We respect your privacy and are committed to protecting your personal data. Through this privacy statement, we inform you about your rights, how your personal data is managed, processed and stored, as well as how the law protects you.
1. Who are we?
SC JOLIDON INTERNATIONAL SRL is a personal data operator, with its registered office in str. Tabacarilor, no. 2A, Cluj-Napoca, Romania, responsible for your personal data.
SC JOLIDON INTERNATIONAL SRL it is collectively referred to as "we", "us", "ours" in this privacy statement. Contact details can be found in the Contact section.
2. What personal data do we collect?
2.1 Data provided through direct interactions
Registration and other customer account information - When you register and create an account to use our Services, we may collect the following information:
- First name, last name (mandatory)
- Email address (required)
- Date of birth (optional)
- Genre (optional)
Communication via the chat / direct messaging function on the Platform - When you access the chat feature to communicate with a representative of our company, we collect your email address and name.
2.2 Data collected automatically when using our Services
The following information is automatically collected when there are interactions with our platform:
- Information about the device used (for example, operating system version, unique identifiers such as mobile network name)
- Location information (for example, the city from which you accessed our Platform)
- Client and authentication data - technical details such as the IP address of the device, operating system, and authentication information (for example, the date of the last successful authentication), browser type, and version.
- Information about the activity on the Platform, which includes the web pages from which you accessed the Platform, the date and time of the visit, the accessed content and the interaction with it, the duration of the visit
- Cookies - cookies are used to manage sessions and store user preferences (for example, language or currency selection). An "Internet Cookie" (also known as a "browser cookie" or "HTTP cookie" or simply a "cookie") is a small file of letters and numbers that is stored on your computer, mobile phone, tablet or other devices used to access the Internet by a user. It is installed through a request issued by a browser's web server (for example, Google Chrome, Internet Explorer, Mozilla Firefox) and it is a "passive" type. This means that it does not contain viruses or spyware, it is not software, it cannot access the information on a user's hard drive, but it only has access to the information provided by the browser. For more information about cookies, please access the Cookies Policy page.
2.3 Data from third parties or from publicly available sources
We may receive personal data from various third parties and public sources: technical information from analytics providers such as Google, Hotjar; IP address, browsing history from advertising networks such as Google.
3. Collection of data from persons under 16 years of age
Data from people under the age of 16 is not knowingly collected, and our services are not intended for children under this age. If it is found that a person under the age of 16 has transmitted personal data to us, this data will be deleted.
4. Why do we request and how do we use personal data?
Your personal data is used only for the purposes mentioned below and only when the law allows it. Usually, personal data is used in the following situations:
- If we need personal data for the execution of the distance contract
- Where it is necessary for legitimate interests to improve the Services and Products
- For marketing purposes
- If a legal or regulatory obligation must be complied with
In some cases, we may process certain personal data, only with your consent, and with prior notice at the time of requesting consent (information on the purpose and category of personal data to be processed).
The following paragraphs describe how personal data is used, as well as the legal basis on which it is based and, where applicable, our legitimate interests.
4.1 Access and provision of services
Login to the account, using the email address - we will use the email address to access the client account on our Platform
Chat, using your email address - we will use your email address to contact a company representative, identify your orders on the Platform, or to receive an email response to your request.
We use your email address and mobile phone number (via email) to give you recommendations about our products and services.
The above information is processed for the proper execution of the contract, as well as based on the legitimate interest to carry out marketing activities through which we offer you products or services tailored to your interests.
- Create a customer account on the shop.jolidon.ro website
When you create a new account on the shop.jolidon.ro website, S.C. Jolidon International S.R.L. requests personal information (first name, last name, email address, date of birth, gender) in order to:
- have a record of visitors to the site;
- monitor the behavior of customers in order to increase the quality of services and products sold;
- constantly communicate with customers, in order to keep them informed about promotions and special offers;
Your personal information is kept until the exercise of the right of opposition. Providing personal data to S.C. Jolidon International S.R.L. (shop.jolidon.com) does not imply any obligation on the part of users and they may refuse to provide this data in any circumstances and may request their deletion from the database free of charge.
