The new European Union law on the protection of personal data entered into force on May 25, 2016 and takes effect as of May 25, 2018. This law is the biggest change in personal data protection over the last 20 years and has objectives that go far beyond the mere protection of the private space.
The protection of your personal data is important to us, therefore we pay special attention to protecting the privacy of the visitors to our website www.floria.ro in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council from April 27, 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (hereinafter referred to as GDPR).
Please pay special attention to reading the following Policy (hereinafter referred to as “DPP”) to understand how your information will be treated. ("personal data”).
DPP explains the practices of FLORIA regarding the application of GDPR provisions, as well as the rights you receive in relation to how your information is processed by our site FLORIA.
The processing of personal data by FLORIA will always be done in accordance with the GDPR provisions as well as with the personal data protection regulations specific to each country in which FLORIA operates.
By DPP, FLORIA wishes to inform the visitors about the nature of the personal data we collect and process, as well as about the purposes of the processing. In addition, our site visitors are informed via DPP also about their rights.
WHO ARE WE?
We are FLORIA DIGITAL S.R.L. company with its registered office in Sos. Pipera, no. 4, floor 2, district 1, Bucharest, Trade Register number J40/15890/2019 and unique registration code RO41927820. Our main field of activity, "Retail sale via mail order houses or via internet" according to NACE code 4634, and our legal representatives are the administrator Arsene Alexandra Florina.
WHAT ARE PERSONAL DATA?
"Personal data" means any piece of information or information that can identify you directly (for example, your name) or indirectly (for example, by pseudonymous data such as a unique identifier). This means that personal information includes things such as the email address, home adress, mobile phone, username, profile photos, personal preferences and shopping habits, user-generated content, financial information and financial status information.
This could include unique numeric identifiers, such as your computer’s IP address or MAC address of your mobile device, as well as cookies.
WHAT DOES PERSONAL DATA PROCESSING MEAN?
“Processing” means any operation or set of operations performed on personal data or on sets of personal data with or without the use of automated means such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
PERSONAL DATA OPERATOR
The personal data operator (hereinafter referred to as the “operator”) is FLORIA DIGITAL S.R.L. (FLORIA).
DATA PROTECTION OFFICER (DPO)
FLORIA, as operator, appointed Mrs. Oprea Mădălina, as officer in charge of personal data protection (hereinafter referred to as “DPO”), having the obligation to verify the compliance with GDPR provisions in the data processing operations performed by the operator and to represent the operator in relation to the data subjects and the Supervisory Authority.
The Persons concerned have the opportunity to address the DPO directly at any time on any matter related to this PPD using the contact details below:
DPO name: Oprea Mădălina
DPO e-mail: email@example.com
DPO mailing address: Bucharest, district 1, 9 Transilvaniei street.
WHICH OF YOUR PERSONAL DATA DO WE PROCESS?
FLORIA will collect information or data that allow the identification of individuals (name, address, telephone number, e-mail address). These are necessary in order for the payment processors to be able to collect the value of the orders and to deliver the ordered products to you. Also, www.floria.ro website will collect the IP address as traffic data.
*PRINCIPLES ON DATA PROCESSING *
FLORIA undertakes to comply with the principles of personal data protection (hereinafter referred to as the "Principles") set out in the GDPR to ensure that all data are:
Processed in a fair, legal and transparent manner;
Collected for specified, explicit and legitimate purposes;
Adequate, relevant and limited in relation to the purposes for which they are processed;
Correct and updated;
Kept in a form which makes it impossible to identify the data subjects longer than is necessary in relation to the purpose of the processing;
Processed in accordance with the rights of the data subject in a manner that ensures adequate processing security so that the data are complete, confidential and available.
GROUNDS AND PURPOSES OF PERSONAL DATA PROCESSING
For the purpose of concluding and executing contracts - According to art. 6 par. 1 lit. b) from GDPR, personal data may be processed for the purpose of concluding or executing the contract. In order to be able to offer you our products and services, we need to process the personal data that you hold.
