We consider ensuring the right to the protection of personal data as a fundamental commitment, therefore we will dedicate all necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR ”), As well as with any other legislation applicable on the territory of Romania. As one of the key principles of this legal framework is transparency, we have prepared this document to inform you about how we collect, use, transfer and protect your personal data when you interact with us about products and our services, including through our website or mobile applications.
Who we are and how you can contact us
Helener is the trade name of Helener Store Online SRL, a legal entity of Romanian nationality, having its registered office in Iași, bd. Socola 134 with serial number in the Trade Register J22 / 1525/2020, unique fiscal registration code 42756337 (hereinafter “Helener” or “new”). For the purposes of data protection law, we are the operator when we process your personal data.
As we are always open to hearing your views and providing you with any additional information you may need regarding the processing of your data, we encourage you to contact the Helener Data Protection Officer at office @ helener. com or by mail or courier at: Helener Store Online SRL, bd. Socola no.134, Iași - with the mention: in the attention of the Helener.com Data Protection Officer.
What categories of personal data do we process
We generally collect your personal data directly from you so that you have control over the type of information you provide to us. By way of example, we receive information from you as follows:
When you create a Helener account, within your personal page (My Account) on the Helener.com platform, you send us: e-mail address, name and surname as in the identity document, delivery address, billing address, contact details billing, at least one phone; you can add additional information such as: photo, sex / address, date of birth, alternate e-mail address, bank card details, comments on how to deliver the order (when you are available, helpful location information), product lists you would like (whishlist) etc.
By telephone, e-mail, chat or other electronic means, Helener may complete or rectify this data and collect other data that you voluntarily make available regarding your purchasing behavior or complaints about products, services, news, and discussions can be recorded.
When you place an order, you provide us with information such as: products you want, name and surname, delivery address, billing details, payment method, phone number, card or bank account details, etc.
When you enter the site, the platform may record data on: IP, internet provider, device, operating system and browser through which you connect, the city and country from which you connect. These can be associated with your account when you create it.
We can also offer you the opportunity to register on the Helener platform through your Facebook or Google account. If you opt for one of these options, you will be directed to a page managed by Facebook Inc / Google LLC, where they will inform you about the transfer of your data to Helener. You can view the privacy policies of Facebook and Google, respectively, using the following links:
We may also collect and further process certain information about your behavior while visiting our website or using your smartphone (when it becomes available) to personalize your online experience and offers you offers tailored to your profile. We invite you to find out more details in this regard by consulting the section on the purposes of processing below.
On our website and in the smartphone application we can store and collect information in cookies and similar technologies, according to the Cookies Policy.
We do not collect or otherwise process sensitive data, included in the General Data Protection Regulation in special categories of personal data. We also do not want to collect or process data on minors under the age of 16.
What are the purposes and grounds of processing
We will use your personal data for the following purposes:
1. To provide Helener services for your benefit.
This general purpose may include, as appropriate, the following:
a) Creation and administration of the account within the Helener platform;
b) Order processing, including taking over, validating, shipping and invoicing;
c) Resolving cancellations or problems of any kind related to an order, the goods or services purchased;
d) Returning the products according to the legal provisions;
e) Reimbursement of the value of the products according to the legal provisions;
f) Providing support services, including answering your questions about your orders or Helener's or Helener partners' goods and services
The processing of your data for these purposes is in most cases necessary for the conclusion and performance of a contract between Helener and you. Also, certain processing subject to these purposes is required by applicable law, including tax and accounting law.
2. To improve our services
We always want to offer you the best online shopping experience. To do this, we may collect and use certain information about your Buyer's behavior, we may invite you to complete satisfaction questionnaires subsequent to the completion of an order, or we may conduct, directly or through partners, market research and research.
We base these activities on our legitimate interest in doing business, always making sure that your fundamental rights and freedoms are not affected.
3. For marketing
We want to keep you informed about the best offers for the products / services that interest you. In this regard, we can send you any type of message (such as: e-mail / SMS / telephone / mobile push / webpush / etc.) Containing general and thematic information, information on products similar or complementary to those that you have purchased, information about offers or promotions, product information added to the “My Account / Cart” section or the “Account / Favorites” section, or you have shown interest in purchasing them, as well as other business communications such as research market and opinion polls, and we can display personalized recommendations on the website and in the smartphone app. In order to provide you with information of interest to you, we may use certain data about your buyer behavior (eg products viewed / added to your wishlist / purchased) to create a profile for you. We always ensure that such processing is carried out in compliance with your rights and freedoms and that the decisions taken on the basis of them have no legal effect on you and do not affect you in a significant way.
