English 
D.G.P.R.
General Regulation on the Protection of Personal
Data https://gdpr-info.eu
Personal Data Privacy Policy Introduction
Art. 1 in accordance with the provisions of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), issued by The European Parliament and the Council of the European Union, it is necessary to adopt and develop this privacy policy regarding the processing of personal data, related to the online payment platform owned by “Stefan cel Mare” University of Suceava, https://euro.taxeusv.ro/.
Art. 2 As a personal data operator, “Stefan cel Mare” University of Suceava, through the online payment platform https://euro.taxeusv.ro/, processes the data provided voluntarily or in whose possession it automatically comes into possession by visiting the website https://euro.taxeusv.ro/, in accordance with the General Data Protection Regulation and Law nr. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, under secure conditions, only for the purpose for which they were collected.
Art. 3 “Stefan cel Mare” University of Suceava, through the online payment platform https://euro.taxeusv.ro/, respects the confidentiality of all data, information related to the beneficiary registered on the website. At the same time, the information system has implemented adequate methods for the protection of personal data of beneficiaries, as well as for operations and transactions that the beneficiary performs through this platform.
Art. 4 Visiting the website or accessing it by you is subject to the “Privacy Policy” or the “Terms and Conditions of Use” regarding the storage, use, processing and porting of your personal data.
Art. 5 Also, visiting or accessing the website implies your explicit acceptance of the provisions of the “Privacy Policy”, respectively the “Terms and Conditions of Use” regarding the storage, use, processing and porting of your personal data.
Art. 6 By filling in the registration forms, respectively by continuing the transaction by using the “Submit” command, you expressly express your consent to the storage, use and processing of personal information by the authorized staff of the “Stefan cel Mare” University of Suceava, through the online platform https://euro.taxeusv.ro/.
Definition of terms
Art. 7 The terms used have the following definition, in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/CE (General Data Protection Regulation), but not limited only to the terms presented in Regulation (EU) 2016/679:
Personal data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing of personal data:means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Storage: keeping on any kind of support the collected personal data.
Confidentiality of personal data processing: refers to the protection of personal data against unauthorized access. Electronic files created, sent, received or stored on computer systems owned, administered or in the custody and control of Universităţii „Ștefan cel Mare” din Suceava, are the property of the institution in accordance with the provisions of the legislation in force. The user is personally responsible for the confidentiality of the data entrusted through the procedures for access to the online payment platform.
Integrity: refers to measures and procedures used to protect data against unauthorized alteration or destruction.
User: a person, an automated application or user process authorized by “Stefan cel Mare” University of Suceava, in accordance with the procedures and regulations in force, to use the online payment platform.
Operator: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor:natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Third party: any natural or legal person, private or public, including public authorities, institutions and their territorial structures, other than the data subject, operator or empowered person or persons who, under the direct authority of the controller or processor, are authorized to process data.
Data subject: natural person whose personal data are processed.
Consent: of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her in accordance with the General Data Protection Regulation.
To collect: receive personal data from data subjects through registration forms related to the online payment platform.
A uses: Use of personal data by and within the controller.
The online payment platform https://euro.taxeusv.ro/: represents the main means of online communication of “Stefan cel Mare” University of Suceava, between the beneficiary (student) and the bank.
General provisions
Art. 8 This privacy policy aims to guarantee and protect the fundamental rights and freedoms of individuals, especially the right to intimate, family and private life, with regard to the processing of personal data stored and processed by “Stefan cel Mare” University of Suceava, through the online platformhttps://euro.taxeusv.ro/.
Art. 9The personal data stored and processed, through the online platform, are those data filled in by the beneficiary in the registration forms (registration form for faculties / departments payments, dormitory fees, respectively other files).
Art. 10 The exercise of the rights provided in this privacy policy may not be restricted except in express and limiting cases provided by law.
Art. 11 This privacy policy is made on the basis of collaboration between public authorities, banking and educational institutions, regarding the access and use of the online payment service by its beneficiaries.
Art. 12 This online payment platform is a secure service developed by the institution’s staff and made available to university students to facilitate the possibility of online payment of various fees, thus avoiding a longer time spent at the counters of the institution’s cashiers, or banks.