For the purpose of fulfilling legal obligations - According to art. 6 par. 1 lit. c) GDPR, personal data for the purpose of fulfilling legal obligations may be processed. We request a series of personal data, including, in some cases, the Personal Code, in order to fulfill our obligations imposed by tax authorities on invoicing and reporting to tax authorities.
For marketing purposes - According to art. 6 par. 1 lit. a) GDPR, personal data may be processed if the data subject has given his/her consent to the processing of his or her personal data for one or more specific purposes.
If you have subscribed to the FLORIA Newsletter section, your personal data will be used exclusively for the purpose of sending you marketing information about FLORIA products and services about offers and / or promotions, news, future campaigns, invitations at various events held by FLORIA in a certain period.
Your personal data will be deleted immediately when you unsubscribe from the FLIRIA Newsletter section.
You can unsubscribe at any time via the link attached to the Newsletter received or by a written request addressed to the Data Protection Officer of FLORIA.
FLORIA reserves the right to select the persons to whom it will send newsletters and / or alerts as well as the right to remove from its database any Member or Client who has previously expressed consent to receive newsletters and / or alerts, without any a subsequent commitment from FLORIA or any prior notification thereof.
*DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES *
Personal Data processed by FLORIA may be disclosed and/or transferred to third parties only in the case of your express consent to do so, unless there is a legal/contractual obligation for FLORIA to proceed in this manner.
Please be advised that it is possible under certain circumstances to disclose your personal data to partners with whom FLORIA collaborates and/or to other third-party service providers of FLORIA.
Third parties who have access to data are delivery companies, payment processors, email marketing services.
DATA PROCESSING BY THIRD PARTIES, OTHER SITES AND SPONSORS
The www.floria.ro website may at any time contain access links to other sites whose data processing policies may differ from those of FLORIA.
Please consider and consult the personal data protection policies of the other sites, FLORIA not assuming responsibility for the information sent or collected by these third parties.
AUTOMATIC DATA PROCESSING. COOKIE
DATA STORAGE PERIOD
FLORIA may keep the processed data for different periods of time deemed reasonable for the purposes indicated above. We only retain your data for the period necessary to achieve the purpose for which we hold the data, to meet your needs or to fulfill our obligations under the law.
In order to know how long your data can be stored, we use the following criteria:
THE RIGHTS OF THE DATA SUBJECTS
Under the GDPR, you have a series of rights with respect to the personal data that FLORIA processes:
The right of access to processed data - You have the right to access the personal data we hold. The first information will be provided without any charge. If you will need copies of the information already provided, we may charge a reasonable fee, taking into account the administrative costs of providing the information. The manifestly unreasonable, excessive or repeated requests may not be answered.
The right to modify data - You may request that your data be modified if inaccurate or obsolete and/or filled in if incomplete. If you have an account, it can be easier to correct your own data using the "My Account" feature.
The right to delete data (“the right to be forgotten”) - In some cases, you have the right to obtain the deletion or destruction of your data. This is not an absolute right, because sometimes we may be forced to keep your data for legal reasons.
The right to restrict the processing - You may request that you limit the processing of your data. This means that your data processing is limited so we can keep the data, but not use or process it. This right applies in the specific circumstances provided for in the General Data Protection Regulation, ie:
The right to data portability - You may move, copy or transfer the data you are interested in from our database to another. This applies only to the data you have provided when the processing is based on your consent or contract and is implemented by automated means.
The right of opposition - You may oppose at any time the processing of your data when such processing is based on a legitimate interest.
The right to withdraw consent at any time - You may withdraw your consent to the processing of your data when such processing is based on consent. The withdrawal of the consent does not affect the lawfulness of processing on the basis of consent prior to its withdrawal.
The right to file a complaint with the competent supervisory authority - You have the right to complain to the data protection authority of your country of residence or domicile to challenge the data protection practices offered by FLORIA.
