferences;
providing statistical information about our users to other companies – but this information will not be used to identify any user;
Our legal basis for collecting and using the personal information described above will depend on the personal information in question and the specific context in which we collect it. However, we will normally only collect personal information from you where we have your consent to do so, where we need the personal information to perform a contract with you or where the processing is in the interests our legitimate interests and is not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether or not providing your personal information is mandatory (as well as the possible consequences of not providing personal information). Similarly, if we collect and use your personal information based on our (or any third party’s) legitimate interests, we will make clear to you at the time what those legitimate interests are.
Use of navigation information
We use Navigational Information to be able to deliver the best content to you, to continuously improve the site. We may also use Browsing Information alone or in combination with Personal Information to provide you with personalized information about h4l.
Security of your personal information
We use a variety of security technologies and procedures to protect your personal information from unauthorized access, use or disclosure. We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal information is protected using appropriate physical, technical and organizational measures. All these solutions are offered by HubSpot. For more information about HubSpot security, see https://www.hubspot.com/security.
Social media functions
Our website includes social media features such as the Facebook Like button and widgets. These elements may collect your IP address, the page you visit on our sites and may set a cookie to allow the function to function properly.
We offer areas on the site where you can leave messages accessible to the public. Please note that if you directly disclose information through these public areas, the information may be collected and used by other users. We will correct or delete any information you have posted on the website, if you request it, as described in “Opt-out and Unsubscribe” below.
Retention of personal information
How long we keep the information we collect about you depends on the type of information, as described in detail below. After such time, we will delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
When there is no need to process your personal information, we securely delete the information or make it anonymous, or, if this is not possible, securely store your personal information and isolate it from further processing until deletion is possible. We will delete this information at an earlier date if you request it, as described in “How to access and control your personal data” below.
If you have chosen to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you expressed interest in our content, products or services, such as when you last opened received an email from us or you stopped using your HubSpot account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date this information is created.
3. How we share the information we collect
We employ other companies and individuals to provide services to our website visitors, and we may need to share your information with them to provide you with information, products or services. Examples may include removing duplicate information from prospect lists, analyzing data or performing statistical analysis, providing marketing assistance, supplementing the information you provide to us to provide you with a better service, and providing customer service or support. In all cases where we share your information with such agents, we explicitly require the agent to acknowledge and comply with our privacy and customer data management policies. These processes do not involve the transfer of information to these entities, but only the facilitation of access to this data, in the safest way.
4. International transfer of information
International transfers within HubSpot entities
Information collected by HubSpot is stored and processed in Ireland and the USA.
Privacy Shield Notice
HubSpot participates in and has certified the EU-US agreement. Privacy Shield Framework and Switzerland – USA Privacy Shield Framework. The following affiliated entities comply with the Privacy Shield principles: HubSpot Ireland Limited, HubSpot Germany GmbH, HubSpot France S.A.S, HubSpot Australia Pty Ltd, HubSpot Asia Pte. Ltd., HubSpot Latin America S.A.S and HubSpot Japan KK. HubSpot is publicly committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, subject to the Privacy Shield Framework, to the applicable Principles of the Framework. To learn more about the Privacy Shield Framework, visit the US Department of Commerce Privacy Shield List at https://www.privacyshield.gov.
5. Cookies and similar technologies
What types of cookies do we use and how do we use them?
The specific types of third-party cookies served by our website and the purposes they serve.
- Essential web cookies: These cookies are strictly necessary to provide you with services available through our website
- Performance and functionality cookies: these cookies are used to improve the performance and functionality of the website, but are not essential for their use. However, without these cookies, certain functionalities may become unavailable.
- Analytics and personalization cookies: These cookies collect information that is used either in aggregate form to help us understand how our website is used, how effective our marketing campaigns are or to help us personalize the website for you.
- Advertising cookies: these cookies are used to make advertising messages more relevant to you. They perform functions such as preventing the same ad from appearing again and again, ensuring that ads are displayed correctly for advertisers and, in some cases, selecting ads that are based on your interests.
- Social network cookies: these cookies are used to allow you to share pages and content that you find interesting on our website through third party social networks and other websites. These cookies can also be used for advertising purposes.
What about other tracking technologies like web beacons?
Cookies are not the only way to recognize or track visitors to a website. We use a software technology called transparent GIFs (e.g. Web Beacons / Web Bugs), which help us manage the website better by letting us know what content is effective. Transparent GIFs are tiny images with a unique identifier, similar to the function of cookies, and are used to track the online movements of web users. Unlike cookies, which are stored on the user’s computer hard drive, transparent GIFs are embedded invisibly on web pages or in e-mails and are about the size of the period at the end of this sentence. We use GIFs or transparent pixels in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to evaluate the effectiveness of certain communications and the effectiveness of our marketing campaigns. We link the information collected by transparent GIFs in emails to our customers’ personal information.
