GDPR Policy

GDPR POLICY / PERSONAL DATA PROTECTION POLICY

This GDPR Policy applies to the operator: LA VER STUDIO S.R.L., a limited liability company of Romanian nationality, with its registered office located in Romania, Bucharest Municipality, Sector 4, Bailești Street, No. 14, Room 2, registered with the Trade Registry Office of the Bucharest Tribunal under registration number J40/17693/2022, European Unique Identifier (EUID) ROONRC.J40/17693/2022, and the Unique Registration Code (CUI) RO 46796920 (commercial name "LA VER JEWELLERY").

1. Our Commitment to Your Personal Data

1.1. LA VER will process personal data in accordance with this Personal Data Protection Policy ("GDPR Policy"), in line with the current legislation.

1.2. This GDPR Policy is based on the provisions of Regulation (EU) No. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation” or “GDPR”), which came into effect on May 25, 2018, and also on the applicable national legislation.

1.3. GDPR defines personal data as "any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person."

1.4. LA VER is committed to making every necessary effort to implement the highest standards of confidentiality and transparency regarding the personal data we process in our current operations. Protecting and ensuring full transparency about the processing of your personal data in our operations are our top priorities.

1.5. Please also consult the Cookie Policy, Video Surveillance Policy, as well as the Terms and Conditions available on the website www.laverjewellery.com, which complement this GDPR Policy.

1.6. Any information related to the processing of your personal data can be requested in writing at the registered office address mentioned above or at the email address: contact@laverjewellery.com.

2. Agreement

2.1. Your use of our services is subject to this GDPR Policy. By using our services, you agree to the terms of this GDPR Policy. The purpose of this GDPR Policy is to inform our customers about how we collect, store, and use personal data.

3. Categories of Personal Data Collected

The personal data we process as a result of your use of the site may include:

  • Details of your visits to our website (for which we recommend reading the Cookie Policy).
  • Other information you provide to us when making a request on the site or as a result of sending it by email or phone.
  • Data necessary for issuing invoices, as well as any other relevant data.

4. Methods of Collecting Your Personal Data

4.1. We collect your data mainly when you visit the website www.laverjewellery.com, or when you place an online order.

4.1.1. We collect and process personal data regarding name, surname, email address, and phone number for the purpose of maintaining communication with you. Therefore, if you submit a request via email or phone, we will process your data to resolve it.

4.1.2. In this context, if your request requires it, we may forward your contact details to financial institutions, government agencies, transport companies, or postal services.

4.2. We collect data that results from a request to be contacted.

4.2.1. We collect personal data related to name, surname, email address, phone number, interest in contracting, which arises when you request to be contacted by filling out the fields on the site.

4.2.2. In this regard, our consultants will contact you to provide more information.

4.2.3. After completing the contact form, your data is imported into the LA VER database.

4.2.4. If you have explicitly consented to the processing of your personal data for marketing purposes by LA VER, such as receiving newsletters, updates about our products and services, or events organized by us, LA VER or its representatives will process your data for this purpose.

5. Purposes for Processing Your Personal Data

We may collect and process personal data for the following purposes:

  • Providing our products and services.
  • Sending invitations for events we organize.
  • Complying with our legal obligations (such as keeping accounting records and supporting documents).
  • Analyzing and improving our services and communications with you.
  • Protecting the security and managing our websites and other systems, preventing and detecting security threats, fraud, or other illegal or malicious activities.
  • Transmitting data to third parties if you have expressly consented.
  • Marketing campaigns, customer surveys, market research, raffles, contests, or other promotional activities if you have expressly consented.
  • Ensuring the physical security of premises, in accordance with applicable special legislation.
  • Relations with public authorities, according to applicable civil and criminal law norms.
  • Any related or auxiliary purpose to the above, or any other purpose for which your personal data was provided to us.

6. Direct Marketing

6.1. We promote our services to you and others. We use customer information to send invitations and communications promoting the products and services we offer.

6.2. In all cases, you will have the opportunity to unsubscribe from receiving marketing communications by clicking the unsubscribe link included in each communication of this type or by sending a written request to the registered office address mentioned above or to the email address: contact@laverjewellery.com.

6.3. Please note that upon requesting to unsubscribe, there may be a period of up to 48/72 hours during which you might still receive marketing communications due to system update processing. Unsubscribing from marketing emails does not prevent the continued receipt of transactional emails through which we can inform you about the status of any ongoing transactions.

