top of page

Privacy Policy

DAILY LAMA’S CONFIDENTIALITY AGREEMENT 

 

Version dated 12.11.2024

 

  1. PRELIMINARY INFORMATION 

We hereby inform you of our practices regarding the enforcement of the provisions included in the EU Regulation 2016/679 of the European Parliament (henceforth “GDPR”), but also as regards the nature of the personal data processed, the aims and substantiation of the processing and the rights of the envisaged persons. 

Daily Lama International SRL, with the registered office in Bucharest, 1st district, no. 8, Menuetului Street, building 1, room 4, 3rd floor, apt. 4, registered at the Trade Register under number J40/7217/2024, sole registration code 49887259, (henceforth called the ”Company”) is the owner and administrator of the DAILY LAMA application (hereinafter called the „APPLICATION”), so that all the information contained herein is related to and valid in respect of the activity performed in the APPLICATION.

The terms used in the current Terms have the meaning conferred by GDPR and the other applicable legal provisions:

  • „Personal data” is a term which designates any information regarding an identified or identifiable private individual (the „envisaged person”); an identifiable private individual is a person who can be identified directly or indirectly, especially by reference to an identification element, such as a name, an identification number, certain positioning data, an online identifier or one or several elements, specific to his/her physical, physiological, genetic, psychic, economic, cultural or social identity;

  • „Processing” means any operation or set of operations performed in relation to the personal data or sets of personal data, with or without the usage of automated means, such as the: collection, registration, organisation, structuring, storage, adaptation or alteration, extraction, consultation, usage, disclosure by sending, dissemination, alignment, combination, restriction, deletion or destruction thereof;

  • „Operator” refers to any private individual or legal entity, public authority, agency or any other body which, on its own or in association with other similar organisms, sets forth the goals and methods of personal data processing;

  • „Person empowered by the operator/Proxy” designates any private individual or legal entity, public authority, agency or any other body that processes personal data on behalf of the operator;

  • „Recipient” is the private individual or legal entity, public authority, agency or any other body to whom/which personal data is disclosed, irrespective of him/her/it being a third party or not. Nevertheless, the public authorities that need to be informed about such personal data during an investigation, as per the EU or the internal regulations in force, are not considered recipients; the handling of such data by the respective public authorities follows the applicable data protection rules, according to the scope of the processing;

  • The envisaged person’s „Consent” refers to any act of free will (which is specific, informed and unambiguous) manifested by the envisaged person, through which he/she accepts and agrees to the fact that his/her private data shall be processed, either in the form of a statement or an unequivocal action.

The Company undertakes to observe the personal data protection principles stipulated by GDPR, to ensure such facts:

  • Are processed accurately, legally and transparently;

  • Are collected for specific, explicit and legitimate purposes;

  • Are adequate, relevant and limited in respect of the objectives for which they are processed;

  • Are accurate and updated;

  • Are preserved in a manner which does not allow the identification of the envisaged persons for a longer period than necessary, considering the overall purpose of the processing;

  • Are handled in compliance with the rights of the envisaged person, in a way meant to secure proper processing and to preserve full, confidential and available data. 

 

2. TYPES OF PERSONAL DATA

We collect personal data belonging to the APPLICATION users, in view of creating user accounts and enabling envisaged persons to access the information offered by the APPLICATION: surnames, first names, e-mail addresses.

 

3. THE PURPOSE OF PERSONAL DATA PROCESSING 

We request and process personal data in order to:

  • Enable the creation and/or maintenance of your account in the APPLICATION;

  • Diagnose or fix any potential technical problems occurred, for an appropriate functioning of the APPLICATION;

  • Prevent spam, fraud and abuse and help recover the account particulars and the user name, by e-mail;

  • Contact you once you have expressed your consent in the “CONTACT section;

  • In the unlikely situation of a litigation, for the aim of asserting or claiming a right in court;

  • For marketing purposes, only subject to your prior consent.

 

4. THE LEGAL GROUNDS BASED ON WHICH WE PROCESS PERSONAL DATA 

The Company processes personal data from the APPLICATION:

  • Based on the agreement of the persons entrusting such personal information (art. 6, paragraph 1, thesis 1, letter a of GDPR)

  • For the implementation and completion of a contract you are part of (art. 6, paragraph 1, thesis 1, letter b of GDPR)

  • In view of fulfilling a legal obligation on our part (art. 6, paragraph 1, thesis 1, letter c of GDPR)

  • In line with the legitimate interest of the Company (art. 6, paragraph 1, thesis 1, letter f of GDPR.

 

5. PERSONAL DATA TRANSFERS 

We may disclose your personal information, whilst observing the applicable law, where and if necessary, in order to abide by the legal provisions in force or protect the security or integrity of the APPLICATION. Furthermore, there are circumstances in which such personal details may be submitted to competent authorities or institutions, for various inspections and controls regulating the activity of the Company, as well as to lawyers or financial auditors.

Each time we use subcontractors, acting either as data operators or proxies, we shall make sure the requirements set forth by GDPR are fully met and your private information is adequately processed.

In principle, your private information shall not be sent to a third country or international organisation.

Should we be compelled to disclose such personal data by a court order, or for the aim of observing other legal requirements, we shall notify you before providing such information, except for the case this kind of disclosure is forbidden. We shall not sell, divulge or distribute your data without your consent.