Art. 13 At the same time, by choosing this method of payment of various fees, beneficiaries agree with the need to store and process personal data that each beneficiary has filled in the registration forms (registration form for faculties / departments, dormitory fees, respectively other fees).
Art. 14 In the same vein, the use of this online payment platform, by the beneficiary, is based on his consent to the processing of personal data, during studies, by completing and signing the study and/or accommodation contact, contracts involving the storage, use, processing and portability of personal data for various purposes (granting scholarships, issuing travel permits, providing medical services, access to the online service for payment of various tax categories, etc.).
Art. 15 “Ștefan cel Mare” University of Suceava, through the technical and organizational measures taken, guarantees the security of the storage and processing of personal data filled in the registration forms (faculties/departments payment registration form, dormitory fees, other fees), in accordance with the provisions of the General Regulation on the protection of personal data, respectively the legislation in force on computer systems.
Art. 16 Likewise, the “Ștefan cel Mare” University of Suceava administers in safe conditions, only for the purposes specified and provided for by law, the personal information you provide about yourself or another person.
Aplication domain
Art. 17 This privacy policy applies to the processing of personal data, carried out, in whole or in part, by automatic means, as well as to the processing by means other than automatic of personal data, which are part of a record system or which are intended to be included in such a system.
The objective of implementing the online payment platform
Art. 18 The objective of the implementation of such a service was the idea of an online transaction, intended to help the beneficiary (student) and also to save the time required for payments made at the institution’s or banks’ cashier counters.
The objective of the implementation of the privacy policy
Art. 19 This privacy policy describes the rights that the beneficiary of this platform has in relation to the use, access, modification and deletion of personal data.
Art. 20 The objective of this privacy policy is to implement the provisions of the General Regulation on the protection of personal data.
Art. 21 At the same time, through the implementation of a confidentiality policy related to the online financial service provided by the “Ștefan cel Mare” University of Suceava and Banca Transilvania, the safe conduct of financial transactions is aimed at.
Art. 22 This document describes the method by which personal data is stored, processed and transferred through the online payment platform. This information is taken from the tax registration forms (tuition fees, dormitory fees, other fees), completed by you for the purpose of financial transactions.
The objective of the implementation of the privacy policy
Art. 23 In accordance with the provisions of the General Regulation on the protection of personal data, respectively in accordance with the laws governing the telecommunications system, by using all the services made available through the online payment platform, you agree and accept the terms of this document and you agree to the storage, use, processing and porting of personal data, in accordance with the provisions of this policy. When you click the “Send” button, you agree to the policy of storing and processing the personal data filled in the form. Thus, you exercise your financial payment option online, to the detriment of the cash one at the cashier’s counters of the institution or banks.
Types of personal data stored and processed
Art. 24 Your personal data stored through the registration forms on the online payment platform are as follows:
Name
First name
CNP
Student ID
Form of education
Year of studies
Email address
Home address
Phone Number
Art. 25 The need to store and process all this personal information is important in order to carry out the online process of payment of study fees, accommodation or other types of fees. At the same time, this information is ported to the banking institution, in order to complete the online transaction process.
Art. 26 Completing the registration forms on the https://euro.taxeusv.ro/ platform does not require the completion of card data (card number, expiration date, card verification code). We are not responsible for the transactions made on the website – https://euro.taxeusv.ro/.
The need to implement the privacy policy
Art. 27 In accordance with the provisions of the General Regulation on the protection of personal data, the need to store, respectively process personal data is expressed:
“The processing of personal data to the extent strictly necessary and proportionate, in order to ensure the security of networks and information, namely, the ability of a network or an information system to face, at a certain level of confidence, accidental events or illegal or malicious actions that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted, as well as the security of related services offered by these networks and systems, or accessible through them, by public authorities, teams IT emergency intervention teams, intervention teams in the event of incidents affecting IT security, providers of electronic communications networks and services, as well as by providers of security services and technologies, constitute a legitimate interest of the data operator in question. This could include, for example, preventing unauthorized access to electronic communications networks and the dissemination of malicious code and stopping “denial of service” attacks, as well as preventing damage to computers and electronic communications systems.”
Method of collecting personal data
Art. 28 In order to offer financial payment services, “Ștefan cel Mare” University of Suceava stores and processes your personal data, which were filled in the registration forms.
