PERSONAL DATA PROCESSING POLICY
IN THE CESIRO.COM ONLINE STORE
You trusted us by browsing and shopping in your family’s online store cesiro.com, and we thank you for that. “COMPANY”. assures you that it will process your data in an honest, transparent and informed manner, according to the changes and amendments brought by the General Regulation (EU) on the protection of the data of natural persons no. 2016/679 (“GDPR”).
This is why we have decided to inform you through this Personal Data Processing Policy (“Data Processing Policy” or “Policy”) regarding:
- Who are we?
- What is personal data?
- What data do we process about you?
- How do we collect and process your data?
- How long do we keep your data?
- Who do we share your data with?
- When do we transfer your data outside the European Union or EEA?
- What security measures do we provide to protect your data?
- What are your rights and options regarding the data we process?
We will have the same approach every time you visit us or shop in the Online Store.
This Data Processing Policy can be modified or updated at any time by Cesiro, when we consider that certain changes occur in the activities through which we process your data. We will publish on our website, www.cesiro.com, any such changes and inform you accordingly by e-mail.
- WHO ARE WE?
Marius Code Wnk SRL, legal entity of Romanian nationality, registered at the Trade Register under no. J01/690/2017, with unique tax registration code RO37707133 (“Marius Code Wnl” or “Operator” or “We”), is the operator of your data and the entity that provides you, through the Online Store, products from the categories: ceramic products , porcelain products, textiles, gifts, arrangements.Ne puteți contacta oricând la:
Address: Alba Iulia, Str. Olteniai, no. 17, Alba county
The “Company” has appointed a Personal Data Protection Officer. For any questions or concerns related to this Policy, the way the “Company” processes your data or your rights, you can contact us at the dedicated e-mail address email@example.com or at the postal address Alba Iulia, Str. Olteniai, no. 17, Alba county.
- WHAT DATA DO WE PROCESS ABOUT YOU?
What is personal data?
Personal data means any data or information that helps us to be able to identify you directly (for example, your name, first name) or indirectly (for example, depending on the profile we create to send you personalized offers). Certain information is less obvious (such as your shopping preferences and habits, the IP of your computer), but associated with your person, helps us to identify you and thus falls under the notion of “personal data”.
The policy of the “Company” is to collect and process only the data that is necessary for us to offer you the most pleasant experience when browsing/shopping on the website of the Online Store. In general, we process the following types of data about you:
- a) Name and surname;
- b) Email address;
- c) Delivery and billing address
- d) Telephone number;
- e) The general geo-location of the device from which you navigate authentically in the customer account;
- f) Information about the purchased products and services;
- g) The degree of use and your activities on the Online Store platform
- h) Interests and preferences related to the products in the Online Store.
Specifically, in the table below we have presented the personal data (“Data” or “Personal Data”) that we collect directly from you, that result from your interaction and that we or our partners track in order to providing the ordered products or to offer you various personalized offers, when you browse/shop on the Online Store website or when you use various devices (computer, tablet or mobile phone).
Data of minors.
The “Company” does not allow the processing of personal data of customers who have not reached the age of 18.
In the process of creating an account or placing an order in the Online Store, customers must confirm that they have reached the age of 18.
HOW DO WE PROCESS YOUR DATA?
The “Company” collects and processes your data to fulfill the orders you place and deliver the products you want, to improve your experiences in the Online Store, to provide assistance and support when you use the Online Store/customer account, or to- create a customer profile in order to send personalized offers (direct marketing).