 

6. PERSONAL DATA STORAGE DURATION 

In view of fulfilling the aforementioned objectives and meeting the legal requirements in force, we shall store your personal data for a reasonable period of time deemed necessary for achieving these goals, which should not, however, exceed 5  years from the completion of the contract with the Company or for a period imposed by the law or until the moment the envisaged person or the legal representative chooses to exercise the right of opposition/deletion (except for the case in which the Company processes the data under a legal requirement or has legitimate grounds to do so). 

Subsequent to the completion of the personal data processing operations, should the envisaged person or his/her legal representative express his/her right of opposition/deletion, as per the law, such data shall be destroyed or removed from the IT systems of the Company or turned into anonymous information, in order to be used for scientific, historic research or statistics. 

 

7. SAFETY MEASURES FOR THE PROTECTION OF PERSONAL DATA 

We commit to adopting adequate technical and organisational measures, according to industrial standards. The APPLICATION is aligned with the GDPR requirements and uses personal data encryption and security technology. 

The Company shall not reveal any private information collected through the APPLICATION, except to the authorized employees and contractors/partners, who are proxies. 

The Company has assumed the responsibility of implementing certain appropriate technical and organisation measures regarding personal data protection, namely, for the protection against unauthorized access or against using, altering or destroying such information, in line with GDPR regulations, as follows:

  • The Users who have access to the personal information database are solely the ones who have created an account in the APPLICATION, each of them benefitting from the APPLICATION functions by means of using their own account names and passwords. 

  • All the employees, collaborators and providers of the Company who come in contact with personal information shall act according to the principles stipulated in the data protection and security policies and procedures, by signing statements and confidentiality agreements concerning such particulars. 

  • The computers from which the database is accessed are locked under password and they have updated antivirus, anti spam and firewall protection measures implemented.

 

Personal data is stored through cloud services provided by Google and Firebase; the servers are situated on EU territory, in full compliance with the legal requirements and the maximum safety and protection safety conditions. 

 

8. THE RIGHTS OF THE ENVISAGED PERSON AS REGARDS DATA PROCESSING 

In the context of processing your personal information, you have the following rights:

  • The right to access your processed personal data: you have the right to obtain confirmation of the fact your particulars have or have not been processed and, in an affirmative case, to access the type of personal data and the conditions under which they have been or are being processed, by submitting a request to the data operator, to that extent;

  • The right to request the adjustment or removal of personal information: you may send a relevant request to the data operator, demanding the correction of inaccurate data, supplementation of details or deletion thereof, if: 

    1. the abovementioned details are no longer required for their initial purpose (and there are no new legal grounds), 

    2. the legal grounds of the processing are represented by the consent of the envisaged person, but this person withdraws his/her consent and there are no more legal grounds to proceed,

    3. The envisaged person exercises his/her right to oppose and the operator has no legitimate reasons to appeal to, in order to continue the processing, 

    4. The information has been processed illegally, 

    5. The removal of personal information is needed to comply with the EU or the Romanian legislation or

    6. The facts have been collected in liaison with services provided by the IT company to children (if the case), when specific requirements are applied in relation to the agreement mentioned above;

  • The right to request the restriction of the processing: you are entitled to obtain the restriction of the processing in the cases in which: 

    1. you consider the personal information processed is inaccurate, for a period of time which should enable the operator to check the accuracy of the personal data; 

    2. the processing is illegal, but you do not wish to have your data deleted; instead, you want to restrict the usage thereof; 

    3. in case the operator no longer needs your personal information for the purposes exposed above but you yourself need it to exercise or defend your rights in court; or

    4. you have opposed processing, for the timeframe during which we were supposed to check whether the data operator’s legal grounds prevail over the rights of the envisaged person;

  • The right to withdraw your consent regarding the processing when this action is based on the consent given, without affecting the legal grounds of the processing performed until that respective moment;

  • The right to oppose the data processing for reasons connected with your particular situation, when the processing is based on a legitimate interest, as well as to oppose data processing for direct marketing, including profile creation;

  • The right of not being the object of a decision based exclusively on automated processing, including profile creation, which produces legal effects that concern the envisaged person or similarly affect him/her in a significant manner;

  • The right to data portability, meaning the right to receive your personal data in a structured, currently usable form, which can be read automatically, along with the right to transfer the respective data to another operator, should the processing be based on your consent or the performance of a contract by automated means;

  • The right to submit a complaint to the Data Protection Authority (ANSPDCP) and to file legal proceedings to the competent courts of law. 

The aforementioned prerogatives may be exercised at any given moment. To that extent, we encourage you to send a written request, dated and signed or an electronic version thereof, to the following address: Bucharest, 1st district, no. 8, Menuetului Street, building 1, room 2, 3rd floor, apt. 4 or by e-mail to: support@dailylama.io.

 

9. UPDATING THE CONFIDENTIALITY POLICY 

The current policy may suffer occasional changes/updating. All such updates and amendments shall be valid immediately after their notification, which shall be made by posting it and/or e-mail transmission.

You may address any question related to the current document to: support@dailylama.io.

 

10. ACCOUNT REMOVAL/ERASURE

You are entitled to request the removal/erasure of your account and its related information. To initiate this process, kindly inform us via e-mail at: support@dailylama.io.

Please make sure the e-mail clearly includes the request to erase the account. After we receive your request, we shall proceed to deleting your account and the associated information, within the shortest time possible. 

bottom of page