Art. 29 At the same time, “Ștefan cel Mare” University of Suceava transfers your personal data to the banking institution with which it has a contract, in this case Banca Transilvania, in order to carry out the financial transaction process. The transfer of personal data is necessary so that the authorized staff of the banking institution can process this data in order to carry out the online payment process, respectively to provide the facilities related to the financial service (payment verification, payment execution, payment confirmation).
Art. 30 The collection of personal data is done through the information provided by you by filling in the forms on the platform. Personal data are stored and processed for the payment of the study fee, for the payment of the accommodation fee, respectively for other types of taxes (taxeusv.ro).
Art. 31 The online platform https://euro.taxeusv.ro/nu does not use cookies to track your browsing options, record searches or other potentially intrusive elements.
Sharing of personal data with third parties
Art. 32 “Ștefan cel Mare” University of Suceava, through the online payment platform, transfers your personal data to Banca Transilvania. They provide us with online payment services within the “Ștefan cel Mare” University in Suceava.
Art. 33 The personal data that the institution shares with the bank are the data that you fill in the registration forms. These completed data are either directly related to you (surname, surname, CNP, student ID, e-mail address, home address, telephone number), or in combination with other data, but which can lead to your person (form of education, year of studies).
Art. 34 In accordance with the provisions of the current legislation, “Ștefan cel Mare” University in Suceava can provide personal data to the Romanian state authorities. The legislation allows the institution, with the consent of its legal representative, to disclose your personal data without your consent, as follows:
On the basis of mandates or judicial or other decisions, respectively in order to comply with the law.
When a person’s rights, property, safety or security is at risk.
In the event that your actions are found to violate the provisions of this “Privacy Policy”, respectively “Terms of Use” or any other “legal rights”.
In other cases where the legislation in force requires or allows the porting of your personal data.
Period of storage of personal information
Art. 35 “Ștefan cel Mare” University of Suceava will keep personal information for as long as necessary in order to provide and develop the services and applications related to the online payment platform. The retention period of personal data can be extended as long as it is necessary to fulfill legal obligations, to resolve disputes or to perform contracts.
Your rights to personal data
Art. 36 Beneficiaries of the online payment platform, according to the General Regulation on the protection of personal data, have the following rights:
The right of access (art. 15 of the Regulation) – you have the right to obtain confirmation of the processing of personal data by the “Ștefan cel Mare” University of Suceava and the right of access to the respective data.
The right to rectification (art. 16 of the Regulation) – you have the right to obtain from the “Ștefan cel Mare” University of Suceava, the rectification of your inaccurate personal data. Taking into account the purposes for which the data were processed, you have the right to obtain the completion of data that is incomplete.
The right to delete the data “the right to be forgotten” (art. 17 of the Regulation) – in situations where: 1) the data are no longer necessary to fulfill the purposes; 2) you have withdrawn your consent and there is no other basis for processing; 3) you object to the processing and there are no overriding legitimate grounds for the processing; 4) if your personal data has been processed illegally, you have the right to obtain the deletion of your data. In the situation where the beneficiary wishes to delete personal data, the institution reserves the right to interrupt the provision of services to the beneficiary, as the conditions necessary to ensure the security of IT systems and electronic transactions cannot be met.
The right to restriction of processing (art. 18 of the Regulation) – you have the right to obtain the restriction of the processing of personal data by the “Ștefan cel Mare” University of Suceava, in the situation where one of the following cases applies: 1) you dispute the accuracy of the data, for a period that allows verification of their accuracy; 2) the processing is illegal, and you object to the deletion of personal data, requesting, instead, the restriction of their use; 3) “Ștefan cel Mare” University of Suceava no longer needs your personal data, but you request to keep them only for establishing, exercising or defending a right in court; 4) you objected to the processing in accordance with art. 21 paragraph (1) of the Regulation, for the period of time in which it is checked whether the legitimate rights of the “Ștefan cel Mare” University in Suceava prevail over your rights.
The right to data portability (art. 20 of the Regulation) – you have the right to receive the personal data that concern you and that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another operator, if: 1) the processing is based on consent pursuant to art. 6 para. (1) lit. (a) or of art. 9 para. (2) lit. (a) from the Regulation or on a contract pursuant to art. 6 para. (1) lit. (b) from the Regulation; 2) the processing is carried out by automatic means.
