Your certification body, since 2003!

+4 0788 468 181
office@certind.ro
27-29 George Enescu Str., Bucharest 1, Romania
Palatul UGIR 1903

PERSONAL DATA PROTECTION POLICY

According to Regulation (EU) 2016/679, the natural persons whose data are processed are guaranteed the right to access, rectification, to erasure, to be forgotten, to restriction of processing, to data portability, and the right to withdraw consent at any time.

CERTIND SA processes personal data provided by individuals in accordance with the legal requirements on the protection of personal data in Romania, processing being performed for legitimate, contractual, economic, financial and administrative purposes.
CERTIND takes all necessary steps to keep all personal information safe and confidential.

Purpose for processing is:
- the performance and execution of the contract concluded between CERTIND and the CLIENT, including data collected and processed in the stages prior to entering into a contract;
- the request received regarding the information that CERTIND has to provide (e.g. the status of a certification);
- marketing, advertising - sending of newsletters and/or periodic alerts, by means of electronic mail, only on the data subject's explicit consent;
- Legitimate collection, economic-financial and administrative purposes.

CERTIND SA collects only the data necessary for the performance and execution in good conditions of the service contracts (assessment and certification, verification, inspection, training, etc.) or following a request for information (e.g. requesting information on the status of a certification).

Personal data means:
- any information concerning an identified or identifiable natural person;
- any information by which a person can be identified (e.g. name, date and place of birth; an identification number; citizenship, signature; phone; e-mail; job, profession, etc.)

Storage of data:
1. Storage and processing of non-personal data
When accessing CERTIND website, www.certind.ro, the internet browser automatically transmits data (such as the URL of the sending website, the date and time of the access, the file being accessed, the amount of data transmitted, type and browser version, operating system, etc.) to the CERTIND server, based on technical settings. These data are collected and used exclusively for statistical purposes and for analysis purpose, to improve the services provided.
Certain traffic data (such as IP addresses) may, under certain circumstances, be personal data and will be treated as such.

2. Storage and processing of personal data
Personal data (e.g. name, surname, email address, phone, workplace and profession, etc.) are stored and processed by us only if they are necessary for the performance and execution of the contract concluded between CERTIND and the natural person concerned (or the organization it represents), including data collected and processed prior to entering into a contract (e.g. certification request).
The stored personal data will be used for the purpose of executing the contracts and processing the received requests. After the termination of the contract, the personal data are stored, taking into account storage deadlines according to the fiscal and commercial legislation; after the expiry of these deadlines the data will be deleted. This rule is not valid if there is explicit consent to further use of personal data.
If you have registered with CERTIND Newsletter, your personal data is stored and processed for the entire period of your subscription to the newsletter. Use ceases as soon as you quit the newsletter service, which you can do at any time by clicking on the "Unsubscribe" button in the e-mail received.

Use and protection of personal data:
CERTIND SA collects and processes personal data in a legal, correct and transparent manner. All personal data is confidential and stored in a manner that provides the necessary security and is distributed to third parties (e.g. the National Accreditation Body, the FSSC Foundation, the courier company, etc.) only if this is necessary for the purpose of offering services under the contracts agreed by both parties. Access to personal data is limited to CERTIND SA personnel and its collaborators / partners / authorities that have the necessary authorization and a clearly defined need for the use of these data.

CERTIND SA processes the data safely and maintains appropriate measures to protect your personal data against accidental or unlawful destruction, loss, alteration or unauthorised disclosure.

Data confidentiality:
CERTIND maintains the confidentiality on all information obtained or created during the activities that make the object of the contract with the client (evaluation and certification, training, etc.) and are necessary for the execution of the contract.
Should CERTIND be requested by a third party, CERTIND will inform in relation to the certification obtained by the certified client, supplying the following information: name of the certified client, field of certification and the reference document(s) for certification, the status of a certification.
CERTIND will make available for the accreditation bodies it collaborates with, upon their request, for evaluation linked purposes, the certification files of its clients. Should CERTIND be requested by law, it will supply information related to the activity preformed for the certified client.
The entire personnel involved in the activities making the object of a contract (fulltime employees and auditors / verifiers / inspectors, etc. who work on behalf of CERTIND and are contracted under a service contract) is individually committed to keeping the confidentiality over all information obtained or created throughout the contractual activities and will comply with the EU Regulation no. 679/2016 on the processing of personal data (collection, registration, organization, structuring, storage, use, consultation, disclosure, transmission, restriction, erasure, destruction).

Information and access to personal data:
All clients of CERTIND SA have:
- right of information and access to its personal data;
- right to rectification of inaccurate or incomplete personal data concerning him or her;
- right to erasure (‘right to be forgotten’) where the personal data are no longer necessary in relation to the purposes for which they were collected, the personal data have been unlawfully processed or other cases stipulated by the Regulation.
- right to restriction of processing where the accuracy of the personal data is contested or other cases provided by law;
- right to notification regarding rectification or erasure of personal data or restriction of processing;
- right to data portability;
- right to object, on grounds relating to his or her particular situation;
- right to lodge a complaint with a supervisory authority;
- right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

All CERTIND SA clients can exercise their above mentioned rights by submitting a written request, dated and signed, at office@certind.ro or by post to CERTIND SA, 27-29 George Enescu street, District 1, Bucharest.

