Personal Data Protection Policy

We guarantee that:

1. We process your data exclusively for delivering, improving, and ensuring the services we provide
2. Your data is securely stored in a protected environment
3. Personal data is strictly confidential and will not be disclosed to third parties.

We use the data we collect for:

Providing and managing services, including displaying personalized content and facilitating communication with other users;

Facilitating the technical operation of services, including troubleshooting issues, ensuring service delivery, and preventing fraud and abuse;

Processing registrations and orders for courses, products, services, etc., and communicating with you to respond to your questions and requests.

Sending administrative messages and information, including messages from trainers and facilitators, notifications about changes to our services, and updates to our agreements;

Sending information and messages regarding progress in courses, benefits, new services, new features, promotions, informational messages, and other available courses (messages you can unsubscribe from at any time);

Requesting feedback and understanding your needs using analytics service providers;

Identifying unique users;

Improving our services and developing new products, services, and features;

Analyzing trends and traffic on websites or promoting our services on websites and applications;

User preferences for the language displayed on the site

PERSONAL DATA PROTECTION POLICY

The European Union law regarding personal data protection, the 'General Data Protection Regulation' (hereinafter referred to as 'GDPR') came into force on May 25, 2016, but becomes effective starting May 25, 2018.

Protecting your personal data is important to us; therefore, we pay special attention to protecting the privacy of visitors accessing any of the marweb.ro websites (hereinafter referred to as {brand}), in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as 'GDPR').

Please pay special attention to reading the following Policy (hereinafter referred to as 'DPP') to understand how your information ('personal data') will be treated.

The DPP explains MarWeb's practices regarding the application of GDPR provisions, as well as the rights you have regarding how your information is used through MarWeb applications.

The processing of personal data carried out by MarWeb will always be in accordance with GDPR provisions and the specific personal data protection regulations of each country where MarWeb operates.

Through the DPP, MarWeb aims to inform visitors about the nature of personal data we collect and process, as well as the purposes of processing. Additionally, visitors to the websites are informed through the DPP about the rights they hold.

WHO ARE WE?

SPEEDY BIKES SRL, Tax ID:41397812, J08/2387/2019, registered office:Str. ZAHARIA STANCU, nr.6F,bl. 16 et.3, ap.306

WHAT IS PERSONAL DATA?

'Personal data' means any information that can directly identify you (e.g., your name) or indirectly identify you (e.g., through pseudonymous data such as a unique identification number).

This means personal data includes things like address, first and last name, gender, date and place of birth, civil status records, telephone/fax, address (domicile/residence), email, profession, workplace, professional training, family status, economic-financial situation, data about owned assets, habits/preferences/behavior, image, voice, personal preferences and shopping habits, user-generated content, financial information, and information about financial status.

It may also include unique numerical identifiers such as your computer's IP address or your mobile device's MAC address, as well as cookies.

WHAT DOES PROCESSING PERSONAL DATA MEAN?

'Processing' means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

DATA PROCESSING PRINCIPLES

MarWeb commits to complying with the personal data protection principles (hereinafter referred to as 'Principles') set forth by GDPR to ensure all data is:

1. Processed fairly, lawfully, and transparently;
2. Collected for specified, explicit, and legitimate purposes;
3. Adequate, relevant, and limited to what is necessary for the purposes for which they are processed;
4. Accurate and kept up to date;
5. Retained in a form that permits identification of data subjects for no longer than necessary;
6. Processed in accordance with the data subject's rights, ensuring appropriate processing security so that data remains integral, confidential, and available.

WHAT TYPE OF PERSONAL DATA WE COLLECT

Personal data means any information about you that allows us to identify you, such as your name, contact details, booking reference number, payment details, and information about your access to our websites.

We may collect personal data from you when you book a spot to attend events (directly or indirectly through our trusted partners), when you create an account, when you use websites and/or apps and other sites accessible through the website and/or app, when you participate in a survey or contest, or when you contact us.

Specifically, we may collect the following categories of information:

1. Name, home address, email address, telephone number, city;
2. Detailed participant information, including name, date of birth, gender, ID card number;
3. Medical conditions for participants with special medical needs and/or dietary requirements;
4. Participation history, including information about your courses and services booked in relation to your courses;
5. Information about your purchases of products and services;
6. Information you provide about your participation preferences and those of your companions in MarWeb programs and courses;
7. Information about your use of our websites and/or apps;
8. Communications you make with us or direct to us via letters, emails, chat services, calls, and social networks.
9. Location, including real-time geographic location of your computer or device via GPS and your IP address, along with Wi-Fi hotspot and GSM locations, if you use location-based features and enable Location Services settings on your device and computer.