4.1.2. Purchase of products or services on the Platform
At the time of a purchase, we need the following information: name, surname, address, telephone number and e-mail address, in order to ship the package. Additionally, but optionally, we can also request information such as date of birth, gender.
Personal data are kept for the period necessary for the fulfillment of the contractual provisions and until the expiration of the archiving terms.
4.2 Improving the online store experience
- Clickstream data - we want to provide you with personalized content based on your interests, for example, relevant search results. In addition, to determine how much time you spend in the online store, how you browse the content to understand your interests and to improve our Services. For example, we can give you personalized suggestions for certain products, based on other previously visited products.
We need them to both monitor and report the effectiveness of our campaigns, but also for internal business analysis.
- Location data - these are used to compile anonymous information about the characteristics and behavior of visitors and users of the platform, in order to segment and develop anonymous profiles, but also for the purpose of business analysis. At the same time, this data is also used to personalize the displayed content and improve the experience on the website.
- Registration data on the website - with their help, different types of devices are determined, usedto access the online store, which subsequently allow us to associate the activity on the platform on various devices and help us to provide an appropriate experience.
4.3 Safe and secure platform
Your data and unique device identifiers are used for the administration and protection of the Platform (maintenance and troubleshooting, data analysis, testing, support, data hosting, fraud prevention).
The information transmitted through the chat function is used for prevention
5. Your information regarding changes to the privacy statement
This privacy statement is subject to change from the date of publication of this release. The changes will be published on this page, along with the date of the most recent update. We will also send information by e-mail and / or directly to the online store. If after consulting new versions, you do not agree with the changes, you can request the deletion of the account at any time.
6. Your rights
Regarding your personal data, you have certain rights under the laws on the protection of that data, in certain circumstances.
If you wish to exercise any of these rights, please access the "Help Center" page, where you will find all the necessary links.
The right to request access to personal data ("request for access to the data subject") - you will receive a copy of the personal data in our possession and you will be able to verify whether it is processed legally
The right to request the correction of any data we have - you can change any incomplete or inaccurate data, with the subsequent verification of the provided data correctness
- The right to request the restriction of the personal data processing - you can ask us, at any time, to suspend the processing of your personal data in one of the following situations:
a) if you want to verify their accuracy,
b) if the data is used illegally,
c) if you need us to keep the data, even if there is no reason to keep it, because you need to establish, exercise or defend legal claims,
d) you objected to our use of the data, but we must check whether we have mandatory legal reasons to use them.
- The right to request the deletion of personal data - you can ask us to delete the data if there are no good or legal reasons to continue to process them. The data may also be deleted if you have successfully exercised your right to object to the processing, if we have processed the information illegally or if we are obliged to delete it in order to comply with local law. It should be noted that, for certain purposes, we are legally obliged to store certain data.
The right to object to the processing of personal data - if it is based on a legitimate interest (or that of a third party) and there is a specific reason why you want to object to the processing of personal data because you consider that it could have an impact on fundamental rights and freedoms. You also have the right to object if personal data is processed for direct marketing purposes. However, it is likely that in certain situations we may demonstrate that there are legitimate reasons for processing them that go beyond your rights and freedoms.
The right to request the transfer of personal data or to a third party - we can provide you or a chosen third party with the data in a technical, structured, commonly used format that can be read by the machine. This right only applies to automated information for which you originally gave your consent for use or if that information was used to enter into a contract with you.
The right to withdraw your consent to the processing of personal data at any time - this does not affect the legality of any processing already carried out on the basis of the previously given consent.
Fees: no fee is required to access personal data or to exercise any of the other rights. However, in those cases where the request is not founded, it is repeated or excessive; it is possible to charge a fee for administrative operations. In addition, in these cases, we may refuse to comply with the request.
Response deadline: We try to respond to all legitimate requests within one month. If, for some objective reason, the request cannot be resolved within this period, we will notify you of a new settlement period.
