Information and Offers

Would you like to find out more about our services or need a quote for your project?
Fill out the form, and you will be contacted as soon as possible.

Geostud is you!

Whether you're a student just starting out or an experienced professional, there's a place for you at Geostud!
Join the Geostud team! Fill out the form and an HR representative will get in touch with you.

Support & Contact Geostud
geo
Information and Offers
Careers
Contact Details
We use Cookies

This website uses cookies to give you the best browsing experience. To learn more read our privacy policy.

ManageEnables

Privacy Policy

  1. INTRODUCTION

GEOSTUD SRL as author, owner and administrator of the website www.geostud.ro, hereinafter referred to as GEOSTUD, respects the privacy and security of the processing of personal data of each person accessing its website.

1.1 CONTEXT OF THE GENERAL DATA PROTECTION REGULATION ("GDPR") 

The General Data Protection Regulation 679/2016 replaces the EU Data Protection Directive of 1995 and replaces each Member State's legislation, which was drafted in accordance with the Data Protection Directive 95/46/EC. Its purpose is to protect the "rights and freedoms" of individuals and to ensure that personal data is not processed without their knowledge and that it is processed in accordance with their consent.

1.2 DEFINITIONS USED BY THE ORGANIZATION (TAKEN FROM GDPR) 

The material scope (Article 2) - GDPR applies to the processing of personal data wholly or partly by automated means, as well as to the processing otherwise than by automated means of personal data which form part of a data filing system or are intended to form part of a data filing system.

Territorial scope (Article 3) - The GDPR applies to the processing of personal data in the course of the activities of an establishment of a controller or processor on Union territory, regardless of whether the processing takes place on Union territory or not. This Regulation shall apply to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union where the processing activities relate to:

  1. (a) the offering of goods or services to such data subjects in the Union, irrespective of whether or not a payment is requested by the data subject;
  2. b) monitoring their behavior if it occurs within the Union.

This Regulation shall apply to the processing of personal data by a controller which is not established in the Union but in a place where domestic law is applicable by virtue of international law.

 1.3 DEFINITIONS OF ARTICLE 4

"Headquarters" - the controller's principal place of business in the EU will be the place where the controller takes the main decisions on the purposes and means of its data processing activities. A processor's principal place of business in the EU will be its administrative center.

"Personal data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity.

"Special categories of personal data" - personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or sex life or sexual orientation of a natural person.

"Operator" shall mean the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by Union or national law, the controller or the specific criteria for its designation may be laid down in Union or national law.

"Person concerned" - any natural person subject to personal data held by an organization.

"Processing" means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

"Creating profiles" shall mean any form of automated processing of personal data consisting of the use of personal data in order to evaluate certain personal aspects relating to an individual, in particular to analyse or predict aspects relating to the performance at work, economic situation, health, personal preferences, interests, reliability, reliability, conduct, location or movements of the individual.

"Personal data breach" means a breach of security that leads to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or unauthorized access to personal data transmitted, stored or otherwise processed.

"Consent" of the data subject shall mean any freely given specific, informed and unambiguous indication of his or her free will by which the data subject signifies his or her agreement, by an unequivocal statement or action, to personal data relating to him or her being processed.

"Child" - The GDPR defines a child as any person under the age of 16, although this may be reduced to 13 years of age by Member State law. Processing a child's personal data is lawful only if the consent of the parents or guardians has been obtained. The controller will make reasonable efforts to verify in such cases whether the holder of parental responsibility for the child gives or authorizes consent.

"Third party" shall mean a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.

"Data record system" shall mean any structured set of personal data accessible according to specific criteria, whether centralized, decentralized or distributed on a functional or geographical basis.

  1. PRIVACY STATEMENT

The management of GEOSTUD, based in Str. Sângerului, nr. 11, Bucharest, Sector 1, is committed to complying with all relevant EU and Member State laws regarding personal data and the protection of the "rights and freedoms" of the individuals whose information GEOSTUD collects and processes, in accordance with the General Data Protection Regulation (GDPR).

GDPR compliance is described by this policy and other relevant policies, such as the Information Security Policy, together with related processes and procedures.

