Our personal data processing policy

This information notice, called “Privacy Policy” or “Personal Data Processing Policy” is intended to inform you of how we process your personal data when you interact with us in relation to our products and services , through our website tgp.ro/en, using social networks or offline.

We recommend that you read this Data Protection Notice in its entirety to ensure that you are fully informed.

Your use of our site constitutes your agreement to our Privacy Policy.

Please note, this site is not intended for children, and we do not knowingly process personal data about children.

The date of the last update is 28.02.2023.


Who we are and how you can contact us

SC TamoGlass Perfect S.R.L., with registered office in 5 Giurgiului Road, Hall Panouri Mari – Atelier C2, Office no. 1, Jilava, ROMANIA, registered at the National Trade Registry Office under no. J23/1500 of 2014, fiscal code no. RO33194302, hereinafter also referred to as “TGP” or “we”, in the sense of the legislation on the protection of personal data, is the operator when it processes your personal data collected through our website tgp.ro/en, using social networks or offline.

For more information or to exercise your rights, you can contact us by email at dpo@tgp.ro or by a written request, dated and signed, at the postal address 5 Giurgiului Road, Hall Panouri Mari – Atelier C2, Office no. 1, Jilava, ROMANIA, to the attention of the Data Protection Officer.

Regardless of the form of communication you choose, please identify yourself as completely as possible. We reserve the right to request additional information to confirm your identity.




Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Data Protection Legislation

Any applicable laws regarding the processing of personal data, including but not limited to the GDPR and any national laws, regulations and secondary implementing legislation.

Personal data

It means any information relating to an identified or identifiable natural person.

The person concerned

The identified or identifiable natural person whose personal data is processed.

Identifiable natural person

Is a person who can be identified, directly or indirectly, in particular by reference to an identification element, such as a name, an identification number, location data, an online identifier, or to one or more specific elements, inherent to his physical, physiological, genetic, psychological, economic, cultural or social identity.


It means the natural or legal person, public authority, agency, or other body that, alone or together with others, determines the purposes and means of processing personal data; when the purposes and means of processing are established by Union law or domestic law, the operator or the specific criteria for its designation may be provided for in Union law or domestic law.


It means any manifestation of the data subject’s free, specific, informed, and unambiguous will by which he accepts, through a statement or an unequivocal action, that the personal data concerning him be processed.


It means any operation or set of operations performed on personal data or sets of personal data, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.

Breach of personal data security

Means a breach of security that results, accidentally or unlawfully, in the destruction, loss, alteration, or unauthorized disclosure of personal data transmitted, stored, or otherwise processed, or in unauthorized access to it.

Online identifiers

They are provided by their devices, applications, tools, and protocols, such as IP addresses, cookie identifiers or other identifiers. They can leave traces that, especially when combined with unique identifiers and other information received by servers, can be used to create profiles of natural persons and to identify them.


They are small text files placed on the user’s device by the website when it is visited or certain functions are used.

For more information, visit the Cookie Policy.


Categories of persons concerned

This Privacy Policy applies to the processing of personal data of the following categories of persons:

– To our contractual partners (such as customers, suppliers, providers, executors, legal representatives of companies, etc.) who interact physically with our representatives or online through our website, our social media accounts and our social media advertisements, search engines and partner sites.

– Any other identified or identifiable natural persons whose personal data is processed through any legal method of collection, such as, but not limited to, the personnel who visit our premises regardless of the purpose of the visit, the persons who addresses for various requests, suggestions, complaints, etc.


Data Collected, Methods of Collection and Sources of Collection

We generally collect personal data directly from you, so you have control over the type of information you give us.

Data we process, collected directly from you, for example,

by physically interacting with us or using phone, email, online contact forms, social networks, direct messages, comments, advertisements, surveys or any other form of correspondence,

through written documents that you provide us such as: filling out forms, submitting applications, copies of documents, certificates, powers of attorney, CV, diplomas, reports, professional certificates, etc.,

Examples of data that we process:

name and surname, signature, age, gender, date of birth, place of birth, Personal Identification Number, ID series and number, marital status, education, length of service, residential address, delivery/invoicing address, telephone number, email, payment information (including card details), marketing preferences (if you agree to us sharing your details with our partners) etc.

By browsing the tgp.ro/en website, through social networks, search engines, or partner websites, we can collect the following information:

Internet Protocol (IP) address used to access our website, device type and brand, operating system and platform, browser version, time zone setting, the information you have viewed and searched for on the website, marketing information relating to habits, preferences, behavior, etc.

This information is collected by third parties on our behalf using cookie files, for more information visit the Cookie Policy.

We use profiles to offer you products that are tailored to your interests. The profile creation process will only be used based on your consent.

We do not process sensitive data, included by the General Data Protection Regulation in special categories of personal data.

We do not knowingly process data of persons under the age of 18.

We do not provide services that include automated decision-making without human intervention.


Purposes of personal data processing

We process your personal data only to the extent permitted or required by applicable law.

The purposes for which we process the data, by way of example, are:

– for the provision of services for your benefit

Promoting our products and services, making commercial offers, concluding and developing a contract with you, ensuring the delivery, return or warranty of a product, etc.

– to comply with a legal obligation

Applicable laws in accounting, taxation, labor relations, physical security, etc.

– to fulfill our legitimate interests or the legitimate interests of a third party or your interests

Ensuring the security of premises, personnel, and IT systems, fraud detection and prevention, testing, research, statistics, data analysis, troubleshooting, etc.

– for the performance of a task that serves a public interest or for official purposes.


