Personal Data Protection & Cookie Policy Charter

1. Personal Data Protection & Cookie Policy Charter

Welcome to the website www.total.com.ro („the Website”). Please note that other terms and conditions and personal data protection policies apply to other Total Group websites, and we recommend that you read them carefully.

The policy aims to inform you of the rights and freedoms that you can exercise in respect of our use of your personal data and describes the measures that we take to protect these data.

TOTAL ROMANIA S.A (hereinafter referred to as „the Controller” or „TOTAL ROMANIA”), having its headquarters in Cristian Village, Cristian, 2 Stejarilor Street,Braşov county, registered with the Trade Registry under no: J8/721/2005, EUID: ROONRC.J08/721/2005, CUI RO 17379570 is the “data controller” with responsibility for processing the personal data used to manage the website. These processing operations are carried out in accordance with the applicable law, mainly the UE Regulation no 679/2016 (“GDPR”) and other applicable legal provisions.

1.    Purpose of processing, legal basis, the period of storage and types of data collected
When you visit the website, you may need to provide us with a number of items of personal data, such as your first name and surname, in order to use the services available. As regard the partners / potential partners, visitors in the spaces of the Controller, participants to events, contests organized by the Controller, users of the Website, the Controller processes the following categories of personal data:

a)    Contact data (for example e-mail address, phone number, address) of the users of the Website and / or of the representatives of our partners / potential partners, legal persons;
b)   Identification data (mainly the name, surname, position, data which appear in the identity card or in other acts of civil status) for example from the winners of contests, events organized by TOTAL ROMANIA;
c)   Photo and video images (of the participants to contests, events organized by the Controller or of the visitors entering in the spaces of TOTAL ROMANIA);
d) Geo localization data, if access cards are used inside the Controller’s perimeter.

The Controller processes personal data for the following purposes and based on the following legal grounds:

a)  legitimate interest: The Controller processes your personal data for the purposes of providing the services of (for example, for the purposes of “managing the queries you make using the contact form”). In particular, we may collect some items of your personal data for the purposes of external communication in order to answer your requests for information and to learn how to better meet your needs. Also, we might process personal data based on this grounds when such processing has for purpose the protection of persons and of our goods or of the Controller’s information;

b)   Signature and performance of a contract: The information is needed to enter into a contract with the Controller, without it the contract cannot be concluded (for example when you fill in the form in “direct sale” section on our Website).

c)    Consent: the data are processed based on this legal ground, for example, when needed for marketing purposes, communication and information regarding the products ands services offered by TOTAL ROMANIA, for processing and answering your request and better understanding of your needs, for continuous improving of our services and products, promoting our products, questionnaires. You have the right to withdraw your consent at any time without jeopardizing any processing operations that have already been completed, by writing to the following address: ms.gdpr.romania@total.com

The information is needed to enable us to fulfill our legal obligations, mainly of those provided in accounting, archiving, fiscal law or in or other legal provisions, as the case may be . Without it, the Controller cannot process your request and will be in breach of the law (for example the processing of certain data expressly provided by the law for issuing invoices or granting awards, etc).

In our online forms, the mandatory fields are marked with an asterisk. If you do not provide answers to the mandatory questions, we will not be able to provide you with the service(s) requested.

Your personal data will not be processed subsequently in a way that is incompatible with this Policy and/or with the purposes described above or below the collection forms. Your data are kept as follows:
 

Purpose of processing Retention period
Retention period your data are kept for no longer than three (3) years with effect from your most recent contact with TOTAL ROMANIA, and may if applicable be kept in intermediate files for the applicable limitation period.
Signature or execution of an agreement during the term of the contract and for any subsequent period necessary for exercising or defending of a wright in court or in front of other public or private authorities or of jurisdictional bodies (such period may be longer than 5 years, depending on the status of limitation).
Consent

until you withdraw your consent, unsubscribe or request the deletion of the data. As regards the events, contests organized by TOTAL ROMANIA the data are kept for the period of the respective events, as well as 12 months after or, if longer, for the period necessary for exercising or defending of a wright in court or in front of other public or private authorities or of jurisdictional bodies.

Fulfillment of legal obligation

Data might be kept for the period provided by the law (archiving, accounting, fiscal law, money laundering law, labour law, etc).