We have detailed in the table below how we process your data, the purposes and the legal basis (legal basis) of the activities through which we process your data.
|For what purpose do we collect and process your data?||What data do we collect and how do we process it?||What is the legal basis for data processing?|
|What is the legal basis for data processing?|
|Creating your customer account||
We can create a customer account for you on the Online Store only if you provide us with the following personal data, either (a) in the process of your request to open a new customer account, or (b) as a result of placing an order, for the first time date, in the Online Store (and we, on this occasion, activate a customer account for you to be able to honor your order):
– name surname;
– phone number
Alternatively, you can create a customer account by logging into your Facebook, Google or Yahoo account using your email or phone number and password from that social network.
|Logging into the customer account||
We offer you the option to log into your customer account by logging into your existing Facebook, Google or Yahoo account (social network login). To log in, you are redirected to the page of your social network (Facebook, Google or Yahoo), where you can log in with your user data. Thus, your Facebook, Google, or Yahoo profile is linked to the customer account in the Online Store. After logging in, Facebook Inc., Google Inc., respectively Oath (Verizon) automatically send us the following information:
• The numerical ID for the social network;
• name and surname;
• username on Facebook, Google, or Yahoo;
• your user account has been verified (eg “confirmed”).
In addition, the operator of the social network service receives information about the connection of that account to our page. We store and use this data sent by Facebook, Google or Oath to be able to identify you as an authorized customer and offer you our services in the Online Store.
|Making purchases in the Online Store||
You can only make purchases if you have activated a customer account, place some products in the shopping cart and then place an order. You can make purchases on the Online Store website and through the messenger of your Facebook account (to which you log in from your Cesiro account) or through the Call Center service, after you have previously accepted the Terms and Conditions of the Online Store.
– Every time you place an order we will collect and process the following data:
a name and surname;
a delivery and billing address;
a phone number.
– When we confirm your order, or notify you that the products have arrived at the pick-up points, we will process:
o telephone number and, if applicable, e-mail address to inform you about the status of your order/delivery.
Execution of the contract
To be able to honor your orders, deliver the products to the indicated address/ deliver the products to the pick-up points, execute our warranty obligations associated with the products, or, as the case may be, make a product return.
|Payment of purchases/ refund of payment in case of product return/ order cancellation||
The details of the card you use for Stripe payment of purchases from the Online Store will not be accessible or stored by the “Company”, but only by the entity authorizing the transaction or by another entity authorized to provide storage services card identification data, about whose identity you will be informed, prior to the actual entry of the details of the card you use for online payment.
-“The company” only processes the following data that it sends to the online payment/transaction authorization partner:
• name surname;
• Order ID;
• transaction initiation date, completion date;
• Transaction ID;
• payment status (payment made/not made);
• the amount traded (if applicable).
– In case of returns/cancellation of the order, we collect and process:
· The IBAN and the bank where you opened the bank account, to refund your money payments for returned products/cancelled orders.
Execution of the contract
To ensure the necessary support for the processing by our partners authorized to mediate the payment of the products ordered by you
|Delivery of products to you||
– We deliver the products to the indicated address, through our couriers, with whom we strictly share the data necessary to deliver the products:
• name surname;
• delivery address;
• the value of the amount payable with cash on delivery (as applicable).
Execution of the contract
Fulfilling our obligations related to the management and delivery of products to the customer on the agreed terms and times
|Customer support and assistance||
– To be able to provide you with support regarding your customer account / the orders you place in the Online Store, we will identify you by confirming:
• name and surname;
• your email address and phone number;
• Order ID
– We may process, with your prior consent, your voice from the recordings of telephone conversations with you in order to respond to your assistance requests.
– We will process the same data in order to resolve your complaints.
Execution of the contract
Fulfilling our responsibilities /activities during the contract execution period
|Loyalty actions||The “Company” grants and allocates various discounts and benefits related to our loyalty actions (in the form of vouchers, discounts, etc.). You can view the vouchers you have benefited from at a given time in your customer account.||
Execution of the contract
For the purpose of carrying out our loyalty actions and offering commercial discounts in relation to you
|Promotional campaigns, contests, promotions and raffles||
For the online contests held on the cesiro.com website, we collect your e-mail address. We also organize contests on the official Facebook page of CESIRO.COM, where we collect, depending on the campaign, the following data necessary for your participation in the contest, respectively, for validating the winners through rando.org:
•nname and surname;
• e-mail address, or;
• Phone Number.
If you are a winner, we will mention your name and surname on CESIRO’s official Facebook page or on our website cesiro.com.