Geostud is committed to protecting the privacy of your personal data and to developing technologies that enable you to conduct your business in the best and safest conditions. This Personal Data Privacy Statement ("Privacy Statement") governs all instances where Geostud comes into possession of your personal data as a controller for the purposes described in this Privacy Statement. This Privacy Statement takes precedence over any other current privacy clauses that form part of your collaboration or employment agreement with/with Geostud. Contact details of the personal data controller can be found at: https://www.geostud.ro

Our Privacy Statement explains what information we collect from you, how we may use it, the choices you have about how we use it, and the security measures we take to protect that information.

The General Data Protection Regulation (GDPR) will be applied by all

GEOSTUD who process personal data, including all persons within GEOSTUD who process the personal data of customers, employees, suppliers and partners, as well as any other personal data that the organization processes from any source.

The Data Protection Officer is responsible for the annual review of the processing register for any changes to GEOSTUD's activities (driven by changes recorded in the data inventory register) and any additional requirements identified through data protection impact assessments. This register shall be available upon request by the supervisory authority.

This policy applies to all GEOSTUD employees/staff and GEOSTUD stakeholders, such as outsourced suppliers. Any breach of the GDPR will be dealt with under GEOSTUD's disciplinary policy and may also be a misdemeanor, in which case the matter will be reported as soon as possible to the appropriate authorities.

Partners and any third parties who work with or for GEOSTUD and who have or may have access to personal data are expected to have read, understood and complied with this policy. No third party may access personal data held by GEOSTUD without having first entered into a data privacy agreement, which imposes obligations on the third party no less onerous than those that GEOSTUD has complied with and which gives GEOSTUD the right to verify compliance with the agreement.

We may also collect and further process certain information about your behavior while visiting our website in order to personalize your online experience.

2.1. HOW THE PRIVACY STATEMENT APPLIES TO YOU

This privacy statement sets out the principles that guide the collection, use, processing, storage, retention, disclosure and distribution of personal data belonging to agents, consultants, temporary workers, interns or trainees in different functions (hereinafter referred to as "associates"). The declaration includes all files stored and processed in electronic form, including e-mail and transmission of documents, printed documents stored in the company's archive, as well as personal information distributed to third parties.

The statement applies to all personal data collected or processed through websites, mobile apps, webinars, webinars, other services that collect or process data. It also applies to data collected as a result of your employment or other engagement with Geostud, including but not limited to medical or occupational safety data.

This Privacy Statement applies to your personal information, that is, any information or combination of information that can be used to identify you.

2.2. INFORMATION ON THE CONFIDENTIALITY OF CHILDREN'S PERSONAL DATA

Our website and/or business services are designed, developed and intended primarily for business purposes and are therefore only intended for adults and teenagers (aged 16 and over), not for children under 16. Under applicable data privacy legislation for children, such as the General Data Protection Regulations (GDPR), we do not knowingly collect or store personal data from children under the age of 16, unless it is related to a company benefit plan and is relevant to the employee. Our business website is not designed to collect personal data from children under the age of 16.

If we learn that such information has been accidentally collected about a child and we have determined that the information is not relevant to our legitimate business interests or our contractual obligations, we will undertake to take steps to delete it from our records.

  1. WHAT PERSONAL INFORMATION WE COLLECT AND PROCESS

As part of the operational requirements of our business activities, we may collect or process various information that you voluntarily provide to us, including personal contact details and information collected as a result of your employment or other collaboration with GEOSTUD, as well as information received from third parties. Specifically, we may collect the following information:

  • Personal contact details, including: names, business addresses, telephone numbers, e-mail addresses as you provide them to us when registering online, in business dealings or by providing services to us.
  • Purchasing information includes data on purchases you make through sales teams or ERP systems.
  • Employment information includes job preferences, employment history, information provided through electronic application documents.
  • The demographic information you volunteer includes data such as: age, gender, ethnicity, hobbies, information about other activities, likes, dislikes, preferences and the like.
  • Images recorded by closed-circuit video cameras (CCTV) when you visit our website, where such equipment is installed.

We may also collect information from other sources, including contact lists and demographic information from third parties and other sources. This data may be combined with other data that we collect and use for the business purposes described in the privacy statement.

All such information is collected directly from you, but also from third parties that you have authorized to provide your personal information, and where permitted by local law - through publicly available sources, including but not limited to social networks.

We also automatically collect certain types of information, such as:

  • Your IP (internet protocol) address, the identification code of the electronic means used, operating system, browser type, website and the pages you are viewing
  • Third parties providing services to you may also automatically collect information about you.
  1. WHY WE COLLECT AND HOW WE USE YOUR INFORMATION

We may use your personal information only for the purpose for which you have provided it to us.