Personal details about physical or mental health are considered 'sensitive' personal data under applicable data protection laws. We will only process such data if you have given explicit consent or if it is necessary (e.g., if you request special assistance) or if you have deliberately made this data public.

DATA WE NEVER STORE

The Customer/User/Buyer's payment card data will not be accessible or stored by MarWeb, but only by the Transaction authorization institution or another entity authorized to store card identification data services, about which the Customer/User/Buyer will be informed prior to entering the data.

3D Secure means a new global approach to authenticating buyers and sales in secure Internet transactions. This security measure involves redirecting the user at the time of payment to a secure page, where each cardholder is registered by assigning an authorization code for each online transaction. Accepted payment cards are those issued under VISA (Classic and Electron) and MASTERCARD (including Maestro, if they have a CVV/CV2 code).

WHY WE USE YOUR PERSONAL DATA, WHY AND FOR HOW LONG

Your data may be used for the following purposes:

1. To provide the products and services you request: we use the information you provide to perform the services you requested regarding your participation, including requested changes related to courses;
2. To contact you in case of schedule changes or cancellations: we send you information regarding the services you requested and any changes to these services. This information is non-commercial, and you cannot unsubscribe from it;
3. We use your payment information for accounting, billing, and auditing purposes and to detect and/or prevent any fraudulent activities;
4. For administrative or legal purposes: we use your data for statistical and marketing analysis, system testing, customer satisfaction studies, maintenance and development, or to resolve a dispute or claim. Note that we may perform data profiling based on data we collect from you for statistical and marketing purposes. Any profiling activity will only be carried out with your prior consent and making every effort to ensure all data on which it is based is accurate. By providing any personal data, you explicitly agree that we may use it to conduct profiling activities in accordance with this Privacy Policy;
5. Security, health, administration, crime prevention/detection: we may disclose your information to government authorities or law enforcement agencies to comply with legal requirements;
6. For Customer Service communications: we use your data to manage our relationship with you as a customer and to improve our services and your experience with us;
7. To provide personalized services: we use your data to provide information we believe may interest you before, during, and after your participation, and to personalize the services we offer you;
8. Marketing: occasionally, we will contact you with information about promotional courses and auxiliary products through online communications. However, you will have the option to subscribe or unsubscribe from such communications, indicating this at the booking stage. Also, in any online communication from us or our trusted partners, you will have the opportunity to indicate that you no longer wish to receive our direct marketing materials.

We will only process your personal data if we have a legal basis to do so. The legal basis will depend on the reasons why we collected and need to use your personal data.

We may also process your personal data in one or more of the following cases:

• To comply with a legal obligation (e.g., accounting requirements);
• You have given us consent to use your personal data (e.g., for commercial purposes);
• To protect your vital interests or those of another person (e.g., in a medical emergency);
• It is part of our legitimate interests in operating as a marketing agency (e.g., for administrative purposes).

Only children aged at least 16 can give consent. For children under this age, the consent of parents or legal guardians of the children is required.

We will not retain your data longer than necessary to fulfill the purpose for which it is processed. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes by other means.

We must also consider periods for which it might be necessary to retain personal data to fulfill our legal obligations or to handle complaints, inquiries, and to protect our legal rights in the event of a claim.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider whether and how we can minimize over time the amount of personal data we use and whether we can anonymize your Personal Data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

DATA RETENTION PERIOD

MarWeb may retain processed data for different periods of time, deemed reasonable according to the purposes mentioned above. We retain your data only for the period necessary to achieve the purpose for which we hold the data, to satisfy your needs, or to fulfill our legal obligations.

