Politica de protectie a datelor (GDPR)
Documentul explica ce date prelucram, in ce scop, pe ce temei legal, cui le divulgam si ce drepturi aveti conform Regulamentului (UE) 2016/679.
Data Protection Policy (GDPR)
This document explains what data we process, for which purposes, under which legal basis, with whom we share it, and your rights under Regulation (EU) 2016/679.
Operatorul de date este Organizatia Studenteasca de Medicina de Urgenta (OSMU), cu sediul in Str. Gheorghe Marinescu nr. 50, Targu Mures, Romania, CIF 18816690, autorizatie JC 64/2006.
Prelucrarea datelor se realizeaza conform Regulamentului (UE) 2016/679 si legislatiei nationale aplicabile.
Autoritatea de supraveghere competenta: ANSPDCP.
Datele sunt furnizate direct de utilizator (formulare de cont/inscriere/abstract) si colectate automat la nivel tehnic (loguri/cookies), dupa caz.
- Date de identificare: nume, prenume.
- Date de localizare: tara, judet, oras.
- Date de contact: e-mail, telefon (dupa caz).
- Date profesionale/academice: institutie/spital, universitate, facultate, an de studiu, specialitate, grad profesional, afiliere (dupa caz).
- Date operationale de participare: tip bilet/pachet, status plata, participare activa sau pasiva, optiune Gala Dinner.
- Date logistice: marime tricou pentru welcome kit (unde formularul solicita acest camp).
- Identificatori profesionali: CNP, CUIM, parafa sau alti identificatori echivalenti, doar unde sunt necesari pentru acreditare EMC/CME, obligatii legale sau validari profesionale.
- Date tehnice: IP, browser, dispozitiv, date de trafic.
- Date pentru cont, inscriere la congres, workshopuri si activitati stiintifice.
- Date din abstracte, lucrari sau comunicari stiintifice (inclusiv autori/afiliere/continut incarcat de utilizator).
Atentie: datele introduse in abstracte pot include informatii clinice. Daca un pacient poate fi identificat direct sau indirect, acestea pot reprezenta date personale privind sanatatea (categorie speciala de date).
Anumite date sunt obligatorii pentru crearea contului, validarea platii, emiterea documentelor fiscale si, unde este cazul, validari profesionale/acreditare. Lipsa acestor date poate limita sau bloca furnizarea serviciilor.
Datele sunt prelucrate pentru organizarea si administrarea CongrEMs, comunicari oficiale, newsletter, securitatea platformei, managementul inscrierilor si documentelor de participare.
Temeiuri legale (GDPR): art. 6 alin. (1) lit. a (consimtamant), lit. b (executarea contractului/demersuri precontractuale), lit. c (obligatie legala), lit. f (interes legitim).
Pentru cookie-uri non-esentiale si newsletter, prelucrarea se bazeaza pe consimtamant explicit, separat de acceptarea termenilor de participare.
Pentru date speciale (de exemplu, date de sanatate ce pot rezulta din continutul abstractelor), se aplica suplimentar unul dintre temeiurile din art. 9 GDPR, unde este necesar.
Nu folosim profilare sau decizii automatizate care sa produca efecte juridice asupra persoanei vizate.
Newsletter-ul este gestionat prin MailPoet, exclusiv pe baza consimtamantului, cu posibilitate de retragere oricand.
Site-ul foloseste cookie-uri necesare si analitice (Sourcebuster), conform politicii de cookies: https://congrems.ro/cookie-policy/.
Putem colabora cu imputerniciti (IT, hosting, e-mail, newsletter, plati, consultanti), doar in limita necesara si cu garantii GDPR.
Transferurile in afara UE/SEE, daca apar, se fac doar in conditiile prevazute de GDPR (de ex. decizie de adecvare sau clauze contractuale standard).
Aveti drepturile GDPR: acces, rectificare, stergere, restrictionare, opozitie, portabilitate, retragerea consimtamantului.
OSMU implementeaza masuri tehnice si organizationale adecvate pentru securitatea datelor.
Datele se pastreaza pe durata necesara scopurilor legitime/legale, apoi se sterg sau anonimizeaza conform politicilor interne si obligatiilor legale (inclusiv arhivare fiscal-contabila, unde este cazul).
Pentru solicitari GDPR: secretariat@congrems.ro
Daca apreciati ca drepturile v-au fost incalcate, puteti formula plangere la ANSPDCP.
Politica extinsa: https://congrems.ro/privacy-policy/
The data controller is the Emergency Medicine Student Organization (OSMU), Gheorghe Marinescu 50, Targu Mures, Romania, VAT ID 18816690, authorization JC 64/2006.
Personal data processing is carried out under Regulation (EU) 2016/679 and applicable national law.
Competent supervisory authority: ANSPDCP (Romania).
Data may be provided directly by the user (account/registration/abstract forms) and collected automatically at technical level (logs/cookies), where applicable.
- Identification data: first name, last name.
- Location data: country, county, city.
- Contact data: email, phone (where applicable).
- Professional/academic data: institution/hospital, university, faculty, study year, specialty, professional grade, affiliation (where applicable).
- Operational participation data: ticket/package type, payment status, active/passive participation, Gala Dinner option.
- Logistics data: T-shirt size for welcome kit (where this field is requested in the form).
- Professional identifiers: CNP, CUIM, seal/registration identifiers or equivalent, only where required for CME/EMC accreditation, legal obligations, or professional validation.
- Technical data: IP, browser, device, traffic data.
- Data for account creation and congress/workshop/scientific registrations.
- Data contained in abstracts, papers, or scientific communications (including authors/affiliations/content uploaded by users).
Important: data entered in abstracts may include clinical information. If a patient can be identified directly or indirectly, this may qualify as personal health data (special category data).
Certain data are mandatory for account creation, payment validation, fiscal documentation, and where applicable, professional validation/accreditation. Missing mandatory data may limit or block service delivery.
Data are processed for CongrEMs organization and administration, official communications, newsletter, platform security, registration management, and participation documents.
Legal bases (GDPR): Art. 6(1)(a) consent, Art. 6(1)(b) contract/pre-contractual steps, Art. 6(1)(c) legal obligation, Art. 6(1)(f) legitimate interest.
For non-essential cookies and newsletter communications, processing is based on explicit consent, separate from participation terms acceptance.
For special category data (e.g., health data that may result from abstract content), an additional Art. 9 GDPR condition is applied where required.
No profiling or automated decision-making is used to produce legal or similarly significant effects for data subjects.
Newsletter communications are managed via MailPoet and sent only on consent basis, with unsubscribe/withdrawal available at any time.
The website uses necessary and analytics cookies (Sourcebuster), as detailed in the cookie policy: https://congrems.ro/cookie-policy/.
We may rely on processors (IT, hosting, email, newsletter, payment, advisors) strictly as needed and with GDPR safeguards.
Transfers outside the EU/EEA, if any, are performed only under GDPR safeguards (e.g., adequacy decisions or standard contractual clauses).
You have GDPR rights: access, rectification, erasure, restriction, objection, portability, and withdrawal of consent.
OSMU applies appropriate technical and organizational safeguards for data security.
Data are retained only as long as necessary for legal/legitimate purposes, then deleted or anonymized under internal policies and legal obligations (including fiscal/accounting retention where applicable).
For GDPR requests: secretariat@congrems.ro
If you believe your rights have been infringed, you may file a complaint with ANSPDCP.
Extended policy: https://congrems.ro/privacy-policy/