If you or the company you represent is a Customer or Vendor, we may use the information you provide to: (i) fulfill our contractual obligations, such as: providing or receiving/receiving services to or from you; (ii) because you have given us your explicit consent or permission; (iii) for other legitimate business interests, explained as follows:

  • To engage with you to explore business opportunities;
  • To communicate and answer questions, comments about details, particularities, services that interest you;
  • For the announcement and facilitation of details, service particularities according to the preferences you have made known to us;
  • To provide you with electronic content and information about our services. We may ask you to indicate whether you would like further information and updates from us or our website, after which you will only receive further communications from us if you give us your consent. If you affirmatively opt-in to receive communications from Geostud and later change your mind, you always have the option to stop receiving emails or other information from us;
  • We may use lists of e-mail addresses of recipients who have consented to receive messages for the purpose of contacting potential customers who we believe would be interested in Geostud services. We will honor requests to stop these lists and ask those who have provided us with these lists to provide us with assurances that such contact information was provided to us only with the consent of the individuals who have it to receive our offers and information by email. We may also use demographic and preference information to enable the advertising of Geostud products and services to the users we believe will be most interested in them. This system is designed so that users see the advertisements that are likely to be of most interest to them, and advertisers deliver their advertisements to the people who are expected to be most receptive.
  • To send you various other offers, including presentations of our services by e-mail. We may also use lists received from third parties or public sources to send you such information. You have the option at any time to reject/stop receiving communications from our companies.
  • To improve the quality of our websites, features, products and services;
  • To increase the efficiency and impact of our customer service.

If you or the company you represent are a Visitor to the Website, we may use your information only with your explicit consent or permission to communicate with you, to send you advertisements, to improve our Website and services, and for other legitimate business interests, explained as follows:

  • To communicate, answer your questions or comments.
  • To provide you with electronic content and information, send you brochures, offers and other information about Geostud services. Once you have given us your permission, if you later change your mind, you always have the option to stop receiving any e-mail messages or information from us.
  • We may acquire and use lists of e-mail addresses of recipients who have consented to receive messages from us to contact potential customers who we believe would be interested in Geostud services. We will honor opt-out requests and ask those who have provided us with such lists to provide us with assurances that such contact information was provided to us only with the consent of the individuals who have it to receive our offers and information by email. We may also use demographic and preference information to enable advertising of Geostud services to users we believe may be interested in them.
  • To make you various other offers, including catalogs available by e-mail. We may also use lists received from third parties or public sources to send you such information. You have the option at any time to reject/stop receiving communications from our companies.
  • To improve the quality of our websites, features and services.
  • We use cookies to collect additional information about visitors to our website. For details please see Geostud Cookie Policy.

If you are a Job Candidate and/or interested in employment at Geostud, we may use your information, after you have given us your consent, to facilitate the recruitment procedure and job application, to communicate with you, to respond to your questions or comments, to provide you with updates and news or to notify you when vacancies arise in the company's organization chart that match your candidate profile (in case you have sent us a curriculum vitae).

Personal data such as Name, Surname, E-mail address, Telephone number, Address that we collect from you will be used for the following direct marketing purposes:

  • Ensuring access to information, tools, resources dedicated to GEOSTUD community members;
  • Providing additional information about our work and/or services;
  • Cookies with statistical analysis to improve the functioning of our website - Google Analytics;
  • Essential Cookies for compliance with legal requirements established in different jurisdictions around the world - Clym.

Name and surname, CNP, parents' surname and place of birth (only for training services cf OUG 129/2000), e-mail address, telephone number, for the purpose of contacting you in order to provide services (including training services authorized by ANC under OUG 129/2000, information and professional counseling services; labor mediation) and reporting to the control authorities in the field, to which we transfer your data according to the law, namely the Technical Secretariat of ANC, AJOFM.

Name and surname, Mailing address, Telephone number in order to forward to you the correspondence requested by you.

Data collected through the e-platform is stored on our internal server, thus applying the EU-US Privacy Shield principles.

Your consent is required in order for GEOSTUD to process your personal data, and it must be given explicitly. You can withdraw your consent at any time by requesting a withdrawal of consent form at the following e-mail address dpo@geostud.ro.