Right to complain: you have the right, at any time, to make a complaint to the data protection authority (see sections below). We would be happy if you contact us before this step to try to resolve any issues (see Contact section)
7. Communication and marketing
There are several ways we can keep in touch with you: via email, SMS or directly through the Platform. The purpose of these communications may be to confirm the registration on our website, transactional messages regarding orders (order confirmation, invoices, returns, etc.). Because transactional messages are required, you may not be able to opt out of these types of messages.
However, you may not want to give us your consent for marketing communication. This can be done by unsubscribing from our emails (you can find an unsubscribe link in every email sent). If you are unable to unsubscribe in this way, please contact us.
Cases in which you receive communications for marketing purposes:
- If you have chosen to receive our newsletter with news and offers (where we have your explicit consent)
- If you browse our Platform (you can receive stock alerts or offers)
- You sent us your details when you registered for a competition
- You have registered to receive news about the stock of certain products
- WHO CAN ACCESS YOUR PERSONAL DATA?
In some cases, we may share personal data with third parties listed below for the purposes set out above.
Affiliated companies - data can be shared with other companies within the Jolidon Group, which are both inside and outside the EEA and help us to provide business operation services, such as product improvements, customer support and fraud detection mechanism. Any transfer shall always be subject to appropriate safeguards or a data transfer agreement that clearly defines the obligations of the parties and provides the technical and organizational measures to protect your data.
Third-party service providers - to provide certain aspects of our services we use third-party service providers (for example, transport companies, payment processors, cloud storage equipment). Service providers can be located both inside and outside the "EEA" area. They are monitored for the security of personal data and we request that they be treated in accordance with the law and process them only for specified purposes and in accordance with our instructions.
Advertising and analytics providers - to improve your shopping experience, there will be cases where your unidentifiable information will be sent to analytics providers. They help us observe how our Platform is used, and the information is shared in an unidentifiable form. The purpose is to monitor the effectiveness of campaigns and for internal business analysis. For more details, you can also consult the cookies policy.
Law enforcement authorities, regulators and others: we may disclose personal data to law enforcement authorities, regulators, governmental or public bodies and other interested parties that comply with legal or regulatory requirements.
9. International transfer of personal data
In those cases where personal data are transferred from the EEA, we ensure that a similar degree of protection is granted by implementing at least one of the following protection measures:
Personal data will be transferred to countries that have been deemed to provide an adequate level of protection of personal data by the European Commission. For more details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
If we use certain service providers, we may use specific contracts approved by the European Commission that provide personal data with the same protection as in Europe. For more details, see European Commission: Model contracts for the transfer of personal data to third countries.
If we use US-based service providers, we may transfer data to them if they are part of the Privacy Protection, which requires them to provide similar protection to personal data shared between Europe and the US. For more details, see European Commission: EU-US Privacy Shield.
10. Data storage and retention periods
All data collected will be stored and processed on secure servers to provide the best possible user experience.
The data is kept for as long as is necessary for the purposes for which it was collected or to meet any legal, accounting or reporting requirements.
The criteria for determining the retention period for personal data are: the value, nature and sensitivity of that data, the potential risk of harm caused by unauthorized use or disclosure of personal data, the purposes for which such data are processed and the achievement of those purposes by other means, as well as applicable legal requirements.
If you have any questions regarding the data retention period, please contact us using the Contact Form.
11. Processing organization and security
The information you provide to us is stored on secure servers. We ensure their safety through the implemented, technical and organizational measures. Network security is constantly monitored and all payment data is encrypted using SSL technology. Despite the measures implemented for data protection, the transfer of data over the Internet is not 100% secure, so there is a risk that unauthorized third parties will access personal data. If we identify security breaches, we will take all necessary steps to resolve them and we will inform you as soon as possible about them.
12. External links
The website may contain links to other websites. We encourage our users to be careful when leaving our website and to read the security policy regarding this information for each external website that collects personal information.
If you need any additional information or have questions regarding the exercise of your rights, please send us an email (firstname.lastname@example.org) to the attention of the Data Protection Officer or by mail to Tabacarilor 2A, Cluj-Napoca, Romania.
You can also contact the National Data Protection Authority
Address: 28-30 Magheru Blvd., Sector 1, BUCHAREST
Contact details: Tel. +40 21 252 5599, Fax +40 21 252 5757,