To know how long your data may be retained, we use the following criteria:

1. When you purchase products and services, we retain your personal data for the duration of our contractual relationship;
2. If you participate in a promotional offer, we retain your personal data for the duration of the promotional offer;
3. If you contact us with a question, we retain your personal data for the time necessary to process your inquiries, but no longer than 5 years from the last correspondence sent;
4. If you create an account, we retain your personal data until you request deletion or after a period of inactivity (without active interaction with our brands) defined according to local regulations and guidelines. In this regard, we note that data processed for this purpose will be deleted 5 years after the last interaction with the user account (e.g., login to your account);
5. If you have given consent for marketing, we retain your personal data until you unsubscribe or request deletion or after a period of inactivity (without active interaction with our brands), defined according to local regulations and guidelines. In this regard, we note that data stored in our databases for direct marketing communications purposes are deleted from these databases' records 5 years after the last interaction with you;
6. If cookies are stored on your computer, we retain them for as long as necessary for them to achieve their purposes (e.g., during a session for shopping cart cookies or session ID cookies) and for a period defined according to local regulations and guidelines. In this regard, we note that data processed through cookies used for online behavioral advertising, to personalize our services for you, and to allow sharing our content on social media sites (share buttons for displaying the site), will be retained for a maximum of 5 years from collection, based on your consent.

PROCESSING SECURITY

MarWeb has adopted technical and organizational data processing measures, updated according to GDPR requirements, to protect your personal data against any unauthorized access, misuse, transmission, unauthorized alteration, destruction, or accidental loss. All MarWeb employees and collaborators, as well as any third parties acting on behalf and for MarWeb, are required to respect the confidentiality of your information and GDPR requirements, in accordance with the provisions of this Policy.

SECURITY OF YOUR PERSONAL DATA

We follow strict security procedures in storing and disclosing your personal data to protect them against accidental loss, destruction, or damage. The data you provide is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method for encrypting personal information and data to ensure secure transfer over the internet.

All registration details are transmitted via an SSL connection using dedicated network infrastructure (Multiprotocol Label Switching - MPLS) and stored in compliance with Data Security Standards.

We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in accordance with Irish and EU data protection legislation.

PROCESSING CONTACT OR REGISTRATION FORMS

MarWeb will use the information you provide in the corresponding contact section on the site exclusively to process your request.

By providing any personal data through MarWeb sites, you understand and agree that your data will be processed in accordance with the provisions of MarWeb's DPP.

Please note that to process your requests submitted in the registration section, in certain circumstances, we may be required to transmit your data to partners with whom MarWeb collaborates and/or other MarWeb service providers.

However, MarWeb has adopted appropriate technical and organizational measures to ensure the security of data transfer, as well as the processing in accordance with GDPR requirements of your data by the aforementioned entities.

MarWeb undertakes not to process personal data provided for any purpose other than that for which it was transmitted, except where there is your express consent to use it for other purposes.

PROCESSING PERSONAL DATA IN PARTNERSHIP

Some personal data processed through the MarWeb site may be transferred to third parties only if there is your express consent to do so, except where there is a legal obligation for MarWeb to proceed in this manner.

The MarWeb site may contain links to other sites whose data processing policies may differ from those of MarWeb.

Please note and review the personal data protection policies of other sites; MarWeb cannot assume responsibility for information collected by these third parties.

RELATIONSHIPS WITH OTHER OPERATORS

Depending on the context, we may find ourselves in the absolute need to provide information at a higher level, both globally and internally or externally, to our partners and those with whom we transfer data, while respecting the aforementioned Regulation, to ensure the provision of the most professional services possible. Information controlled by MarWeb may be transferred, transmitted, stored, and processed in the EU or in countries other than your country of residence, for the purposes described in this policy. These data transfers are necessary to provide services at the highest level and to continue providing our materials to you at the best professional level. We use standard contractual clauses approved by the European Commission and rely on adequacy decisions issued by the European Commission regarding certain countries, as appropriate, regarding data transfers from the EEA to the United States and other countries.

AUTOMATIC DATA PROCESSING. COOKIES

The MarWeb site uses Cookie-type identifiers. In this regard, you can consult our Cookie Policy below and exercise your right to disable Cookies.