  1. WHY DOES GEOSTUD NEED TO COLLECT AND STORE THE INFORMATION PROVIDED BY YOU AND HOW LONG DOES IT KEEP IT?

GEOSTUD is obliged to process and store your personal data in order to provide you with legal and high quality services. During the provision of services, with your consent, we will transfer your data to third parties in order to fulfill legal obligations (ANAF, ANC, AJOFM).

We retain and store your personal information only as long as necessary for the purposes set out in this privacy statement. We also keep and use your personal information as long and to the extent necessary to comply with our legal obligations (e.g. taxes), to resolve a legal dispute, to exercise a legal right and/or perform contracts and agreements, to pursue our legitimate business interest or in accordance with the consent you have given us. All data we collect is retained in accordance with our record retention policy, which sets out specific retention periods in accordance with local regulations. You can obtain a copy of this policy by contacting the Data Protection Officer at: dpo@geostud.ro.

Your data will be kept for as long as required by law. Unless expressly stated otherwise, under secure conditions in accordance with ISO27001 and for a storage period in accordance with the Internal Data Retention Procedure, but not more than 10 years.

  1. WHO HAS ACCESS TO THE DATA PROVIDED?

Access to your personal data is granted to GEOSTUD employees or third party processors, as described in point 2 - Privacy Statement of this Policy. We do not give anyone access to your personal data without your consent.

We will never disclose or distribute your personal data to any third party that intends to use it for its own purposes, other than as required by law, and we will never sell your personal data.

We may distribute your personal data to vendors, suppliers, agents or other collaborators we engage to provide services on our behalf. When we distribute your personal information to other companies that provide services to us they are obligated not to use it for any other purpose and must keep it confidential, unless you explicitly decide or permit otherwise.

We may distribute or disclose your personal data to third parties along with other business assets if we sell the business, re-organize it, or otherwise act as permitted or required by law. In the event all or part of the business is sold or acquired by another party, or in the event of a merger, you give us the right to assign your personal data belonging to you to them. We may also distribute or disclose your personal information, including the content of your communications:

  • To comply with applicable law or to respond to legal process or legal requests, including from law enforcement and government agencies.
  • To conduct investigations following customer complaints or suspected violations of law, to protect the integrity of the website, to respond to your requests, or to cooperate in legal investigations.
  • To protect the proprietary rights of Geostud or our customers, including your exercise of the terms of use of our services.
  • To act in good faith in the event of the need to access or disclose personal data in order to protect the safety of associates, customers or the public.
  1. WHERE IS THE DATA YOU PROVIDE STORED?

The personal data provided is stored in the EEA territory in accordance with the requirements of the General Data Processing Regulation (EU GDPR).

Personal data collected through our website or received by Geostud from you or other third parties in connection with Geostud's business activities may be stored on servers and databases.

The personal data you provide to us may be sent abroad, but we collect, process and use it only in accordance with this privacy statement. Any and all of our service providers who maintain these servers and databases are contractually obliged to ensure that your data is handled in accordance with this statement, that they act only in accordance with Geostud's instructions and implement all technical and organizational measures to keep your personal data secure at all times.

Employment matters may also be transferred to any other member of Geostud. By visiting this website and submitting this information you consent to the collection, processing, transfer and/or storage of information about you.

8.COOKIES USED BY THE www.geostud.RO WEBSITE

This website uses cookies. Some of them are essential, while others help us to improve your online browsing experience.

Essential cookies help create a website by enabling basic functions such as navigating pages and accessing security areas of the website. The website cannot function properly without these cookies. They also help us comply with legal requirements such as GDPR.

Statistical cookies collect information about how visitors use a website. We use them to improve the functioning of our website. However, some of them may be third-party cookies, and the data they collect may be used for purposes unknown to us, as the website owner. Please see the privacy policy of the third party processors, namely Microsoft Corporation, JotForm, SpeedExam, Google Analytics and Clym.

Functional cookies allow the site to remember the choices you make and provide enhanced functionality (such as support). Some of them may be third-party cookies and the data they collect may be put to purposes unknown to us as the site owner. Please see the privacy policy of the third party processors, namely Microsoft Corporation, JotForm, SpeedExam, Google Analytics and Clym.

Social cookies allow us to use the buttons and widgets provided by social networking services and other third parties and the chat function. They set cookies, which allow visitors to post links, like or comment on a site through the network, or use the chat function through Facebook Messenger. They also allow visitors to be tracked on other sites that have the same types of built-in functionality. Please see privacy policy of the operator Facebook Inc.

