Privacy Policy

What is personal data?

According to the GDPR, “personal data” means any information relating to an identified or identifiable natural person (“data subject”).

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

There is no list of personal data, and the GDPR does not require states to draw up such a list, for the simple reason that a piece of data can become personal data in one context and simply information without personal data value in another context.

Here are Some Examples Of Personal Data:

Name;

someone’s domicile or residence;

e-mail address (including addresses such as office@over-shop.com );

ID card, passport or passport number;

location data (e.g. location data function available on a mobile phone)*;

an IP address;

a cookie ID;

someone’s silhouette from CCTV footage;

a car registration number;

Information We Collect

https://over-shop.com/ uses forms where you can order products from us, create an account, contact us at office@over-shop.com

Below we have detailed all the types of data we collect and how we use it:

Order information: order history, order track

Customer Relations

When you contact customer service for information or to make a complaint, we store the information you provide, if applicable. For example, why you contacted us, which order did not satisfy you or whether there were any missing products on delivery. Depending on the reason you contacted us, your personal details may vary. As we want to improve our service to you, we store the communication in the backend of the website. This way, you will receive a quick and satisfactory response.

Categories of personal data: Communication data and other information

This information is needed to fulfil our obligations related to your order and to deliver your food (fulfilment of contract).

But it is also in our business interest to provide you with the best winning experience (legitimate interest).

The process of receiving delivery of your order

After placing your order, certain processes run in the background, in order to send your order we need your personal data

Communication data

Device information

Order information

Other information

Billing / company details

If you have provided us with the details of the company where you are a partner, employee, owner or director, such as C.N.P. (at P.F.A./I.I.), C.U.I., Trade Register Registration Number, company’s registered office address, bank account, bank name, name and position of legal representative, we will use these details to conclude contracts previously agreed with you;

Browser/IP/device data

If you have agreed to us collecting them, we will collect details of the browser used, IP address, device details such as hardware model, operating system version, unique device identifiers and mobile network information including phone number. We use this data to determine how you use our site, the aim being to make the necessary changes to make it easier for you to find the information you are looking for;

Unique Device Identifiers (sometimes called Unique Universal IDs or UUIDs) are a string of characters embedded by the manufacturer in a device. It can be used to identify the device exactly (e.g. the IMEI number of a mobile phone). Different device identifiers differ in several respects: validity, whether or not they can be reset by users, and how they can be accessed. A given device may have several different unique identifiers. Unique device identifiers can be used for various purposes, including security and fraud detection, synchronisation of services, e.g. incoming messages to a user’s email address, remembering user preferences and serving relevant advertisements.

We May Also Use:

Cache memory for application data

An application data cache is a data store on a device. It can, for example, allow a web application to run without an internet connection and can improve application performance by allowing content to load faster.

Storing web data via a browser

Storing web data via a browser allows websites to store data in a browser on a device. When used in ‘local storage’ mode, the function allows data to be saved between sessions (for example, so that data can be retrieved after closing and reopening the browser). One technology that allows data to be stored on the web is HTML 5.

Cookies and similar technologies

The cookie policy is detailed in a separate section on this page.

Device

A device is a computer that can be used to access our website and services. For example, a device can be a computer, a tablet, a smartphone, or any other electronic device that is equipped with browser capabilities and connects to the internet.

HTTP source header

HTTP source header condvs. The information sent by a web browser to a destination web page, usually when you click on a link to that web page. The HTTP source header condvs. the URL of the last web page accessed by that browser.

Non-personally identifiable information

This is information recorded about users in such a way that it no longer reflects or refers to an individually identifiable user.

Sensitive personal information

This is a special category of personal information associated with confidential medical information, racial or ethnic origin, political or religious beliefs, or sexual orientation.

Server logs

As with most websites, our servers automatically log page requests made when a user accesses our websites. These “server logs” typically include your web request, IP address, browser type, browser language, date and time of the request, and one or more cookies that can uniquely identify your browser.

Summary

You are under no obligation to provide us with any data, it is strictly at your discretion, but it is important to understand that without it your relationship with us may be limited, and that certain parts of the website may not function properly, we may not be able to collaborate, or we may not be able to notify you of services in our portfolio that you may be interested in. In turn, listing the above does not imply mandatory collection of all such data, but we may collect only a portion of it, depending on your choices in dealing with us.

MARKETING

Advertising

We will email you to offer you coupons, discounts and promotions, to conduct surveys and studies to improve our services. You can object to further processing of data for advertising purposes with each email. Of course, you can contact our Data Protection Officer directly at office@over-shop.com [https://over-shop.com/contact/] if you wish to object to the processing of your data for advertising purposes or for further information on this question.

