Privacy Policy

At the Msecret.ro online store, we are committed to protecting the personal data of our customers, in accordance with applicable laws and regulations, including the General Data Protection Regulation of April 27, 2016. Our objective is to provide our customers with complete information and access to control the processing of their personal data. Below, you will find detailed information about how we process personal data, our security measures, and the partners with whom we share it. For any further questions, please contact us at the email address:

msecretbusiness@gmail.com

HOW WE OBTAIN YOUR PERSONAL DATA

We use your personal data legally and responsibly, in accordance with the terms and conditions presented in our privacy policy. This data is provided when you place an order. The personal data you provide to us is used to allow you to shop online, to offer you commercial information, or to enable you to use the functionalities of our website. We understand the importance of protecting your data and, therefore, we ensure that we take appropriate measures to protect your personal data against unauthorized access, disclosure, or misuse. All of this is in accordance with applicable data protection legislation, including GDPR.

 

 

HOW WE PROCESS YOUR PERSONAL DATA?

If you use our Store, we will process your personal data primarily to fulfill the sales and delivery contract, as well as to manage your account on the Store's website. We may also process your data to send you commercial information by email or phone, but this requires your separate consent. In addition, we may process your data for marketing purposes, internal statistics, and to fulfill our obligations and defend against claims.

 

IS THE PROVISION OF PERSONAL DATA MANDATORY?

The decision to provide your data and the type of data is at your discretion. However, you should be aware that if you make a purchase in the store, providing certain data is mandatory to complete the sales process. If you do not provide us with this data, we will not be able to process the order and, therefore, it cannot be placed. It is important to note that you are not obliged to give us consent to receive commercial information at the email address or phone number provided to complete the sales process. However, if you decide to give us your consent, you can withdraw it at any time.

 

WITH WHOM WILL WE SHARE YOUR PERSONAL INFORMATION?

Thank you for the additional information. We understand that, in the context of the contract for the sale of goods purchased by you, it is necessary to share certain data with partner entities to provide you with complete services and to fulfill contractual obligations.

Therefore, we will share your data with the following partner entities:

1. Delivery service providers: To ensure the optimal delivery of purchased products, we will collaborate with reliable delivery service providers, such as FAN CURIER or others. These providers will have access to certain information, such as the delivery address, to efficiently deliver your package.
2. Payment service providers: For payment processing, we will use secure and reliable payment services. These payment services may request and process certain relevant personal data to complete transactions, such as payment information and billing address.
3. Entities that process personal data: In some cases, we may collaborate with third parties to process personal data on our behalf. For example, we may use e-commerce platforms to manage and process customer orders and information. These entities will process your personal data strictly in accordance with our instructions and our privacy policy.
4. Other partner entities: In certain situations, we may collaborate with other partner entities within our business activities, such as marketing and product promotion. In these cases, we will establish cooperation agreements and will share your data only to the extent necessary to achieve the respective purposes.

It is important to emphasize that the sharing of your data with these partner entities will be carried out in accordance with applicable personal data protection legislation and that we will take appropriate measures to protect your personal data during its transfer and processing.

If you have any questions or concerns regarding the sharing of your personal data, please contact us. We are here to provide you with the necessary information and assistance.

 

HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION?

The personal data provided by you will be processed for the following periods:

1. a) To fulfill the sales contract, to complete your requests, to confirm the fulfillment of our obligations, and to investigate complaints or defend against claims directed against us - for a maximum of 10 years from the date of their provision.
2. b) If you request the deletion of your account in the store, your data may be processed for the period necessary to confirm the fulfillment of our obligations and to investigate complaints or defend against claims directed against us - for a maximum of 10 years from the date you provided your data.

 

HOW DO WE PROTECT YOUR PERSONAL DATA? 

We use a series of IT and organizational security measures to ensure that your data is protected in the best possible way. Our security system is built on multiple levels and includes a strong firewall, antivirus and anti-spam systems, internal data access and processing procedures, as well as a backup system. In addition, we have implemented additional measures to provide you with a safe shopping experience. We use a Web Application Firewall (WAF) and a DDoS attack prevention system, and your connection is encrypted via HTTPS/SSL according to best practices. We are proud to work with a hosting provider certified according to ISO 9001 and AQAP-2110 requirements, as well as with the information security management certificate according to ISO/IEC 27001. We understand that using the internet involves a certain risk, but we assure you that we do our best to minimize this risk by constantly reviewing and updating IT systems and actively monitoring critical system points.

 

WHAT RIGHTS DO YOU HAVE IN CONNECTION WITH OUR PROCESSING OF YOUR DATA?

According to GDPR, you have the following rights related to the processing of personal data:

1. a) The right to know how we process your personal data - you can contact us via the contact form or at msecretbusiness@gmail.com for any questions;
2. b) The right to access and update data - you can do this from your account in the store or you can request access to your data and we will update it for you;
3. c) The right to data deletion, processing limitation, opposition, withdrawal of consent, and data transfer - all these rights can be exercised by contacting our data protection officer at msecretbusiness@gmail.com or via the contact form.

 

 

WHEN WILL YOU RECEIVE A RESPONSE FROM US?

We strive to complete your requests as quickly as possible and to answer your questions regarding personal data. In any case, you will receive a response from us within a maximum of 30 days from receiving the request. If we cannot respond within this period, we will inform you about the extension of the term and explain the reasons. If we have doubts about the identity of the person making the request, we will ask for more information to verify authenticity.

 

INFORMATION ON THE USE OF "COOKIES"

1. The Service refers to the web page or application through which the Administrator provides online support services, on the domain msecretbusiness@gmail.com
2. Cookies are IT data, especially small text files, which are saved and stored on the equipment used by users to access the web pages of the Service (online).
3. Administrator's cookies are those cookies placed by the Administrator in connection with the provision of electronic services through the web page.
4. External cookies are cookies placed by the Administrator's partners through the Service's web page.
5. Equipment refers to the electronic equipment through which the user can access the Service.
6. User represents the subject in whose favor, according to the Terms and Conditions and current legislation, electronic services can be provided or with whom a contract for the provision of services electronically can be concluded.

 

1. TYPES OF COOKIES USED

1. The cookies used by the Administrator are secure and do not allow the entry of viruses or other unwanted programs into the user's device. They allow the customization of the site for each user and usually contain the domain name, storage time, and a value.
2. The Administrator uses two types of cookies: session cookies, which are deleted after the browsing session ends, and persistent cookies, which remain on the device until they are deleted. Neither of them collects personal data or confidential information.
3. The user can limit or disable cookies, but certain functions of the site may be affected.

III. OBJECTIVES FOR WHICH COOKIES ARE USED

The Administrator uses its own cookies for service configuration, user authorization on the site, and completion processes necessary for the full functionality of the websites, analyses, tests, and audience auditing, and ensuring the security and reliability of the service. The Administrator also uses external cookies to display multimedia content, collect general and anonymous statistical data, display ads tailored to user preferences, connect to the website using a social website, and interactive website popularization functions.

1. POSSIBILITIES TO DETERMINE THE CONDITIONS OF STORING OR ACCESSING COOKIES

1. The user can change cookie settings and block their automatic handling in the web browser settings.
2. The user can delete cookies at any time from the browser used.
3. Limiting the use of cookies may affect site functionalities.
4. Example of Google Chrome configuration available here.
5. Subscribe to the newsletter and receive a 7% discount on your first order and exclusive access to new collections.