Remarketing cookies to advertise on other websites to users who have visited www.geostud.ro. Google will display ads on websites that www.geostud.ro users visit, and Facebook will display ads on its platforms (Facebook, Messenger, Instagram). These displayed ads are based on a user's previous visits to www.geostud.ro using cookies. If you wish to opt out of the remarketing cookies used by Google, you can opt out of the Google Marketing Platform's use of cookies by visiting Google Marketing Platform opt-out page, Network Advertising Initiative opt-out page or Your Facebook Advertising Preferences.

  1. HOW WE RESPOND TO DO-NOT-TRACK SETTINGS

We do not have "Do Not Track" browser "Do Not Track" settings and we do not actually participate in any framework system that allows us to respond to your flags or other warning systems regarding the collection of personal information.

  1. THE SECURITY OF YOUR DATA

GEOSTUD has an Information Security Management System compliant with ISO/IEC 27001:2013. All employees are responsible for ensuring that all personal data that GEOSTUD holds and is responsible for is kept secure and not disclosed in any way to a third party, unless that third party has been specifically authorized by GEOSTUD to receive this information and has entered into a confidentiality agreement.

All personal data is accessible only to those who need to use it. All personal data is processed securely and stored as follows:

-in a locked room with controlled access and/or

-in a closed drawer/drawer and/or

-if they are kept on computers, stored and backed-up in the Cloud, protected by password and access rights in accordance with the organization's requirements in the Internal Access Control Policy and/or

-stored on (removable) media that is encrypted.

All employees have signed a user agreement before being allowed access to organizational information of any kind. As soon as records in physical format are no longer required by day-to-day customers, they are securely destroyed in accordance with internal procedure and applicable legislation.

Personal data may be erased or disposed of in accordance with the record retention procedure and in compliance with applicable legislation. Records in physical format that have reached their expiry date shall be destroyed, using a paper shredder of at least P3 level.

  1. PEOPLE'S RIGHTS

We strive to keep your personal data accurate and confidential. You can view, correct or update the data you submit to Geostud. For example, General Data Protection Regulation (GDPR) 2016. You can request to see what personal data we hold, have it amended or corrected, request to restrict its use or have it removed from our database if there is no legal basis for it to be processed and/or retained.

For automatically processed personal data, you may request that it be made available in a structured, commonly used and electronically readable format for possible transfer to another data processor. Your request will be processed within 30 calendar days of our receipt of Individual's rights of access to personal data form) and emailing it to: dpo@geostud.ro.

Access to your personal data is free of charge. If you are not given access within a reasonable period of time, we will provide you with a date by which you may do so. If for any reason we restrict your access, we will provide you with a written explanation of why we are doing so.

If you wish to access, update, amend, modify, delete, transfer, restrict or object to the processing of the personal information we hold about you in our database (subject to any applicable legal exception), please give us the instruction to stop further communication with you, and if you have any questions about our privacy statement, please contact our Data Protection Officer, the DPO, at: dpo@geostud.ro.

If the processing of your data is based on the consent you have given us, you also have the right to withdraw your permission by contacting us by e-mail at: dpo@geostud.ro.

Please note that withdrawing your permission will not affect the lawfulness of data processing up to that point, based on your consent prior to withdrawal. Where appropriate you have the right to lodge a complaint with your local data protection authority. We want to resolve any issues relating to our handling of your personal data and you can contact us at any time with any questions or concerns you may have.

 Data subjects have the following rights with regard to data processing and data records:

  • Request access to the information held and those to whom it has been disclosed.
  • Object to processing that could cause damage or harm.
  • Object to processing for direct marketing purposes.
  • Be informed about automated individual decision-making, including profiling.
  • The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subject or similarly significantly affects him or her.
  • Claim compensation if they suffer damage through any breach of the GDPR.
  • Take measures for rectification, blocking, erasure, including the right to be forgotten or destruction of inaccurate data.
  • Ask the supervisory authority to assess whether a GDPR provision has been breached.
  • The data subject shall have the right to receive the personal data concerning him or her which he or she has provided to the controller in a structured, commonly used and easily readable format and shall have the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided.
  • The data subject has the right to object to profiling without consent.

GEOSTUD assures data subjects that they can exercise these rights by sending a request to the e-mail address:  dpo@geostud.ro.

Thank you for being our customer!