We mention that in the case of certain promotional campaigns or contests, the “Company” will disseminate your personal data, such as: name and surname, phone number and e-mail address with the collaborators of the respective promotional campaigns or contests in order to choose and communicate the winner/buyer of the product or in order to contact him to provide all information regarding the prize won/product purchased.
For the purpose of your participation in the contests organized by the “Company” and the awarding of the respective prizes
|Data we collect automatically|
|Creating customer profiles for direct marketing purposes||
Depending on your interactions and behavior on the Online Store website, we collect and process your data through our partners to create your customer profile in order to subsequently send personalized offers (“personalized offers”) through the chosen communication channels by you.
In order to profile, we process the following data:
· your name, surname, e-mail and/or postal address and mobile phone number;
· the history of your interactions with us on the Online Store website, respectively:
· which products you viewed, searched or ordered;
o which products you added to the shopping cart and later removed, ordered/bought;
o which orders you initiated and subsequently completed or canceled;
o what products have been delivered to you, have been paid for;
· your preferences when making purchases from the Online Store (which products you bought, at what date/time, how you made the payment);
· online identifiers obtained from the device used by you when browsing the Online Store website;
When you visit the Online Store website, log in to your customer account, or use our mobile application, we also collect with the help of cookies and data obtained from your computer, phone, tablet or other device used by you (“the device”) , information with which we can identify you online (“online identifiers”), and which we use for profiling for direct marketing purposes:
· IP address;
· The Internet browser you are using and the version of the device’s operating system;
· HHTP/HTTPS protocol data;
· Duration of your visit/activity on the Online Store website;
· The general location of the device (if geo-location is enabled) from which you connect to the Online Store website.
[Please note that most devices give you the option to disable geo-location services right from the settings of that device]
[“Cookies” – files that a server sends to your device, placed on the Online Store website or by downloading/using the mobile application The purpose and way we process cookies are detailed in the Cookies Policy, available on the Online Store website]
For profiling and the transmission of personalized offers through the communication channels you consent to (sms, e-mail, push-up notifications).
More details on how we do profiling for direct marketing purposes can be found below in the “Profiling” section. You have the right to object to profiling at any time.
|Online behavioral advertising||
Based on your browsing and behavior in the Online Store, monitored by cookies, we will provide you with online advertisements for some of our products that may interest you. Based on information about your browsing in the Online Store or in the mobile application, we will place you in an interest group with other similar customers, as well as browsing behavior and thus deliver you advertisements (banners) based on those interests.
For example, a “dishes” interest profile can be deduced from your data, by evaluating the products you have visited on the Online Store website, and in this way a cookie is placed on your device to classify you as someone interested of the “plates” category, and later you will receive some specially personalized advertising messages from the “plates” category.
For cookies that monitor your behavior in the Online Store.
If you do not wish to participate in cookie monitoring for the purpose of sending online advertisements (banners) based on your interests, you can refuse the setting of a cookie module in this sense by setting your browser which generally disables the automatic setting of modules cookies.
You can also disable cookies for the advertising services of a browser service provider (e.g. Google) by setting your browser so that the cookies of the respective domain are blocked.
Opting out of online behavioral advertising will not stop the display of general advertisements that are not individualized to your interests.
|Bidding based on custom audiences (on customer lists)||
With your consent, we will use your email address and mobile phone number to create encrypted customer lists (“hash data”), and then use the encrypted data from this list to match your (and other customers’) data from an interest group) with the data of people on Facebook, in order to transmit, on this channel, to your Facebook account, personalized offers through targeted advertising.
Facebook encodes the hash data, uploads it to the social platform and thus creates our audience, using this hash data exclusively for correlation with the data in your Facebook account, without sharing this data with third parties (or, other commercial advertising agencies) and will be deleted automatically by Facebook immediately after pairing.
