Privacy Policy
Website privacy policy.1. Introduction
This Privacy Policy describes how DATAFEELS S.R.L. collects, uses, stores, and protects the personal data of users of the adelamincea.com website. We respect your privacy rights and are committed to protecting personal data in accordance with: Regulation (EU) 2016/679 (GDPR - General Data Protection Regulation); Romanian Law No. 190/2018 on measures for the application of Regulation (EU) 2016/679; ePrivacy Directive 2002/58/EC (as amended); Any other applicable legislation from the European Union and Romania. This policy applies to all users from the European Union, European Economic Area (EEA), and Romania.
2. Data Controller
The data controller responsible for processing personal data in accordance with GDPR is: DATAFEELS S.R.L., located at Str. Bucovinei nr. 54, Jud. Constanța, CUI: 49159328, J13/3868/2023, VAT: RO49159328. For questions regarding data protection, you can contact us at: Email: hello@dafe.ro. As a data controller established in Romania, we are subject to the supervision of the National Supervisory Authority for Personal Data Processing (ANSPDCP) and comply with all EU data protection requirements.
4. Purpose of Data Processing
Your personal data is processed for the following purposes: Responding to your requests sent through contact forms; Sending newsletters and marketing communications (only with your consent); Improving user experience on the site; Analyzing traffic and user behavior to optimize the site; Complying with legal obligations and protecting our legitimate rights; Preventing fraud and ensuring site security.
5. Legal Basis for Processing
Processing of your personal data is based on: Your consent - for newsletters and marketing communications; Execution of a contract or pre-contractual measures - for responding to your requests; Legitimate interest - for traffic analysis and site improvement; Compliance with legal obligations - for compliance with applicable legislation.
6. Data Retention Period
We retain your personal data only for the period necessary to fulfill the purposes for which it was collected: Contact data: until you withdraw consent or when no longer necessary for the initial purpose (maximum 3 years from last communication); Technical data: up to 12 months from collection; Marketing data: until you unsubscribe or withdraw consent; Data required for legal obligations: according to legal requirements (usually 5-10 years depending on document type).
7. Data Sharing with Third Parties
We may share your personal data with: IT and hosting service providers - for site operation; Analytics services (Google Analytics) - for traffic analysis; Email marketing services - for sending newsletters (only if you subscribe); Competent authorities - when necessary according to law. All our providers are required to comply with GDPR standards and protect your personal data.
8. Data Transfer Outside EU/EEA
Some third-party services we use (such as Google Analytics, email marketing services) may process data outside the European Union or European Economic Area (EEA). In accordance with GDPR Chapter V, transfers of personal data to third countries are only permitted if adequate safeguards exist. We ensure the following safeguards: Adequacy decisions by the European Commission - for countries with adequate protection levels (e.g., South Korea, Japan, New Zealand); Standard Contractual Clauses (SCC) approved by the European Commission; Alternative protection mechanisms approved by supervisory authorities; Adequate certifications (such as Privacy Shield Framework or equivalents). In cases where your data is transferred outside the EU/EEA, we will inform you about this transfer and the safeguards implemented.
9. Your Rights Regarding Personal Data (GDPR)
In accordance with GDPR (Regulation (EU) 2016/679), as a resident of the European Union or European Economic Area, you have the following rights: Right of access (Art. 15 GDPR) - you can request a copy of your personal data we hold, including information about its processing; Right to rectification (Art. 16 GDPR) - you can request correction of inaccurate or incomplete data; Right to erasure / "right to be forgotten" (Art. 17 GDPR) - you can request deletion of your data under certain circumstances (e.g., when data is no longer necessary, when you withdraw consent); Right to restriction of processing (Art. 18 GDPR) - you can request limitation of processing of your data in certain situations; Right to data portability (Art. 20 GDPR) - you can request transfer of your data in a structured, commonly used, and machine-readable format to another controller; Right to object (Art. 21 GDPR) - you can object to processing of your data for direct marketing or based on legitimate interest; Right to withdraw consent (Art. 7 GDPR) - you can withdraw your consent at any time, without affecting the lawfulness of processing based on consent before withdrawal; Right not to be subject to a decision based solely on automated processing (Art. 22 GDPR) - including profiling, if this produces legal effects or significantly affects you.
10. Exercising Your Rights
To exercise your GDPR rights, you can contact us at: Email: hello@dafe.ro. In accordance with GDPR (Art. 12), we will respond within one month (30 days) of receiving the request. In complex cases, we may extend the deadline by an additional two months, but we will inform you of this within one month. Before processing the request, we may request verification of your identity to ensure data is provided to the correct person (security measure in accordance with GDPR Art. 5). Responses will be provided in electronic format, if possible, or in another format you request. If we refuse a request, we will inform you of the reasons for refusal and your right to file a complaint with the supervisory authority.
11. Data Security
In accordance with GDPR Art. 32, we implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration: Encryption of communications (HTTPS/TLS) in accordance with EU standards; Security systems and firewalls; Limited access to personal data only for authorized personnel (Privacy by Design principle); Regular backups and disaster recovery plans; Regular updates of systems and software; Periodic risk assessments and penetration testing; Physical security measures for equipment processing personal data. In case of a personal data breach, in accordance with GDPR Art. 33-34, we will notify the supervisory authority within 72 hours and, if necessary, the affected individuals.
12. Cookies
Our website uses cookies to improve your experience and for traffic analysis. For complete details on the types of cookies used and how you can manage them, please refer to our Cookie Policy.
13. Links to Third-Party Sites
Our website may contain links to third-party sites. We are not responsible for the privacy practices or content of these third-party sites. We recommend reading the privacy policies of sites you visit.
14. Privacy Policy Modifications
We reserve the right to update this privacy policy at any time. Changes will be published on this page with the update date. We recommend checking this page periodically to stay informed of any changes. Continued use of the site after changes constitutes acceptance of the updated policy.
15. Supervisory Authorities (EU)
You have the right to file a complaint with the competent supervisory authority if you believe that processing of your personal data violates GDPR or data protection legislation. For residents of Romania: National Supervisory Authority for Personal Data Processing (ANSPDCP) - B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, Tel: +40.318.059.211, Email: anspdcp@dataprotection.ro, Website: www.dataprotection.ro. For residents of other EU Member States: You can file a complaint with the supervisory authority in your Member State of residence, place of work, or place where the alleged violation occurred. A complete list of EU supervisory authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en. The supervisory authority will investigate the complaint and inform you of the progress and outcome of the investigation.
16. Contact
For any questions, concerns, or requests related to this privacy policy or processing of your personal data, please contact us at: Email: hello@dafe.ro or through the contact page on the website.
By using this website, you confirm that you have read, understood, and accept this privacy policy.