Email marketing

We want to prevent generic newsletters and unoperated marketing measures. Therefore, we will select transactions that match your interests and contact you if we think the information might be helpful to you. You can contest further processing of data for advertising purposes with each email. Of course, you can contact our Data Protection Officer directly at office@over-shop.com if you wish to object to the processing of your data for advertising purposes or for further information on this question.

Merger and acquisition, change of ownership

We would also like to inform you that in the event of a merger with or acquisition by another company, we will disclose information to that company. We will ask the company to comply with legal regulations on data protection.

Other information

If you voluntarily decide to share information that goes beyond the mandatory information, we are of course happy to do so. In this way, we can continue to improve our service. This is data that you voluntarily provide when using our website, but also information from other sources, such as social media or other (public) databases (e.g. user ID of other platforms).

Quality assessment

In order to continuously provide you with better services, we regularly evaluate the success or potential causes of unsuccessful marketing measures. To do this, we analyse, for example, whether our newsletters are open and the content is also chosen.

To whom this information is transferred

We will only disclose your personal data for the purposes and to those third parties listed below. We will take appropriate steps to ensure that your personal data is processed, secured and transferred in accordance with applicable law.

We Will Transfer Your Personal Data, Where Strictly Necessary, On a Need To Know Basis, To The Following Categories Of Third Parties:

Companies that provide products and services to us (proxies), such as:

Media agencies, such as those that run promotional campaigns and those that manage the https://over-shop.com website;

market research services: analysis, advertising, strictly for the needs of https://over-shop.com;

infrastructure agencies (other parties managing email newsletter, SMS or other marketing, customer support or sales activities on our behalf), strictly for https://over-shop.com;

Information technology systems providers and support, including email archiving, telecommunications providers, back-up and disaster recovery services, and cybersecurity services.

External Service Provider – Supports our operations by providing IT solutions and infrastructure or security for our business operations, such as identifying and resolving disruptions.

Other parties, such as public authorities and institutions, accountants, auditors, lawyers and other external consultants, whose work involves a need to know this data or where we are required by law to make this disclosure.

We will also disclose your personal data to third parties (if you give us your consent to this disclosure):

To persons who demonstrate that they are lawfully acting on your behalf;

Where it is in the legitimate interests of over-shop.com to administer, grow and develop its business

If we sell the business or parts of it, we may disclose your personal data to the prospective buyer of the business or parts of it, given the need to maintain the continuity of the business.

If over-shop.com or a substantial part of its assets are acquired by a third party, in which case the personal data processed by over-shop.com will form part of the transferred assets

If we are required by law to disclose a particular type of information, in the case of lawful requests by government officials, or where we are required to comply with national security or law enforcement requirements or to prevent illegal activity.

To respond to any complaints, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or to protect the rights, property or safety of over-shop.com, our employees, customers, suppliers or others.

Some of these recipients (including our affiliates) may use your data in countries outside the European Economic Area. Please see the dedication below for more details about this.

Restrictions on use of information by third parties

Any third parties to whom we disclose your personal information in accordance with the above are limited (by law and by contract) in their ability to use your information. Personal Information only for the purposes specifically identified by us. We will always ensure that any third parties to whom we disclose your Personal Information are subject to confidentiality and security obligations in accordance with the contracts signed with them and applicable laws. However, for the avoidance of doubt, this may not be applicable where disclosure is not our decision.

Except as expressly detailed above, we will never disclose, sell or rent your personal information to a third party without notifying you and, if applicable, obtaining your consent.

What rights do you have as a user of the site?

These Are Your Rights In The Context Of Our Collection And Processing Of Your Data

The right to be informed about how your data is collected and used;

The right to access the data we hold about you;

The right to request rectification of the data we hold about you;

The right to request deletion of data we hold about you;

The right to request that we stop sending marketing messages to you;

The right to request that your personal data be sent to you or to another controller;

The right to lodge a complaint, with reference to the use of your data, with the competent authorities;

The right to withdraw your consent.

The above rights are not absolute, and there are exceptions to them under certain conditions. For any questions, please contact us by sending an email.

Contact Information

Please address your questions regarding the subject matter of data protection and any requests to exercise your legal rights to us at the following address: office@over-shop.com

We will investigate and attempt to resolve any request or complaint regarding the use or disclosure of your personal information.

If you are not satisfied with our response, you can make a complaint to the National Supervisory Authority for Personal Data Processing.

You can find more information about the process at

http://dataprotection.ro/?page=procedura_de_solutionare_a_plangerilor.