Personal Data Protection Policy (GDPR Compliance)
1. Data Controller The controller of your data is CEYLON FLASH DELIVERY S.R.L., located in Bucharest, Sector 2, Șoseaua Pantelimon, No. 84, email: [email protected].
2. Categories of Data Collected
Identity Data: First name, last name, username.
Contact Data: Email address, phone number, shipping and billing addresses.
Financial Data: Transaction information (SLmartRomania does not store credit card details; these are processed directly by our payment partner).
Technical Data: IP address, geolocation, browser type, pages visited (collected via cookies).
3. Legal Basis for Processing
Contract Performance: To process orders and deliver products.
Legal Obligation: For issuing tax invoices and maintaining accounting records.
Legitimate Interest: For website security, fraud prevention, and service improvement.
Consent: For sending marketing communications (newsletters).
4. Data Recipients (Third Parties) To fulfill our obligations, we share certain data with:
Courier Companies: For shipping and delivery.
Payment Processors: (Netopia Payments) for online transactions.
Accounting Services: To fulfill tax and legal requirements.
IT Service Providers: Server hosting and platform maintenance.
5. Data Transfers Currently, we do not transfer your data outside the European Economic Area (EEA). Should this change, we will ensure adequate security safeguards are in place.
6. Retention Period
Data within financial-accounting documents is kept for 10 years as required by law.
User account data is kept until a deletion request is made.
7. Your Rights Under GDPR, you have the right to: access, rectification, erasure, restriction of processing, data portability, and the right to object. You also have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP).
