Personal data processing notification


STATUS is a solution for managing virtual health records and collaborating with patients that enables doctors and medical health providers a better way to interact with their patients in a secure environment, designed to meet the requirements of Regulation no. 679/2016 on the protection of individuals regarding the personal data processing and its free circulation („GDPR”).

To ensure a higher level of security for the STATUS application, it can also be made available to customers as a service in the Star Storage data centre, TIER-3 data centre authorized by MCSI ( http://www.star-vault.ro/centrul-de-date ).

This Notification was prepared to inform people (,,Data Subjects”) about the personal data collected by Star Storage during its activity, the processing reason and the use of the data.

We reserve the right to update and modify this Notification concerning the confidentiality, and also our Privacy Policy at certain time intervals. We will notify you when any change is made on the Notification or the Privacy Policy on the personal data usage on our website advertisements or other means.


Data protection responsible

Since May 25, 2018, Star storage has an internal Data Protection Officer (DPO) to contact if you any question or concerns about Star Storage policies or practices on personal data. Contact Star Storage DPO by sending an email message to the following address: dpo@star-storage.ro.


How do we collect Personal Data?

We mainly collect the personal data you provide us directly by filling in the form asking you information about our product at www.star-storage.ro or while you visit us or meet our agents. Additional information is collected during out phone interviews developed by our marketing department.

We also collect personal data from you or your company during the execution of the contracts.

Our process of collecting the personal data is performed through:


What Personal Data do we collect?

When you register, we collect information about you, including your full name, your employer’s name your position in your company, your email address, and also your phone numbers (home/fixed and mobile).

When your company purchases our products or services, we collect information about customer company representatives, contact persons, project team members and users. The information collected include the full name, employer’s name, role, work address, email address, phone numbers (home/fixed and mobile) and fax number. These are provided directly by you or your company.


Why processing the Personal data?

We process the personal data we collect from two main reasons:

When processing your personal data to provide products and services, these are necessary for the negotiation, conclusion and execution of the contract with interests pursued in the performance of such contracts.

The processing performed to carry out our activity includes:

When processing your personal data for our marketing communication strategy, it is based on the legitimate interest in promoting our products and services. This kind of marketing activities include:


Who do we share your personal data with and for what purposes?

We will not share your information with third parties outside our company, except when this is required by a legal obligation or when required to execute the contract with you. For any other transfer to third parties, we will first ask for your consent.

Your personal data can be transferred to third parties, in the EU or abroad: audit companies (on the basis of legal requirements), consultants, legal authorities or public authorities, resellers, service companies, suppliers, shareholders and other companies in the logo group.

If we consider a transfer abroad, we will ensure it will be done in a country that benefits from an appropriate decision issued by the European Commission or, alternatively, based on approved standard contractual clauses.


What security measures do we dispose?

We undertake to protect the security of your personal data and to prevent unauthorized access, use or disclosure, by:


What are your rights as a Data Subject?

According to GDPR, as a Data Subject, you have a number of rights in relation to your personal data, and Star Storage, as data operator, is committed to respect your confidentiality and guaranteeing these rights.


Access – you have the right to confirm Star Storage to process your personal data and you can access these data. Also, you can request information about: the purpose of the processing; the categories of personal data processed; to whom, other than Star Storage, the data may have been sent; what was the source of the information (if you did not provide the data directly to Star Storage) and how long they will be stored.


Rectification – you can ask us to rectify or correlate inaccurate personal data. At the same time, if your records are not complete and additional processing data is required, you have the right to fill in your personal information.


Erasure (“right to be forgotten”) – if there is no mandatory reason for continuous processing, you have the right to delete or remove your personal data from our databases. Keep in mind that it is not an absolute right, and Star Storage reserves the right to limit it under GDPR cases (for example, if the data (for example, if the data are no longer needed in correlation to the purposes they were collected for, if you chose to oppose the processing of your personal data or if the processing is illegal).


Restriction – you have the right to ask to restrict your personal data processing for a period of time necessary to verify their accuracy, if you object further processing on the basis of legitimate interest, or block the data for defending legal claims. At the same time, you can request to block your data in the case of illegal processing, if you do not want to delete it.


Data portability – you can ask us to provide you your personal data to you in a structured, commonly used, machine-readable format, when: the processing is based on your consent or the performance of a contract with you; and the processing is carried out by automated means.


Objection – you can object, at any time, to any processing of your personal data for direct marketing purposes. For processing purposes other than marketing, you still have the right to oppose, but it is possible that the legal obligations of Star Storage prevail, as well as its preeminent legitimate interest in continuing to process such data, including in the exercise or defense of a legal provision.


Withdrawal of Consent – you have the right to withdraw the consent to process your personal data at any time.


You can exercise your rights by sending a request to dpo@star-storage.ro. We reserve the right to contact you to ensure that the request comes from you.

The response to your requests does not involve any cost, unless the claims are unfounded, repetitive or excessive, in which case we may request a fee based on the administrative costs of your request.

Your requests will receive an answer as soon as possible, depending on the nature of the request and within thirty days, except when we need to extend this deadline, taking into account the complexity of the request and/or the number of requests.

In the course of an application, in the event of incomplete or incorrect information sharing or if the request is not clearly expressed, it is possible to have difficulties in solving your requests, which may cause delays in the investigation process. Our company reserves all legal rights in the case of incorrect applications, contrary to the facts/laws or malicious intent.

If you consider your personal data is misused or that their processing by Star Storage contradicts GDPR, please inform the DPO at dpo@star-storage.ro about your data processing issues and ask them to take appropriate action. If the issue cannot be solved in this way, you can fila a complaint with the national supervisory authority, whose contact can be found on its website, www.dataprotection.ro .


General Privacy policy for the personal data protection

You can review the General Privacy policy by clicking here.


Using our website

Like most websites, the Star Storage website automatically collects certain information and stores then in log files. The information may include Internet Protocol (IP) addresses, region, or general location where your computer or device accesses the Internet, the browser type, the operating system, and other information about using the Star Storage website, including a history of the pages you are viewing. This information is used to build a better design of our website in accordance with the user needs. We can also use your IP address to help diagnose issues with our server and manage our website, analyze trends, track visits to our web pages, and collect general demographics that help us identify visitor preferences.

The Star Storage website also uses cookies and other similar technologies. These allow us to store your preferences, provide you with options when connecting to our online platforms, deliver you advertising through our partners based on your interest and also analyze how our website and our platforms work.