RIGHTS OF DATA SUBJECTS

Under GDPR, you have several rights regarding the personal data MarWeb processes:

1. Right to access processed data - You have the right to access the personal data we hold. The first provision of information will be free of charge. If you require additional copies of information already provided, we may charge a reasonable fee considering administrative costs. Manifestly unfounded, excessive, or repeated requests may not receive a response.
2. Right to rectification of data - You have the right to request that your Data be rectified if inaccurate or outdated and/or completed if incomplete. If you have an account, it may be easier to correct your own data through the 'My Account' function or by email at alexandru@marweb.ro
3. Right to erasure of data ('right to be forgotten') - In some cases, you have the right to obtain the erasure or destruction of your Data. This is not an absolute right, as sometimes we may be forced to retain your Data for legal or judicial reasons.
4. Right to restriction of processing - You have the right to request restriction of processing of your Data. This means that processing of your Data is limited so we can retain the Data but not use or process it. This right applies in specific circumstances provided by the General Data Protection Regulation, namely:
   • The accuracy of the Data is contested by the data subject (i.e., you), for a period allowing the controller (i.e., {brand}) to verify the accuracy of the Data;
   • Processing is unlawful and the data subject (i.e., you) opposes erasure of the Data and requests restriction of its use;
   • The controller (e.g., {brand}) no longer needs the Data for processing, but it is required by the data subject (i.e., you) for the establishment, exercise, or defense of legal claims;
   • The data subject (i.e., you) has objected to processing based on legitimate grounds by the controller (in this case {brand}), pending verification whether the controller's legitimate grounds ({brand}) override those of the data subject (i.e., you).
5. Right to data portability - You have the right to move, copy, or transfer data of interest to you from our database to another. This only applies to data you have provided, when processing is based on your consent or on a contract and is carried out by automated means.
6. Right to object - You may object at any time to the processing of your data when such processing is based on legitimate interest.
7. Right to withdraw consent at any time - You may withdraw your consent regarding the processing of your data when such processing is based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
8. Right to lodge a complaint with the competent supervisory authority - You have the right to file a complaint with the data protection authority in your country of residence or domicile to challenge the data protection practices offered by MarWeb.
9. Right to object to processing of your data for direct marketing purposes - You may unsubscribe or opt out of our direct marketing communication at any time. It is easier to do this by clicking the 'unsubscribe' link in any email or communication we send you.
10. Right to object to processing of your data by us when we carry out actions in the public interest or in our legitimate interests or those of a third party - You may object at any time to the processing of your data when such processing is based on legitimate interest.
11. Right to disable Cookies - You have the right to disable cookies. Settings in Internet browsers are usually set by default to accept cookies, but you can easily adjust them by changing your browser settings.

You can exercise these rights, either individually or cumulatively, very easily by simply submitting a request to our office at Str. ZAHARIA STANCU, nr.6F,bl. 16 et.3, ap.306, or by email at: alexandru@marweb.ro

LEGAL REQUESTS

We access, retain, and provide your information to regulatory agencies, law enforcement, or other entities:

1. In response to a legal request when we believe in good faith that the law requires us to do so. We may also respond to legal requests when we believe in good faith that the response required by the laws of that jurisdiction affects users in that jurisdiction and is consistent with internationally recognized standards.
2. When we believe in good faith that it is necessary to: detect, prevent, and respond to fraud, unauthorized use of any material owned by us, violations of our terms or policies, or other harmful or illegal activities, to protect ourselves (including our rights, property, or materials), you, and others, including as part of investigations or inquiries by regulatory authorities, or to prevent imminent death or bodily injury. For example, where relevant, we provide information to and receive information from third-party partners about the reliability of your account to prevent fraud, abuse, and other harmful activities within and outside our materials.

Information we receive about you may be accessed and retained for a longer period when subject to a legal request or obligation, government investigation, or investigations into possible violations of our terms or policies, or otherwise to prevent harm.

LIMITATION OF LIABILITY

The marweb.ro website may contain links to other websites and/or other web pages not owned by MarWeb. MarWeb assumes no responsibility for the content of these sites and therefore cannot be held liable for the content, advertising, goods, services, software, information, or other materials available on or through these sites. MarWeb shall not be liable for loss of personal data, any negative effects on visitors' personal data, or other moral and/or property damages caused by accessing such sites.

UPDATING THE PERSONAL DATA PROTECTION AND PROCESSING POLICY

Please note that this Policy may be subject to periodic content updates through the marweb.ro website.

We will notify you before making any changes to this Policy and give you the opportunity to review the revised DPP before choosing to continue using our materials.

Please do not continue to use MarWeb sites if you do not agree with such changes. We also recommend checking this page for any updates.

The terms of the DPP shall be interpreted in accordance with applicable law.

CONTACT

If you have questions or concerns about how we treat and use your personal data, or wish to exercise any of your rights, please contact us at alexandru@marweb.ro