Privacy policy

Privacy Policy

 

Data protection is a matter of great importance to us. The use of our website is possible without providing personal data; however, if someone wishes to use our services through the website, processing personal data may become necessary. If the processing of personal data is required and there is no legal basis or contract for such processing, we generally obtain the consent of the data subject.

The processing of personal data such as name, address, email address, IP address, location, or phone number must be carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with data protection laws specific to each country. Through this data privacy policy, we would like to inform you about the nature, purpose, and legal basis for the processing of personal data and the rights you have.

To comply with the provisions of the GDPR, we have implemented numerous technical and organizational measures designed to ensure the most complete protection of personal data processed through this website. However, the transmission of data over the internet may, in principle, have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us through alternative means, such as by phone or in writing.

Definitions

Our data protection policy uses the terms employed by the European legislator in the adoption of the GDPR. We aim for our data protection policy to be readable and easily understood by everyone. To achieve this, we first explain the terminology used.

In this data protection policy, we use the following terms:

a) Personal Data

Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or one or more specific physical, physiological, genetic, mental, economic, cultural, or social factors of that person.

b) Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller or processor.

c) Processing

Processing means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing

Restriction of processing means marking stored personal data with the aim of limiting their processing in the future.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the performance of the person at work, economic situation, health, personal preferences, interests, behavior, location, or movements.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures to ensure that personal data cannot be attributed to an identified or identifiable person.

g) Controller

The controller is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of processing personal data.

h) Processor

The processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

i) Recipient

The recipient is a natural or legal person, public authority, agency, or another body to whom personal data is disclosed, regardless of whether they are a third party or not. However, public authorities that may receive personal data in the context of a particular inquiry, under Union or Member State law, are not considered recipients.

j) Third Parties

A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, or processor who, under the authority of the controller or processor, is authorized to process personal data.

k) Consent

Consent of the data subject means any specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or a clear affirmative action, signify agreement to the processing of personal data relating to them.

Principles Governing Our Privacy and Personal Data Processing Policy

  • Lawfulness, fairness, and transparency: Personal data shall be processed lawfully, fairly, and transparently in relation to the data subject.
  • Purpose limitation: Personal data shall be collected for specified, legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data minimization: Personal data shall be adequate, relevant, and limited to what is necessary for the purposes for which they are processed.
  • Accuracy: Personal data shall be accurate and kept up to date.
  • Storage limitation: Personal data shall be stored in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed.
  • Integrity and confidentiality: Personal data shall be processed in a manner that ensures appropriate security of the data.
  • Accountability: The controller shall be responsible for and be able to demonstrate compliance with all the principles.

Contact Information of the Data Controller

SC BENEDETTO FASHION DESIGN SRL

  • Postal Address: 54 Splaiul Independentei, Bucharest, Romania, 060024
  • Phone: +40755961232
  • Email: contact@benedetto.ro
  • Website: www.benedettoatelier.com

Cookies

Our website uses cookies. Cookies are text files that are stored in a computer system via an internet browser. Many internet pages and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that allows the websites and servers to recognize the browser in which the cookie was stored. This enables websites and servers to differentiate the individual browser of the data subject from other browsers that contain other cookies. A specific browser can be recognized and identified by the unique cookie ID.

By using cookies, we can offer users of this website a more user-friendly service that would not be possible without the use of cookies. For example, cookies allow us to recognize users of the website, making it easier for them to navigate the site. Users don’t have to enter access data each time they visit the site, as the data is already retrieved and stored in the user's system.

The data subject can, at any time, prevent the use of cookies by setting the respective option in the internet browser. In addition, cookies already set can be deleted at any time via the internet browser. However, if cookies are disabled, some functions of the website may not be fully usable.

Data Collection and General Information

Our website collects a range of data and general information when a user or an automated system requests it. This data is stored in server log files. The data collected may include:

  1. Types and versions of browsers used;
  2. The operating system used;
  3. The website from which a system accesses our website (the so-called referrer);
  4. The date and time of access;
  5. The Internet Protocol (IP) address;
  6. The Internet service provider of the accessing system;
  7. Any other data similar to this that could be used in the event of attacks on our information technology systems.

These data are necessary for:

  1. Ensuring the correct provision of the website content;
  2. Optimizing the content of the website;
  3. Ensuring the long-term viability of our IT systems;
  4. Providing authorities with the necessary information for an investigation in the case of a cyber attack.

Contact through the Website

Our website enables rapid electronic communication and direct contact with us through an email address. If a data subject contacts us via email or through a contact form, the personal data transmitted are stored automatically. Such personal data transmitted voluntarily by data subjects are stored for the purpose of processing or contacting the data subject. Personal data will not be transferred to third parties.

Automatic Deletion of Personal Data

We process and store personal data of data subjects only for the period necessary to fulfill the purpose for which they were collected, unless a longer storage period is required by national or European legal norms.

When the purpose of the data collection has been achieved, or when the storage period has expired, personal data will be automatically deleted in accordance with legal requirements.

Rights of Data Subjects

  • Right to be informed: You have the right to be informed about what happens to your personal data, how they are used, and to access, modify, or withdraw your consent regarding certain organizations.
  • Right to access: You can request information regarding your personal data, such as whether they are processed, where they come from, who processes them, and for how long they are stored.
  • Right to rectification: You have the right to request the correction of any inaccuracies in your personal data.
  • Right to be forgotten: You have the right to request the deletion of your personal data, except in cases where the data is required for legal obligations or public health.
  • Right to restrict processing: You can request a restriction on the processing of your personal data in certain circumstances.
  • Right to data portability: You have the right to transfer your data to another provider.
  • Right to object: You have the right to object to the processing of your personal data.