When you create a lookalike audience, you choose a source audience (a custom audience created using a data partner, your pixel data, Cesiro Page fans), and Facebook identifies common traits of people in this audience (e.g. demographic information or interests). Facebook then finds people who have similar (or “similar”) traits to them. If the answer is yes, we will need to add a paragraph like the one below]
In addition, on the Online Store website we also use Facebook’s personalized audience services created with the help of your pixel data and data from your mobile application. With the help of this service offered by Facebook, We and Google can identify the fact that you clicked on our Facebook ad and were redirected to the Online Store website. The data collected with Facebook is used exclusively to compile statistics on the success and use of our advertising campaigns on Facebook.
For sending personalized offers on Facebook (by using the Custom Audiences service based on customer lists
|Maintenance and security of the Magazinul Online website||
We use the following online identifiers for the maintenance and security of the Online Store website:
· IP address;
· The internet browser you are using and the operating system version of the device you are connecting with;
· HHTP/HTTPS protocol data;
· The location of the device (if geo-location is enabled) from which you connect to the Online Store website.
Specifically, we process your data for:
· to ensure the proper functioning of the website, respectively:
· the correct display of the content of the Online Store website;
· retaining your login data (when you ask us to);
· improving the website of the Online Store;
· parameterization of the device from which you connect/authenticate to the requirements of the Online Store website.
· to ensure the security of the website and ensure that we protect you against fraud or any IT security breach regarding the Online Store.
· identifying and fixing faults that prevent the use of our website or your customer account.
Implementation, parameterization and maintenance of the security measures of the Online Store website
|Auditing and reporting||We process your data for the annual financial audit, as well as for the submission of tax and accounting returns to the tax authorities.||
Requirements legal provisions
To comply with the legal obligations imposed by the applicable legal provisions in fiscal and accounting matters
|Defense of rights in court||When we defend our rights in court for the recovery of sums owed, or when we protect our interests against unjustified claims/complaints, we will process your data necessary for the formulation of objections, written conclusions, requests and specific documents.||
Exercising any defenses/rights before the courts, or public/control authorities or institutions
|Proceedings and investigations of authorities and/or judicial bodies||Exceptionally and in accordance with the law, we will provide the following data to the competent authorities and institutions, as part of formal procedures/investigations or other steps provided for by law, according to the procedure provided for by law: name, surname, address, e-mail, telephone . The “Company” documents any such actions for you.||
Requirements legal provisions
To comply with the specific legal obligations imposed by the applicable legal provisions on protection against fraud, money laundering and terrorism.
|Data we collect from other sources|
|Browsing social networks||If you like us on Cesiro’s Facebook page or if you log in to your customer account with your Facebook address and password, we will receive this data without using it other than to be able to communicate with you and possibly to send you some personalized offers through your Facebook account based on custom audiences.||
Sending personalized offers on
Facebook (by using the Custom Audiences service based on customer lists)
PROFILING FOR DIRECT MARKETING PURPOSES
When we send you personalized offers through direct marketing channels (sms, e-mail) we may use certain “profiling techniques” respectively, a way of automatic processing of your data consisting in particular of the analysis and interpretation of your personal data necessary to evaluate or foresee some aspects related to your preferences, interests when shopping in the Online Store. For profiling purposes, the “Company” does not process sensitive data regarding sexual orientation, religious beliefs or political affiliations.
Your personal shopping behavior and preferences emerge from your history of visits and/or purchases in the Online Store, your use of the mobile application, your financial situation resulting from the purchases you make, and other personal interests that you you have provided us, shared interests with other customers.
Specifically, the “Firm” creates your customer profile as follows:
- based on your browsing behavior on the website, products viewed, products added to the cart;
- based on demographic data: age, city;
- based on purchase history and monetary value.
We collect your data when profiling from sources such as: our website cesiro.com and the advertising service providers we collaborate with.
We use profiling to communicate and present personalized promotional offers to you in a way that is relevant and useful to you.
We will be able to offer you the possibility to modify your marketing preferences directly in your customer account on cesiro.com, at any time after your registration as a “Company” customer, indicating this option in your customer account.
You can object to profiling for direct marketing purposes, on any of the communication channels to which you have previously consented, by withdrawing your consent to unsubscribe from a specific communication channel for which you have previously opted. See the “Your Rights and Options” section below for more details.