1. Submitting the application for certification to CERTIND

2. Drafting and sending the certification offer to the CLIENT

3. Contracting - following the Clients’ acceptance of the offer

4. Assignment of the audit team by CERTIND

5. Audit planning - by mutual agreement between the auditor and client

6. Certification audit - is carried out in two stages: Stage I + Stage II

7. Granting the conformity certificate

8. Surveillance I Audit

9. Surveillance II Audit

10. Recertification

What is ISO?

ISO is an independent, non-governmental international organization with the mission to develop international voluntary standards relevant to today's market. For more information, visit www.iso.org.

What is a standard?

An international standard provides world class specifications for products, services and systems to ensure quality, safety and efficiency, thus helping to facilitate international trade.

What is RENAR?

Romanian Accreditation Association - RENAR, is a non-governmental, non-profit organization and is formally recognized as unique national accreditation body. More information on www.renar.ro.

What is IAS?

IAS-International Accreditation Service, from the United States of America is a non-profit corporation with the status of an accreditation body and has been providing accreditation services since 1975. More information at www.iasonline.org

What is FSSC 22000?

FSSC 22000 is a non-profit foundation based in the Netherlands and holds an independent certification scheme in the field of food safety. More information at www.fssc.com

What is EMAS?

EMAS is the European environmental management tool designed to support organizations in the continuous improvement of environmental performance integrating the concept of sustainable development. More information at https://green-business.ec.europa.eu/eco-management-and-audit-scheme-emas/about-emas_en

What is a management system?

A management system represents the framework through which an organization sets its own policies and procedures to ensure that it can carry out all the tasks necessary to achieve its objectives and promote continuous improvement. Management systems allow an organization to establish and use best practices in conducting its own business. Management systems can be: Quality (ISO 9001), Environmental (ISO 14001), Food Safety (ISO 22000), Occupational Health and Safety (OHSAS 18001 / ISO 45001), Information Security (ISO / CEI 27001) etc., as well as combinations of these systems (integrated systems).

What is an integrated management system?

An integrated management system combines several management system standards (eg ISO 9001 + ISO 14001 + ISO 45001) into a single system to be exploited and managed more easily.

What is implementation?

Implementing a management system means establishing the processes that take place in the organization and harmonizing the organization's activity with the requirements of the reference standard(s).

What is the difference between “accreditation” and “certification”?

Accreditation: Accreditation is the formal recognition of a conformity assessment body (Certification Body) by an accreditation authority, that the Certification Body has the technical and organizational competence to perform a specific services in accordance with the technical standards and regulations described in the accreditation field.
Certification: Certification is the process by which an organization is assessed by a third party (Certification Body) to provide a written warranty (conformity certificate) that a product, process, system, or person meets the requirements of the reference standard(s).

What is the price of a certification?

Certification costs vary from one organization to another, depending on the field of activity, the number of employees, the number of locations of the organization and the number of standards for which certification is sought. For a customized offer please send the offer form.

Is the conformity certificate issued by CERTIND SA recognized in other countries?

If the certificate is issued under accreditation by CERTIND SA, the certificate should be recognized in those countries whose national accreditation bodies are signatories to the multilateral agreement EA, IAF and ILAC.

What is the validity of a certificate?

A conformity certificate is valid for 3 years, subject to annual surveillance audits. Before the certificate expires, the recertification audit takes place and the entire certification cycle is resumed.

Can a certificate be suspended/ withdrawn?

Yes. If the certified client incorrectly uses the conformity certificate(s) or the certification mark, does not allow the performance of surveillance audits or the findings of the surveillance audit is that the organization no longer complies with the requirements of the reference standard(s), the Certification Body may suspend / withdraw the certificate.

Can I get the certificate if I do not have the management system implemented?

No. If the management system in your organization does not meet the requirements of the applicable standard(s), the Certification Body will not grant you the conformity certificate(s).

Do I need certification?

You need certification if you want:
• permanently improve performance by coordinating and managing the organization in a systematic and planned manner;
• develop your business better through a clear and predictable evolutionary environment;
• better document the processes / activities to ease their understanding;
• ease the work of new employees through documented procedures;
• motivate and raise awareness of staff by defining key roles and responsibilities;
• involve employees in achieving the organization's goals;
• reduce costs by increasing efficiency and productivity, by better control of activity and flows;
• increase productivity by improving processes;
• keep control of non-compliant products / services;
• reduce the number of complaints;
• participate in auctions;
• continually improve your work by conducting internal audits.

What are the steps to obtaining certification?

1. Submitting the application for certification to CERTIND
2. Drafting and sending the certification offer to the CLIENT
3. Contracting - following the Clients’ acceptance of the offer
4. Assignment of the audit team by CERTIND
5. Audit planning - by mutual agreement between the auditor and client
6. The certification audit - is carried out in two stages: Stage I + Stage II
7. Granting the conformity certificate
8. Surveillance I Audit
9. Surveillance II Audit
10. Recertification

Is CERTIND SA an accredited certification body?

Yes. CERTIND holds multiple accreditations from the Romanian Accreditation Association – RENAR for both management systems and product conformity certification and also accreditations from the International Accreditation Service – IAS, United States of America, for management systems certification. For full information on CERTIND accreditations/ recognitions, please click here

CERTIND SA is a Notified Body for various EU directives?

CERTIND SA is a Notified Body, having the notification number NB 2174, for Regulation (EU) no. 305/2011 - Construction products.

Request a price offer

To receive a price offer, please fill out our form with the necessary data about your company and a CERTIND
representative will contact you as soon as possible.

office@certind.ro

Palatul UGIR 1903

Personal data protection policy