Protection of personal data - Seventh Sense
In order to optimize the experience you have in the digital communication environments used by h4l.ro, we have implemented the Seventh Sense application, which works as an addon of HubSpot. This system involves a number of activities, which we explain below:
1. Information we collect
Seventh Sense mines your existing engagement data to build profiles for each person who has engaged with your company and automatically discovers the ideal time and frequency to contact each individual.
We automatically generate and store certain information whenever you interact with the Service. Such information may include your account ID, IP address, domain server, and Internet browser type. This information helps us, among other things, analyze trends and administer the Service.
2. Cookies, web beacons and other technologies
When you visit our websites, our servers or an authorized third party may place a cookie in your browser that may collect information, including personal data, about your online activities over time and across different sites. Cookies allow us to track overall usage, determine the areas you prefer, make your use easier by recognizing you and providing you with a personalized experience.
We also use web beacons on our websites. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our websites. Such tracking technologies are used to operate and improve our websites and email communications and to track when links are clicked or emails are opened.
The following describes how we use different categories of cookies and similar technologies, as well as information about your options to manage your settings for data collection through these technologies:
- Necessary cookies: Necessary cookies allow you to browse our websites and use their features, such as accessing secure areas of the websites. If you have chosen to identify yourself to us, we may place a cookie in your browser that allows us to uniquely identify you when you are connected to websites and process your online transactions and requests. As necessary cookies are essential for the operation of websites, there is no option to opt out of these cookies.
- Functionality cookies: Functionality cookies allow us to remember information you have entered or choices you have made (such as your username, language or region) and provide you with enhanced, more personal features. These cookies collect information about how our websites are used, including which pages are viewed most often. We may use our own or third-party technology to track and analyze usage and volume of statistical information to provide improved interactions and more relevant communications and to track the performance of our advertisements. To manage the use of functional cookies on our websites, see your individual browser settings for cookies. Note that opting out may affect the functionality you receive when using our websites.
3. How we share the information we collect
We may share your personal data with the following recipients:
- Our contracted service providers who provide services such as IT and system administration and hosting, authentication, credit card processing, research and analytics, marketing, customer support and data enrichment.
- In individual cases, we may also share Personal Data with professional advisers who act as joint processors or controllers, including lawyers, bankers, auditors and insurers.
- If we are involved in a merger or reorganization, sell a website or business unit, or if all or part of our business, assets or stock is acquired by another company, we may transfer some or all of your data with personal character to such third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any such transfer of personal data to an unaffiliated third party because the processing of your personal data will be necessary for the purposes set out in the “Purpose for which we process personal data and on which legal grounds” section above.
- With your consent, except as noted above, we may notify you when your information may be shared with third parties and prevent you from sharing that information.
4. International transfer of information
Your personal data may be collected, transferred and stored by us in the United States and by our affiliates in other countries where we operate.
Therefore, your personal data may be processed outside the EEA and in countries that are not subject to an adequacy decision of the European Commission and that may not provide the same level of data protection as in the EEA. In this case, we will ensure that such a recipient provides an adequate level of protection, for example by concluding standard contractual clauses for the transfer of data, as approved by the European Commission (Art. 46 GDPR), or we will require prior consent for such international data transfers.
Privacy Shield Notice
We outsource the hosting of our production infrastructure to leading cloud infrastructure providers. We primarily use Amazon Web Services (AWS), which provides industry-leading levels of physical and network security. Currently, our AWS cloud server instances are located in US locations. Facility uptime is guaranteed between 99.95% and 100%, and facilities provide minimum N+1 redundancy for all power, network and HVAC services.
5. Storage of personal data
We may retain your personal data for a period of time consistent with the original purpose of collection. We determine the appropriate period of retention of personal data based on the amount, nature and sensitivity of your personal data, the potential risk of harm from unauthorized use or disclosure, and whether we can achieve the purposes of the processing by other means, as well as applicable legal requirements ( such as applicable statutes of limitations).
After the retention periods expire, your personal data will be deleted. If there is information that, for technical reasons, we cannot completely delete from our systems, we will put in place appropriate measures to prevent any further use of the data.
6. Preferences for Marketing Communications
If we process your personal data for the purpose of sending you marketing communications, you can manage the receipt of marketing and non-transactional communications from us by clicking the “unsubscribe” link at the bottom of our marketing emails, replying or sending messages. “STOP” if you receive SMS communications or turn off push notifications from our apps on your device. Additionally, you can unsubscribe here or by contacting us using the information in the “Contact Us” section. Please note that opting out of marketing communications does not preclude you from receiving important commercial communications related to your current relationship with us, such as information about your subscriptions or event registrations, service announcements, or security information.
10. Changes in the h4l Personal Data Protection Policy
11. Contact information
For any question, please contact us at:
firstname.lastname@example.org, telefon +40 784 369 369.