Privacy Policy
Effective Date: 01-Nov-2023
​
At ACCESS A SEAT, we're proud to introduce our Hot desk Booking Application, designed with your employees in mind, prioritizing data privacy and security. Our goal is to empower your employees, making it easy for them to match their schedules to the office spaces they need, all while giving you full control over the process of locating, booking, and monitoring office space usage.
ACCESA ("we," "us," or "our") is committed to protecting the privacy and security of your personal data, as well as your rights and freedoms of data subjects, according to the European General Data Protection Regulation (GDPR). The core principles of personal data processing: lawfulness, transparency, purpose limitation, data minimization, accuracy, storage limitation, confidentiality, integrity, and accountability, underlie our business activities.
Why Your Privacy Matters to Us
We value your privacy and want you to feel confident when using our application. This Privacy Policy is here to help you understand how we collect, use, and protect your data.
Data Controller
We are ACCESA IT SYSTEMS, a leading tech company that fosters an environment where our teams and partners thrive and have an impact in the community. We provide a various range of services for our clients like Cloud Solutions, Process Automation Platforms & AI Custom Software Development Operations & Support.
​
Contact Details
Visiting Address: Constanta 12, Platinia Office, 400158 Cluj-Napoca, Romania
Phone: +47 22 83 39 50
Email: hello@accesa.eu
Website: https://discover.accesa.eu/
​
Contact Us
If you have any questions, concerns, comments, or requests regarding this Privacy Policy or our data practices, please contact us to dpo@accesa.eu.
This chapter pertains to all email exchanges with us.
-
What Information Do We Collect and How?
-
Why We Use Your Information and How We Do It Legally?
-
Third-Party Services and Tools
-
How Long Do We Keep Your Data?
-
Automated Decision and Profiling
-
What Information Do We Collect and How?
We gather personal data to facilitate secure and efficient email exchanges. If you share data about others, you must confirm their consent.
We collect data through Direct Collection and include Personal Data you provide during email exchanges, including names, contact details, professional information, and email content.
What categories of data are processed?
Data processed during email exchanges may vary based on the interaction and shared information and may include the following categories of data:
Identification Information
Your name, contact details (like phone and mailing addresses), and any other personal information shared during email exchanges, like employee IDs, and usernames.
Professional Information
Job titles, company names, industry affiliations, professional qualifications, and business contact information.
Communication Data
The content of emails exchanged, including text, attachments, documents, images, and any other information shared during our correspondence.
Communication Metadata Logs and IT Usage Data
To investigate and document incidents, check phishing emails, and maintain security, we may collect logs and other IT usage data related to email communications. This data may include timestamps, email addresses, and subject lines related to our email communications, server logs, IP addresses, device information, email delivery logs, metadata related to email exchanges, and information for security monitoring and incident response.
Financial and Transaction Data (if relevant)
Billing information, financial transaction records, payment details, bank account and invoices related to professional agreements, order histories, and details of products or services discussed during email exchanges.
Other necessary data
Depending on your interactions, we might process additional personal data, such as information related to our professional agreements, project details, event information, or contractual terms and any other data relevant to our professional relationship.
Providing Personal Data for Email Communication
Usually, you initiate email communication, providing data voluntarily. While not obligatory, omitting certain data may affect communication effectiveness and our ability to assist. We handle data in compliance with privacy laws.
Why We Use Your Information and How We Do It Legally?
We use your data during email exchanges for various purposes, outlined with legal bases and data categories:
Purpose
Details on the Purpose
Legal Base
​
Email Communication
To facilitate email communication and correspondence between you and our company.
To communicate with you efficiently and effectively through email for business-related matters.
Contract execution
Steps to enter a contract.
Legitimate interest
Regulatory Compliance
To comply with legal obligations, including record-keeping, regulatory requirements, and responding to legal requests.
Legal obligation
Responding to Inquiries
To respond to inquiries, questions, or requests made via email.
Contract execution
Steps to enter a contract.
Legitimate interest
Newsletters and Updates
To send newsletters, updates, or promotional materials related to our services or products.
Consent
Customizing User Experiences
To personalize and improve your user experience based on your email interactions.
Legitimate interest
Research and Development Business Analytics and Reporting
We use aggregated data for business analytics, reporting, and performance assessment, for research and development purposes to enhance our services and activity and to monitor our business operations.
Legitimate interests
Fraud Prevention, Incident Investigation, Security Monitoring
We may process email, IT usage data and logs to prevent fraud and investigate/document incidents, unauthorized access, phishing, and security breaches.
Legal obligations
Legitimate interest
Dispute Resolution
To facilitate resolution, investigations, or legal proceedings in the event of disputes arising from our cooperation.
To establish, exercise, or defend our legal rights.
Legitimate interest
Complaints Resolution, Data Subjects Requests
To address and resolve complaints or concerns raised by you or third parties regarding our services, processes, or treatment of personal data and to respond to data subjects’ requests.
To document and respond complaints and data subjects’ requests, and/or
To establish, exercise, or defend our legal rights.
Legal obligations
Legitimate interest
Improving Services, Business Development
To monitor the quality of our services, identify areas for improvement, enhance the overall user experience, identify potential business opportunities, collaborations, or partnerships.
Legitimate interest
Internal/External Audit
Compliance Monitoring
To conduct internal and external audits and ongoing compliance monitoring to ensure that our organization adheres to regulatory requirements, policies, and internal standards.
Legal Obligation and/or
Legitimate Interests
Risk Management and Control Activities
To assess, manage, and control risks related to data security, privacy, and compliance.
Ensuring proper risk management, sustainability, and compliance of our operations.
Legitimate Interest
Please note that the specific purposes and legal bases for processing may vary depending on the circumstances and your interactions with us. We process data fairly and lawfully, respecting your privacy rights.
Third-Party Services and Tools
We may utilize various third-party tools and services to optimize our email exchange process, ensuring efficient communication and security. These tools may have access to email content or metadata to provide their services. We carefully select and work with trusted third-party providers who comply with data protection standards and confidentiality requirements.
How Long Do We Keep Your Data?
We retain data for email communication, mainly up to 3 years after email exchange completion for legal and dispute resolution purposes. Retention periods may vary based on the specific purposes and regulations. We comply with legal obligations and prioritize data security. You have rights over your data; details in "Your Rights" section.
​
Automated Decision and Profiling
Our primary focus is on data collection for email communication, security, and analytics, and we do not engage in any automated decision-making processes that could impact your rights and freedoms.
Profiling may occur for Security Risk Profiling to safeguard email exchange security. We process data to identify potential security threats, ensuring email communication safety. Profiling adheres to data protection laws, and you can object to it.
The processing helps us proactively respond to security incidents, investigate security breaches, and maintain the confidentiality and integrity of email communications.
The logic is to provide a safer, more transparent, and efficient environment to engage in professional relationships. The significance lies in improved security. The envisaged consequences are generally positive and aim to enhance the overall experience and outcomes for our communication.
If you have any concerns or questions about automated decision-making or profiling in our company, please do not hesitate to contact us using the contact details provided in the "Contact Us" section of this Privacy Policy.
​