The right to oppose the processing of your data for direct marketing purposes - You may unsubscribe from or opt out of our direct marketing communication at any time. It's easier to do so by clicking the "unsubscribe" link in any email or communication we send you.
The right to oppose the processing of your data by us when conducting actions in the public interest or in our legitimate interests or that of a third party - You may at any time oppose the processing of your data when such processing is based on a legitimate interest.
Right to disable cookies – You have the right to disable cookies. Settings in internet browsers are usually programmed by default to accept cookies, but you can easily adjust them by changing your browser settings. Many cookies are used to increase the usability or functionality of web sites / applications; therefore, disabling cookies may prevent you from using certain parts of our sites or applications, as detailed in the relevant Cookie table. If you want to restrict or block all cookies set up by our websites / applications (which may prevent you from using certain parts of the site) or any other sites / applications, you can do so through your browser settings. The Help feature in your browser will tell you how. For more information, see the following links: http://www.aboutcookies.org/.
You may exercise any of these rights with respect to the personal data that FLORIA processes by submitting a simple request to the FLORIA DPO. In such a situation, it is very possible to request proof of your identity.
We access, keep and provide your information to regulatory authorities, law enforcement or other entities:
In response to a legal request, when we believe in good faith that the law requires us to do so. We may also respond to legal claims when we consider in good faith that the response required by the laws of that jurisdiction affects users in that jurisdiction and complies with internationally recognized standards.
When we believe in good faith that it is necessary to: detect, prevent and respond to acts of fraud, unauthorized use of any material belonging to us, violations of our terms or policies or other harmful or unlawful activities, to protect us (including our rights, property or materials), yourself and others, including within investigations or inquiries by regulatory authorities, or to prevent imminent death or injury. For example, if relevant, we provide information to and receive information for third partners about the reliability of your account to prevent fraud, abuse and other harmful activities inside and outside of our materials.
The information we receive about you may be accessed and stored for a longer period of time when you are subject to a legal, justice matter, governmental inquiry or investigation into possible violations of our terms or policies, or in other cases to prevent damage.
RELATIONS WITH OTHER OPERATORS
Depending on the context, we may find ourselves in the situation of the absolute need to provide information at a higher level, both globally and internally or externally, to our partners and to those with whom we transfer GDPR data in the virtue of providing the most professional services possible. Information controlled by FLORIA may be transferred, transmitted or stored and processed in the EU or in countries other than the country where you live for the purposes described in this policy. These data transfers are necessary to deliver the highest level of service and to continue to provide you with our best professional content. We use standard contractual clauses approved by the European Commission, and we rely on the appropriateness of the European Commission's decisions concerning certain countries, as the case may be, for the transfers of EEA data to the United States and other countries.
FLORIA has adopted technical and organizational data processing measures, updated in accordance with GDPR requirements, to protect your personal data against any unauthorized access, misuse or disclosure, unauthorized modification, accidental destruction or loss. All FLORIA employees and collaborators, as well as any third parties acting in the name and on behalf of FLORIA., are required to respect the confidentiality of your information and the GDPR requirements, in accordance with the DPP provisions.
THE www.floria.ro website may link to other sites and / or other webpages that are not owned by FLORIA. FLORIA assumes no responsibility for the content of these sites and therefore can not be held responsible for the content, advertising, goods, services, software, information or other materials available on or through these sites. FLORIA will not be held responsible for the loss of personal data, of any adverse effects on visitors’ personal data, or other moral and / or patrimonial damages caused by the access to those sites.
*UPDATING THE PERSONAL DATA PROTECTION AND PROCESSING POLICY *
Please note that this Policy may be subject to periodic content changes by updating the www.floria.ro website.
Please do not continue to use the www.floria.ro website if you do not agree to such changes. We also recommend that you check this page for any updates.
The DPP terms are interpreted according to the applicable legislation.
If you have any questions or concerns about how we treat and use your personal data or wish to exercise any of your rights, please contact us by accessing our DPO's contact details.