3.    Recipients of data

Your personal data may be communicated to one or more of the data Controller's departments or to Total Group companies and one or more partners, contracting parties, independent distributors or subcontractors for the purposes above mentioned. In case the processing is based on consent, the communication to these recipients shall be done based on your consent.

If you leave a comment intended to be posted online, we may be required to publish some of your personal data on the website. Given the characteristics of the internet, namely the unrestricted capture of published data and the fact that it is difficult, or even impossible, to control how third parties can use these data, we hereby inform you that you can object to this publication by contacting us as explained in article 7 below.

4.   Data Transfers

Any transfer of data to a country outside the European Economic Area shall be carried out in accordance with the applicable regulations and in such a way as to protect your data appropriately.

For the purposes of the services provided on this website, your data (for example contact data or, if necessary identification data) may be transferred to one or more of the data Controller's departments or to Total Group.

For this reason, the Total Group has adopted “Binding Corporate Rules” (BCR) governing intra-Group transfers of personal data originating in the European Economic Area.

For data transfers not covered by the BCR, to countries outside the European Economic Area, other guarantees are provided: for example based on a decision assessing the adequacy of the level of protection, on standard clauses approved by Romanian supervisory authority or adopted by the Commission.

You can request a copy by writing to the contact address ms.gdpr.romania@total.com.

Generally, for the purposes of the data processing operations carried out by TOTAL ROMANIA, your data are transferred outside the European Union to the following recipients:

Recipient

Types of data transferred

Purpose of transfer

Country of establishment

Legal basis of transfer

Amazon

First name, surname and email address

Hosting

United States of America

Participation in Privacy Shield, see for instance: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active

Total Marketing Services

First name, surname and email address

Customer support

Singapore

Standard contractual clauses from data Controller to subcontractor.

You can obtain a copy of these clauses by writing to

ms.gdpr.romania@total.com

5. Data security and confidentiality

The data controller takes appropriate steps to preserve the security and confidentiality of your personal data, including to prevent them from being distorted, damaged or disclosed to unauthorized third parties.

6. Cookie management

6.1. Principle

A cookie is a file which enables a website to save information relating to your computer’s browsing of the website (e.g. pages viewed, date and hour of the navigation, accessed links), to make your visits to the website smoother.

You can at any time delete the cookies stored on your computer, object to the storage of new cookies and receive a notification before new cookies are stored by changing your browser settings using the instructions below (“Types of cookies, cookies and statistics, and settings”).

Please note that if you remove a cookie or object to the storage of cookies on your device, you may not be able to use some of the website's services.

6.2. Types of cookies, cookies and statistics, and settings.

The cookies that may be stored on your server when you browse the website are cookies which are intended solely to enable or facilitate electronic communication or which are strictly necessary to provide the service you are requesting (language cookies, login cookies, etc.), or statistics cookies or other cookies in accordance with the conditions below.

When cookies require we ask you for this agreement via the “find out more” link displayed on the first page of the Website that you land on.

6.2.1. Which cookies are stored?

 •  Cookies issued by the data controller

Cookie

Description

How do you object?

Period

Site (has_js)

Contains information about the browser session and allows visitors to log into the website

See article 6.2.2

Removed when the browser is closed

Site (cookie_agreed)

Remembers a visitor's choice regarding cookies

See article 6.2.2

13 months

 

  Cookies issued by third parties

Publisher of the cookie

Description

How do you object?

Period

Score Card Research Beacon

Allows Share this to see how many visitors come to the site

http://www.sharethis.com/privacy

click on the “Opt Out” button for advertising cookies or see article 6.2.2

2 years

ShareThis

Allows sharing on Miscellaneous Social platforms

http://www.sharethis.com/privacy

click on the “Opt Out” button for advertising cookies or see article 6.2.2

 

__unam (9 months)

__stdlxmap (7 days)

__stgmap (7 days)

__stid (24 hours)

__uset (24 hours)

STPC (24 hours)

 

METRIXLAB

PAllows and records the opening of the satisfaction form about the site

please contact privacy@MetrixLab.com or see article 6.2.2

7 months

FASTFONT

Allows to improve the display of contents

See article 6.2.2

Removed when the browser is closed

TWITTER

Records ID’s for sharing on twitter

Through your profile, go to your Security Settings page and uncheck the box under the promoted content section or see article 6.2.2