HOW LONG DO WE KEEP YOUR DATA?
The “Company” processes your data for the period necessary to fulfill the purposes for which they were collected and according to our personal data retention policies. In certain cases, some legal provisions may require or allow us to retain data for a longer period.
- The data retention period mainly depends on the following: for what period we need your data to offer you the requested products and fulfill our obligations towards you and for the purposes mentioned above in this Policy;
- if you have an open customer account on the Online Store website. In this case, we will keep your data as long as this customer account is active, but not more than 5 (five) years from the date of the last account login or the last order in the Online Store (without account login); we will notify you before closing your customer account and deleting all data associated with that customer account;
- if you have given your consent for data processing for a longer period, we will keep the data for this entire period, unless you withdraw your consent in the meantime;
- legal or contractual obligations require us to keep your data for a certain period of time (for example the periods prescribed by law to defend our rights in court).
We will keep your data only as long as you have a customer account and/or continue to shop in the Online Store. If you deactivate your customer account from the Online Store and expressly ask us to delete it completely, the data associated with your customer account will be deleted or anonymized so that you can no longer be identified in our data record systems, unless we are require us to keep your data for a longer period, based on the law or our legitimate interest.
In this way we will ensure you full control over your personal data. We will collect and process your data again if you provide it to us again on the Online Store website.
For the purposes for which you have given us your consent to process data, highlighted in the table above, we will process your data in relation to that purpose until you withdraw your consent to processing for that purpose, unless we are required to maintain these data for a longer period according to the law, for reports to public authorities, or to defend our rights in court.
We inform you that we rely on your consent when we process your data to send you:
- personalized offers based on online behavioral advertising;
- personalized offers based on the profiling we do for the purpose of direct marketing, through the communication channels sms, email;
- offers based on custom audiences (customer lists) in Facebook.
*Consent – means your free, specific and informed consent whereby you unequivocally accept that your data will be processed by Us for the purpose for which you consent. In the Online Store you can express your consent by ticking the relevant box associated with the purpose and means of processing specified in this Information Note.
WHO DO WE SHARE YOUR DATA WITH?
Your personal data may be transferred to and processed by our trusted partners in order to provide you with products
In order to provide you with the products ordered in the Online Store, we will share your data with our trusted partners. We very carefully select the partners and suppliers who carry out, on our behalf, operations supporting our activity. We share with them only the personal data necessary to carry out the specific activities we entrust to them.
When we outsource certain activities to our trusted partners we make all reasonable efforts to check in advance that they ensure the protection of your data through strict data security measures and we will enter into data processing contracts with each.
More specifically, we transmit some data to third parties (our suppliers and partners) to perform the functions and services necessary to operate the Online Store activities, such as:
- the supplier that provides us data storage services on external servers located in Romania;
- the provider of communications and e-mail transmission services located in the USA, it ensures an adequate level of data security through standard contractual clauses approved by the European Commission, thus the transfer of personal data is carried out by implementing appropriate guarantees, achieving a high level of data protection for consumers
- the mobile phone service provider that helps us keep in touch with you, located in Romania;
- third-party couriers authorized by us to deliver the products purchased by you (Fan Curier, Cargus, Sameday);
- payment processors that are authorized by us to mediate payments (Stripe);
- the agency that provides customer segmentation and profiling services for marketing purposes, located in Romania. It ensures an adequate level of data security through standard contractual clauses approved by the European Commission, thus the transfer of personal data is carried out by ensuring adequate guarantees, implementing a high level of data protection for consumers.
We also share your data with our partners for marketing purposes
In order to provide you with products tailored to your interests and preferences, we process certain data with some partners who help us to address you with personalized offers, such as: (i) data processing through the Facebook platform to send you personalized offers through targeted advertisements with the help of the custom audiences feature on customer lists, or (ii) data processing to send you personalized offers based on online behavioral advertising run with Google AdWords. How Facebook or Google processes your data is presented in the table in this Data Processing Policy.