The right not to be the subject of a decision based exclusively on automatic processing (art. 22 of the Regulation) – you have the right not to be the subject of a decision that evaluates personal aspects concerning you, which is based exclusively on automatic processing and produces legal effects that concern you or similarly affect you to a significant extent, such as your performance at work. This right cannot be invoked if the decision: 1) is necessary for the execution of a contract between you and “Ștefan cel Mare” University of Suceava; 2) is authorized by Union law or domestic law that applies to the operator and that also provides for appropriate measures to protect the rights, freedoms and legitimate interests of the data subject; 3) is based on your explicit consent.
The right to withdraw consent (art. 7 para. (3) of the Regulation) – if the processing is based on consent, you can withdraw your consent at any time through an express request. Also, as stated in the “Right to delete data”, the institution reserves the right to interrupt the provision of services to the beneficiary, as the conditions necessary to ensure the security of IT systems and electronic transactions cannot be met.
Art. 37 In the situation where you consider that your rights, regarding the processing of your personal data, have been violated, you have:
The right to submit a complaint to the National Supervisory Authority for the Processing of Personal Data;
The right to appeal to the competent court.
Art. 38 In order to request access to personal data, the beneficiary or his legal representative must make a written address to the institution’s legal representative. The data will only be transmitted to these persons or entities according to the legislation and security conditions regarding the transfer of personal data.
Transfer of personal data
Art. 39 “Ștefan cel Mare” University of Suceava, through the online payment platform website – https://euro.taxeusv.ro/, does not transfer your data to countries within or outside the European Union, except in the cases expressly provided by law or when this is necessary from the point of view of the purpose of collection. If there are any changes, we will inform you accordingly.
The consequences of not providing the requested personal data
Art. 40 In the event that a beneficiary of the online payment platform website – https://euro.taxeusv.ro/ refuses to provide certain essential information for the purpose of processing the registration form, “Ștefan cel Mare” University of Suceava reserves the right not to comply with the visitor’s request.
Privacy of personal data related to minors
Art. 41 Personal data related to minors are not requested. Persons under the age of 16 must not submit personal data without the consent (consent) of their parents or guardians. No such data is intentionally collected and disclosed to third parties.
The commitment of the institution regarding the security of personal data
Art. 42 “Ștefan cel Mare” University from Suceava, through its authorized staff, has implemented procedures and taken technical-organizational measures to increase the level of security in order to protect the data of the beneficiaries sent through the registration forms, from the online payment platform https://euro.taxeusv.ro/. Thus, the appropriate level of security is ensured against accidental or illegal destruction, loss, modification, disclosure or unauthorized access to your personal data. Art. 43 However, with all these procedures and measures taken by the institution’s authorized staff, the absolute security of your personal data cannot be guaranteed. It cannot be guaranteed that communication lines cannot be illegally intercepted or that personal data will not be illegally accessed by third parties.
Links to external websites
Art. 44 The online platform https://euro.taxeusv.ro/ does not contain links to external websites.
Exercise of rights
Art. 45 If you have questions or concerns regarding the processing of your personal data or wish to exercise your legal rights in relation to the data we hold, you can contact the person in charge of personal data processing of the “Ștefan cel Mare” University in Suceava, at the e-mail address: office.taxeusv@usm.ro and the correspondence address: Universitatea “Ștefan cel Mare” in Suceava, str.Universității, no.13, code 720229 ,
Art. 46 The legal deadline for responding to these requests is 30 days, with the possibility of extension.
Changes to this Privacy Policy
Art. 47 “Ștefan cel Mare” University of Suceava reserves the right to modify this privacy policy, depending on the needs and legislative regulations.
Art. 48 Any modification of this privacy policy will be posted on the website https://euro.taxeusv.ro/, before its application.
Contact details of the Data Protection Officer
Art. 49 The person responsible for the protection of personal data at the level of the “Ștefan cel Mare” University in Suceava can be contacted at the following e-mail address: office.taxeusv@usm.ro and the correspondence address: “Ștefan cel Mare” University in Suceava, 13 University str., code 720229,
Document version: 1.0