18 months

FACEBOOK

Records ID’s for sharing on Facebook

 https://www.datalogix.com/privacy/

 

scroll down to the "Choice" heading, click the last "click here" link in the paragraph, and fill in your information or see article 4.2.2

2 years

Gigya
(_gig_lt/glt_, ucid, gmid, GLEC, gig3pc, gig3pctest, _gig_llu, _gig_llp, gst, glnk, GSLM_, gig_loginToken__session, gig_loginToken_, gig_loginToken__visited, gig_loginToken__exp)

User Login

Gigya allows you to create a total account on all pages of mypace.total.com, log in and change your personal information by clicking on "Login" at the top of the menu bar. You can access a wide range of services in your account. The cookies generated by Gigya allow you to authenticate and remain logged in. For more information, see the „Privacy Policy” a Gigya.

 

 

• Statistics cookies

 Publisher of the cookie

Description

How do you object?

Period

AT INTERNET

idrxvr  

tmst

Allows to see how many visitors come to the site and how often

 

http://www.xiti.com/en/optout.aspx or see article 6.2.2

7 months

 

Statistics cookies are used to measure the number of visits, the number of pages viewed, users’ activity on the website and how often they return. The used statistics tool, Xiti – AT INTERNET generates a cookie with a unique identifier, which is stored, in accordance with the legal provision in force, for no longer than 3 years from the communication, when the law does not provide for another term (for example 5 years from the request of a court or criminal organ). Your IP address is also collected in order to determine the town/city from which you are accessing the website. Your IP address is immediately anonymized after use so that you cannot be identified as a natural person. The statistical data on website visits are collected by the provider AT INTERNET and subsequently transferred to the data controller in an aggregated and anonymized form in a web interface to which it alone has access. The data collected are not transferred to third parties or used for other purposes. You can block these cookies at any time by opting out as described above by clicking the link http://www.xiti.com/en/optout.aspx.

6.2.2. How do you delete cookies, receive notification of their storage or change your browser settings?

  • How do you delete cookies already stored on your computer?
    • On your workstation:
    • On the C:\ drive select the Windows folder;
    • Open the “Temporary Internet Files” folder;
    • Select all files (CTRL A);
    • Choose the “delete” option.

 

  • How do you change browser settings to reject or be informed of the storage of cookies?
  • In the Internet Explorer 5 (Microsoft) browser: Select “Tools”, and then “Internet Options”. Click on the “Security” tab, then “Custom level” and scroll down to the “cookies” section. Next to “Allow cookies that are stored on your computer” select “Ask” to be notified or “Disable” to decline all cookies;
  • In the Internet Explorer 6, 7 or 8 (Microsoft) browser: Select “Tools”, “Internet Options”, “Privacy”, then the level you wish to apply;
  • - In the Firefox browser: Click on “Tools” and select “Options”. In the “Privacy and security” tab, untick the box “Accept cookies from websites”;
  • In the Chrome (Google) browser: Click “Customize and control Google Chrome” and select “Settings”. Under “Privacy and security”, click on “Content settings” and enable “Block third-party cookies”.
  1. Your rights /Contact

In accordance with current regulations and subject to legal provisions which can limit your rights you have the right to access, correct, delete and object to the use of your personal data. In case you make an opposition to the processing of your data, the Controller shall no longer process such data, except for legitimate interest which justifies the processing and prevails on your interests, rights and liberties or when the purpose consists in exercising or defending of a right in court.

You also have a right to prior consent to marketing, to withdraw such consent at any time (without jeopardizing previous processing) and to object to it under the applicable regulations.

You can ask for your personal data to be sent to you or directly to another controller (right of portability) and you have the right to give instructions for the use of your personal data after your death. You can also ask for restriction of the data, You can also ask for restriction of the processing in certain circumstances (for example when you contest the accuracy of the data – for the period which would allow us to verify the accuracy of such data).

Also, you may make a claim with the competent supervisory authority, the National Supervisory Authority for Processing of Personal Data (ANSPDCP). In case you wish to exercise these rights or for any request please use the contact form to make your request or send it to the following address: ms.gdpr.romania@total.com.

X
By continuing to browse this website, you accept the use of cookies or other trackers for statistics of visits to optimize the functionality of the site.
For more informations, see Personal data protection & Cookie Policy