Transmission of data to authorities and public institutions or judicial bodies
We may pass on some of your personal data to competent public authorities or institutions, when required by law (e.g. fraud investigation; money laundering prevention; filing of declarations, financial statements with tax authorities, etc.), or we may pass this data to judicial courts when when we defend ourselves in court, or in front of other public authorities.
Access of auditors and consultants
If we decide in the future to dispose of the shares or the business of the “Company”, we will provide access or transmit to the auditors and consultants of the potential buyer(s) the data of our customers for the audit necessary for the purchase of the shares/business. For this purpose, we will ensure that any potential buyer will follow and implement the necessary security measures for the protection of your data, and the parties will sign a data processing contract in advance for the purpose of the transaction.
WHEN DO WE TRANSFER YOUR DATA OUTSIDE THE EUROPEAN UNION OR EEA?
As a rule, your data is not stored in a country outside the European Union or the European Economic Area (“EEA”).
However, some data may be transferred to our partners who help us operate the activities of the Online Store and are located outside the European Union. However, with each of these partners we have made reasonable efforts to ensure that adequate data protection measures are in place.
If we transfer your data to other partners/suppliers of the “Company” located in countries that do not ensure an adequate level of protection of the transmitted data, we undertake to take all the necessary measures to ensure that those partners/suppliers comply with the terms and conditions established in this Policy. These measures may additionally include the implementation of data protection standards (e.g. ISO 27001), standard contractual clauses adopted by the European Union Commission, as well as direct control systems of these mechanisms.
HOW DO WE ENSURE THE SECURITY OF YOUR DATA?
The “Company” ensures the necessary technical and organizational measures for the collection, processing and safe keeping of data, including against unauthorized access, unauthorized use of data, or destruction, loss or alteration of data. We are committed to keeping your personal data secure and take all reasonable safeguards to do so.
We implement systematic processes for training the people responsible for IT security and for monitoring and auditing the security of IT systems and infrastructure according to the internal policies of the “Company”.
In addition, we make all reasonable efforts to ensure (including through contracts with them) that our trusted partners also manage appropriate technical and organizational measures for the processing of the data we share with them.
WHAT RIGHTS AND OPTIONS DO YOU HAVE REGARDING YOUR DATA?
We want to make sure that at all times you have full control over your data and that you can effectively exercise your rights and options that you have under the GDPR.
To ensure that you have effective control over your data, we inform you that you have the following possibilities based on the technologies available to you:
- you can manage from the customer account the direct access, rectification or deletion of some data available in your customer account in the Online Store;
- you will be able to delete cookies or browsing history from the settings of the Online Store website; in addition, you can choose to change the settings of the browser you use so as to restrict the tracking by cookies of your behavior in the Online Store (however, these restrictions may affect your browsing experience in the Online Store);
- social media platforms and search engines (e.g. Google or Facebook) give you the possibility to manage various options regarding how you choose to process your data.
In addition to these options, the GDPR gives you, as a data subject, the rights described below. Before complying with any request regarding your rights, we will ensure that you are the owner of the data regarding which you choose to exercise these rights, and for this purpose we may request some information/data to verify your identity, or we may request more many details about your request. We may keep the correspondence we have with you to ensure we keep track of your rights requests and responses.
The right to be informed. You have the right to receive clear, transparent, easily understandable and easily accessible information about how we process your data, including details of your rights as a data subject. This information about the data, the purpose and the way we process your data is also included in this Policy.
Right of access to data. You have the right to access the data we process about you, without charging any kind of fee for the first data supplies. If you require copies of data already provided, we may charge a reasonable fee taking into account the administrative costs of providing the data. We will have the right to refuse excessive or repeated and unreasonable requests.
To exercise your right of access, you can send us your request by:
The right to data rectification. If you identify that your data that we process is incorrect, incomplete or inaccurate: you can send us a rectification request to the e-mail address firstname.lastname@example.org
The right to object to direct marketing (including profiling for direct marketing purposes). You can always object to and unsubscribe from our direct marketing communications at any time. You can do this easily by clicking the “unsubscribe” link in any email we send to you or from your account in the “Account Settings” section.
