Privacy Policy
We process your data in full accordance with Regulation (EU) 2016/679 (" General Data Protection Regulation " or " GDPR "), as well as with any other legislation applicable on the territory of Romania.
By publishing this Privacy Policy, we want to inform you transparently about how we collect, use, transfer and protect your personal data when you interact with us through our website.
To reflect any changes to the way we process your personal data or any changes to legal requirements, periodic updates and changes to this Privacy Policy will be published on this page.
What categories of personal data are processed?
We generally collect your personal data directly through forms published on our website, so you have control over the type of information you provide to us.
For example, when you send us a message via the contact form, you provide us with information such as: first and last name, email address, phone number, etc.
We may also collect and further process certain information about your behaviour while visiting our site, in order to personalise your online experience. According to our Cookie Policy, we may store and collect information in cookies and similar technologies.
We do not collect or otherwise process sensitive data, which are included in the General Data Protection Regulation as special categories of personal data. We do not wish to collect or process data from minors (under 16 years of age).
Purpose of data processing
We use your personal data as follows:
1. To improve our services
In order to provide you with the best online browsing experience on our website, we may collect and use certain information about your activity on the website. We rely on our legitimate interest to conduct business activities, while taking care to respect your fundamental rights and freedoms.
2. For marketing activities
To keep you informed about the best offers for the products/services you are interested in, we may send you emails with general and thematic information, offers or promotions, as well as market research or opinion polls and we may display personalized recommendations on our site. For this purpose, we may use certain data about your activity on our site to create a profile for you.
We always ensure that these processing operations are carried out in accordance with your rights and freedoms and that decisions made based on them do not significantly affect you.
In most cases, we base our marketing communications on your prior consent, which you can later withdraw by using the unsubscribe link displayed at the end of the emails you receive from us or by direct contact (mail, telephone or email).
3. To protect our legitimate interests
In certain situations, we will use or share information to protect our rights and business. These include:
Various measures to protect the website and its users against cyber attacks.
Measures to prevent and detect fraud attempts, including the transmission of information to the competent public authorities.
Measures to manage various other risks.
In certain cases, we base our processing on legal provisions such as the obligation to ensure the security of goods and valuables provided for by applicable legislation in this regard.
How long do we keep your personal data?
We will store your personal data for the period necessary to maintain good communication with you. You can request the deletion of certain information at any time and we will comply with these requests. We retain certain information in situations where applicable law or our legitimate interests require it.
To whom do we share your personal data?
Where appropriate, we may transmit or provide access to certain of your personal data to various categories of service providers (courier, payment/banking services, marketing, market research) or other companies with whom we can develop joint programs to market our goods and services.
We may also disclose certain personal data to public authorities, if we are required to do so by law or if it is necessary to defend our legitimate interest.
We ensure that access to your data by third parties, legal entities under private law, is carried out in accordance with the legal provisions regarding data protection and confidentiality of information, based on contracts concluded with them.
To which countries do we transfer your personal data?
We currently store and process your personal data on the territory of Romania.
However, we may transfer certain of your personal data to entities located in the European Union or outside the Union, including in countries that the European Commission has not recognized as having an adequate level of protection for personal data.
We take all measures to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests. Data transfers will always be protected by contractual commitments and, where appropriate, other safeguards. To find out more about the countries to which we transfer your data, you can contact us at any time.
How we protect the security of your personal data
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to industry standards.
Despite the measures taken to protect your personal data, we do not assume responsibility for vulnerabilities in systems that are not under our control. The transmission of information over the Internet is not completely secure, and there is a risk that the data may be viewed and used by unauthorized third parties.
What rights do you have?
The General Data Protection Regulation provides the following:
You can request access to your data, correction of any errors in our files and/or object to the processing of your personal data.
You have the right to complain to the competent supervisory authority or to seek legal action, as well as the right to request the erasure of your personal data, the right to restriction of the processing of your data and the right to data portability.
To exercise your rights, you can contact us using the contact details published on the contact page. We aim to respond to any valid requests within a maximum of 30 days, unless this is particularly complicated or if you have made multiple requests, in which case we will respond within a maximum of 60 days.
Access
You can ask us to confirm whether we are processing your personal data, as well as to provide you with a copy of it and to present to you the data we have, what we use it for, to whom we disclose it, whether we transfer it abroad and how we protect it, how long we keep it, what rights you have, how you can make a complaint, where we obtained your data, to the extent that the information has not already been provided to you through this information.
Rectification
You may ask us to rectify or complete your inaccurate or incomplete personal data. We may verify the accuracy of the data before rectifying it.
Data deletion
You can ask us to delete your personal data, but only if:
- are no longer necessary for the purposes for which they were collected;
- you have withdrawn your consent (if the data processing was based on consent);
- they have been processed illegally;
- exercise a legal right to object;
- we have a legal obligation to do so.
We are not obligated to comply with your request to delete your personal data in all circumstances. The most likely situations in which we may refuse your request are:
- for compliance with a legal obligation;
- for the establishment, exercise or defense of a right in court.
Restriction of data processing
You can ask us to restrict the processing of personal data only if:
- their accuracy is contested (see Rectification section), to allow us to verify their accuracy;
- they are no longer necessary for the purposes for which they were collected, but you need them to establish, exercise or defend a right in court;
- the processing is unlawful, but you do not want the data to be deleted;
- you have exercised your right to object, and the verification of whether our rights prevail is ongoing.
We may continue to use your personal data following a restriction request if we have your consent, or to establish, exercise or defend a right in court or to protect the rights of Integral Design or another natural or legal person.
Data portability
You can ask us to provide your personal data in a structured, commonly used and machine-readable format, or you can request that it be ported directly to another data controller, provided that the processing is based on your consent or on the conclusion or performance of a contract with you and is done by automated means.
Opposition
You can object to the processing of your data at any time if you consider that your fundamental rights and freedoms override our legitimate commercial interest.
You can also object to processing for direct marketing purposes (including profiling) at any time, without giving any reason, in which case we will cease such processing as soon as possible.
Automatic decisions
You may request not to be subject to a decision based solely on automated processing when that decision:
- produces legal effects regarding you;
- affects you in another similar way and to a significant extent.
This right does not apply if the decision reached as a result of automated decision-making:
- it is necessary for us to enter into or perform a contract with you;
- is authorized by law and there are adequate safeguards for your rights and freedoms;
- is based on your explicit consent.
Complaints
You have the right to file a complaint with the National Supervisory Authority for Personal Data Processing regarding the processing of your personal data, but we recommend that you contact us in advance and we assure you that we will make every effort to resolve any issue amicably.
We are always open to hearing your opinions and providing you with any additional information you may need regarding the processing of your data. We invite you to contact us using the contact details published on the dedicated page.