The legal basis for the processing of personal data

We process your data based on the following legal grounds:

  1. Based on the consent you have expressed in specific situations (for example: contacting for marketing purposes, keeping data for a period additional to that required by national legislation, etc.).
  2. For the conclusion or performance of a contract (for example sales-purchase contracts, collaboration contracts, supply contracts, etc.).
  3. To fulfill our legitimate interests, in the context of carrying out our object of activity, to improve the services offered, to optimize internal workflows, to resolve investigations or any other petitions/complaints/requests, etc.
  4. To comply with legal obligations (for example applicable laws in accounting, taxation, labor relations, etc.).


How long we keep personal data

We will keep your data for the minimum period necessary to fulfill the purposes of data collection, for the period required by national law, and for the period necessary to exercise our and others’ legitimate rights.

We will stop processing personal data, as long as it is no longer necessary for the established purposes when the data subjects have withdrawn their consent, in situations where there are no compelling legitimate reasons for the continuation of the processing that prevail over the interests, rights, and freedoms of the individuals physical or if the personal data is not necessary for the establishment, exercise or defense of a right in court.


Technical and organizational security measures

Adequate technical and organizational measures are implemented for the protection of personal data, according to industry standards.

TGP employees as well as other authorized persons who have access to personal data have certain responsibilities to ensure that this data is collected, kept and used properly, in accordance with the provisions of the internal procedures regarding the protection of personal data.

The storage of personal data in digital format is carried out on secure terminals, with restricted access to unauthorized persons.

We note that, despite all measures taken, the transmission of information over the Internet is not completely secure and there is a risk that the data may be seen and used by unauthorized third parties. We cannot assume responsibility for system vulnerabilities beyond our control or software errors.


Access to your data

Within TGP, internal staff members, as well as staff members belonging to collaborators, are subject to the obligation of confidentiality regarding the processing of personal data and may process data only in relation to specific job responsibilities, only if they have the competence and authorization to do so.

If we are under a legal obligation or if it is necessary to defend a legitimate interest, we may disclose certain personal data to public authorities.

Your personal data is stored and processed on the territory of the European Union and the European Economic Area.

In the event that your personal data will be transferred outside the European Union or the European Economic Area, the transfer will be made pursuant to a decision of the European Commission by which it decides that the third country in question provides an adequate level of protection.


Your rights

The legislation on the protection of personal data guarantees you the following rights:

Right of access

You have the right to obtain from us:

– to confirm whether or not personal data concerning you is being processed and, if so, a copy of the respective data;

– to provide you with information related to your data such as: what data we hold, the methods of data collection, the purpose of processing, to whom we disclose the data, if we transfer it abroad, how long we keep it, how we protect it, your rights and how you can make a complaint.

The right to rectification

You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you. Taking into account the purposes for which the data were processed, you have the right to obtain completion of personal data that is incomplete, including by providing an additional statement.

Right to erasure (“right to be forgotten”)

You have the right to obtain from us the erasure of personal data concerning you without undue delay if one of the following reasons applies:

– the data are no longer necessary to fulfill the purposes for which they were collected or processed;

– the withdrawal of the consent on the basis on which the processing takes place and the lack of another legal basis for the processing;

– personal data were processed illegally;

– personal data must be deleted to comply with a legal obligation that falls to us under Union law or the internal law to which we are subject;

The right to delete personal data does not apply to the extent that the processing is necessary:

– to comply with a legal obligation that applies to us;

– for reasons of public interest in the field of public health;

– for establishing, exercising, or defending a right in court.

The right to restriction of processing

You have the right to obtain from us the restriction of processing if one of the following cases applies:

– you dispute the accuracy of the data, for a period that allows us to verify the accuracy of the data;

– the processing is illegal, and you object to the deletion of personal data, requesting instead the restriction of their use;

– we no longer need the personal data for the purpose of processing, but we are requesting the data for establishing, exercising, or defending a right in court; or

– you have objected to processing based on our legitimate interest, including profiling.

If processing has been restricted, personal data may, with the exception of storage, be processed only with your consent or for the establishment, exercise or defense of a right in court or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a member state.

The right to opposition

You can object, for reasons related to your particular situation, to the processing of your data on the basis of our legitimate interest or on the basis of the public interest.

You can also object to the processing of your data for direct marketing purposes, including profiling, at any time without giving any reason, in which case we will stop this processing as soon as possible.

The right to data portability

You can ask us to provide your personal data in a structured, commonly used, and machine-readable format, or request that it be transmitted directly to another data controller, only if:

– the processing is based on your consent or on the conclusion or execution of a contract with you; and

– the processing is done by automatic means.

Right to withdraw consent

The data subject has the right to withdraw his consent at any time.

The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent before its withdrawal.

The right to file a complaint

You have the right to submit a complaint, regarding the manner in which we process your personal data, to the National Authority for the Supervision of Personal Data Processing (dataprotection.ro).


Response time

The deadline for responding to requests is at most one month from the date of receipt of the request.

In the case of complex requests or a large number of requests, the deadline for responding to requests can be extended by another month, in which case the extension of the deadline for resolving the request is notified and justified within a maximum of one month from the date of receipt of the request.



Exercising your rights is free.

If the requests we receive are manifestly unfounded or excessive, in particular, due to their repetitive nature, we may:

(a) either charge a reasonable fee taking into account administrative costs for providing the information or communication or for taking the requested action;

(b) either refuse to comply with the request.


Modification of the Privacy Policy

We reserve the right to periodically update and modify this Privacy Policy, following changes in the way we process personal data or as a result of legal requirements.

Following such a change, the modified version of the Privacy Policy will be displayed on our website.

It is the responsibility of the website visitor to periodically check this page for an updated Privacy Policy.


Third-party Privacy Policy:

Google Privacy Policy

Facebook Privacy Policy

Pinterest Privacy Policy