In addition, you can opt to withdraw your previously expressed consent for the transmission of personalized offers based on profiling through the same channels through which we communicate these offers to you, namely: email, sms or push-up notifications.
Withdrawal of consent (by unsubscribing or written request) does not affect the legality of processing based on consent prior to its withdrawal.
The right to object to processing based on legitimate interest. You can object at any time to any data processing when such processing is based on our legitimate interest. See the section “What is the legal basis of data processing?” from the table above to identify situations where our processing is based on our legitimate interest. You can exercise this right in writing by sending a written request to the e-mail address: email@example.com
The right to data deletion (the right to be forgotten). You have the right to ask us to delete your data in any of the following situations:
a) the personal data are no longer necessary to fulfill the purposes for which we previously processed them;
- b) you withdraw your consent on the basis of which we processed your data and there is no other legal basis on which we can base a future processing;
- c) you object to data processing when we process data for direct marketing purposes (including profiling for direct marketing purposes);
- d) you object to data processing based on our legitimate interest and we cannot demonstrate that we have legitimate reasons that justify the processing and that prevail over your interests, rights and freedoms;
- e) personal data are processed contrary to the law;
- f) personal data must be deleted to comply with our legal obligations. This is not an absolute right. We may refuse your data deletion request if: (i) we are required to comply with legal obligations to retain the data; or (ii) if the data is necessary for us to establish, exercise or defend our legal rights. You can exercise this right in writing by sending a written request to the e-mail address: firstname.lastname@example.org.
The right to restrict processing. You have the right to obtain from us the restriction of data processing in one of the situations described below.
(a) the accuracy of the data is contested by you (data subject), for a period that will allow us to verify the correctness of the data;
(b) the processing of the data is illegal and you (the data subject) object to the deletion of the data and request us to restrict the processing of this data;
(c) we no longer need your data, but they are requested by you (the data subject) to establish, exercise or defend legal claims;
(d) you (the data subject) raise some objections to the data processing based on our legitimate interests, based on the verification that the legitimate reasons of the controller outweigh those of the data subject (i.e. yours).
You can exercise this right in writing by sending a written request to the e-mail address: email@example.com
The right to portability. When we process your data on the basis of consent or performance of the contract, and automatically, you will have the right to request the transfer of your data: (a) to you or (ii) to another operator indicated by you. The second situation assumes that you have the option to ask us to transfer the data associated with the customer account to another data controller (e.g. to an operator who manages another online store website). More specifically, you will only be able to request the porting of personal data from those that you have directly and actively provided to us (excluding any data derived or created/developed by the “Company”, such as, for example, a customer profile) . You can exercise this right in writing by sending a written request to the e-mail address: firstname.lastname@example.org. We will transmit your requested data as specified here in a structured and reusable data format (e.g. XML, JSON, CSV format).
The right to make complaints to the supervisory authority. You have the right to lodge any complaints with the European Data Protection Supervisor (“EDPS”) about how we process your personal data. However, we hope that you will decide to talk to us first, before making any complaints to the EDPS. The protection of your data is very important to us and we will take all necessary measures to resolve any issues regarding the control and security of your data. You can also address various questions to the EDPS, the data protection supervisory authority in the EU. You can find some guides and guidelines on your rights on the authority’s website https://edps.europa.eu/_en.
DATA PROTECTION QUESTIONS AND REQUESTS
The “Company” is at your disposal for any concerns, clarifications or any details you need regarding this Data Processing Policy.
You can also contact us for any suggestions or comments related to this Policy or how we collect and use your data, at the DPO contact details below.
The “Company” has appointed a Data Protection Officer whom you can contact regarding any aspect regarding the processing of personal data, at the following contact details:
Responsible for Data Protection
Address: Alba Iulia, Str. Olteniai, no. 17, Alba county
WHEN THIS POLICY IS UPDATED
This Data Processing Policy is subject to changes and is supplemented with the other specific policies of the “Company”, namely: (a) Data processing policy through CCTV systems and (b) Cookies policy, available on the Store’s website Online