7. Sharing and Transfer of Your Personal Data

7.1. We may grant access to the personal data you provide to our authorized representatives, based on contracts concluded for this purpose. However, we will maintain control over your personal data and will use appropriate protective measures, in accordance with applicable law, to ensure the integrity and security of your personal data.

7.2. We may also disclose your personal data when instructed or authorized by you or when required by applicable law, judicial or official authorities, or for investigating fraudulent or criminal activities, whether actual or suspected.

7.3. We will not transfer personal data outside the EEA unless one or more safeguards or exceptions apply, such as an adequacy decision, Privacy Shield, or binding corporate rules.

7.4. In the absence of an adequacy decision, Privacy Shield membership, or binding corporate rules, personal data transfer to a third country or international organization will only occur under the following conditions:

7.4.1. The data subject has explicitly consented to the proposed transfer after being informed of the potential risks involved due to the absence of an adequacy decision and appropriate safeguards.

7.4.2. The transfer is necessary for the performance of a contract between the data subject and the controller or for pre-contractual measures taken at the data subject's request.

7.4.3. The transfer is necessary for the conclusion or performance of a contract concluded in the data subject's interest between the controller and another individual or legal entity.

7.4.4. The transfer is necessary for important public interest reasons.

7.4.5. The transfer is necessary for the establishment, exercise, or defense of legal claims.

8. Storage and Security of Personal Data

8.1. Ensuring the confidentiality of the personal data you provide is an important concern for us. We have implemented technical and organizational measures to maintain the confidentiality and security of your personal data, in accordance with our internal procedures for the storage, disclosure, and access to personal data. Personal data may be stored in our technological systems, those of our contractors, or in printed format, for a period of 5 years or any other period in accordance with applicable legal regulations.

8.2. The website www.laverjewellery.com is protected by the standard SSL (Secured Socket Layer) encryption system. This technology encrypts all personal data you transfer to LA VER.

9. Your Rights

9.1. We want to inform you that under the new data protection regulations provided by the General Data Protection Regulation (EU) 679/2016, if we process your personal data, you have the following rights, as well as any other applicable legal rights:

  • The right of access, under Article 15 of the GDPR, whereby you can request, free of charge, confirmation of whether or not we process personal data related to you. You can also request a copy of the data we process about you. Requests must include relevant information to identify you in our database. We will address your request within the legal time frame.
  • The right to information – involves informing the data subject in a concise, transparent, and easily accessible manner about the data being processed.
  • The right to rectification, under Article 16 of the GDPR, which you can exercise by submitting a request for us to modify the information we have about you. You can make such a request when you notice that your data is incomplete or inaccurate.
  • The right to restriction of processing, under Article 18 of the GDPR, which you can exercise when you dispute the accuracy of the data, believe the processing is unlawful, or object to the deletion of the data. Following the exercise of this right, we may continue to store your data, but any other processing operations will be possible only with your consent, except in cases expressly provided by law.
  • The right to data portability, under Article 20 of the GDPR, which you can exercise only when the processing is based on your consent or contract and only if your data is processed through automated means. If you meet the conditions, you can submit a request to transfer the data to another operator of your choice.
  • The right to object to the processing of data for marketing purposes, under Article 21 of the GDPR. You can exercise this right at any time, and we guarantee that your data will no longer be processed for this purpose. However, please note that there may be a reasonable time period (up to 72 hours) for us to process your request and stop sending you marketing communications.
  • The right to erasure, under Article 17 of the GDPR, whereby we are obliged to delete the personal data we process about you. This right is not absolute and is only applicable in certain situations expressly provided by law. When making a request for deletion, please keep in mind that the process may be complex.

9.2. To exercise these rights, please send us a written request to the registered office address mentioned above or to the email address: contact@laverjewellery.com, with the subject "Personal Information Request."

Additionally, if you wish to withdraw your consent for direct marketing purposes, you can use the "unsubscribe" option included in each marketing communication.

10. Updating the GDPR Policy

We reserve the right to update and modify this GDPR Policy periodically to reflect any changes regarding how we process your personal data or any changes in legal requirements.

In the event of such changes, we will display the modified version of the GDPR Policy on our website www.laverjewellery.com and/or make it available in another manner.

11. Contact

For further information regarding the content of the GDPR Policy, please contact us in writing at the registered office address mentioned above or at the email address: contact@laverjewellery.com.