In most cases, we base our marketing communications on your prior consent. You can change your mind and withdraw your consent at any time by:
- Accessing the unsubscribe link displayed in the messages you receive from us; or through
- Contact Helener using the contact details described above.
In certain situations, we may base our marketing activities on our legitimate interest in promoting and developing our business. In any case where we use information about you for our legitimate interest, we take care and take all necessary measures to ensure that your fundamental rights and freedoms are not affected. However, you can ask us at any time, by the means described above, to stop the processing of your personal data for marketing purposes, and we will process your request.
4. To defend our legitimate interests
There may be situations in which we use or transmit information to protect our rights and business. These may include:
- Measures to protect the website and users of the Helener platform from cyber attacks:
- Measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities;
- Measures to manage various other risks.
The general basis of these types of processing is our legitimate interest in defending our commercial activity, it being understood that we ensure that all the measures we take guarantee a balance between our interests and your fundamental rights and freedoms.
We also, in certain cases, base our processing on legal provisions such as the obligation to ensure the protection of property and valuables under the relevant legislation.
As long as we keep your personal data
As a general rule, we will store your personal data as long as you have an account on the Helener platform. You may request us to delete certain information or close your account at any time, and we will comply with such requests, subject to the retention of certain information, including after closing your account, where required by applicable law or our legitimate interests.
To whom we transmit your personal data
Where applicable, we may transmit or provide access to certain personal data of yours to the following categories of recipients:
- courier service providers;
- payment / banking service providers;
- marketing / telemarketing service providers;
- market research service providers;
- IT service providers;
- other companies with which we can develop joint programs to offer our goods and services on the market.
If we have a legal obligation or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.
In which countries we transfer your personal data
We currently store and process your personal data in Romania.
However, we may transfer certain of your personal data to entities located in the European Union or outside the Union, including in countries for which the European Commission has not recognized an adequate level of protection of personal data.
We will always take steps to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests. Transfers to service providers and other third parties will always be protected by contractual commitments and, where appropriate, other guarantees, such as standard contractual clauses issued by the European Commission or certification schemes, such as the Privacy Shield for the protection of personal data. transferred from within the EU to the United States.
You can contact us at any time, using the contact details set out above, to find out more about the countries in which we transfer your data, as well as the guarantees we have put in place regarding these transfers.
How we protect the security of your personal data
We are committed to ensuring the security of personal data by implementing appropriate technical and organizational measures, according to industry standards.
The transmission of your personal data is done using state-of-the-art encryption algorithms and stored on secure servers, while ensuring data redundancy.
We use the services of payment processors to make payments. Any payment information is encrypted using HTTPS technology with TSL 1.2 encryption.
Despite the measures taken to protect your personal data, we warn you that the transmission of information via the Internet, in general, or through other public networks, is not completely secure, there is a risk that the data may be seen and used by third parties. unauthorized parties. We cannot be held responsible for such vulnerabilities in systems that are beyond our control.
What rights do you have?
The General Data Protection Regulation gives you a number of rights in relation to your personal data. You may request access to your data, correct any errors in our files and / or object to the processing of your personal data. You may also exercise your right to complain to the competent supervisory authority or to go to court. Where applicable, you may also have the right to request the deletion of your personal data, the right to restrict the processing of your data and the right to data portability.
More information about each of these rights can be obtained by consulting the table below.
In order to exercise your rights, you can contact us using the contact details set out above. Please note the following if you wish to exercise these rights:
1. We take the confidentiality of all records containing personal data seriously. For this reason, please send us your requests regarding such registrations using the e-mail address associated with your Helener account. otherwise, we reserve the right to verify your identity by requesting additional information for the purpose of confirming your identity.
2. We will not charge you a fee to exercise any right in respect of your personal data, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge you a fee. reasonable amount in such circumstances. We will inform you of any fees applied before resolving your application.
Response time. We intend to respond to any valid requests within a maximum of one month, unless this is particularly complicated or if you have made several requests, in which case we will respond within a maximum of two months. We will let you know if we need more than a month. We may ask you if you can tell us exactly what you want to receive or what worries you. This will help us act faster and shorten the response time to your request.
Third party rights. We must not comply with a request if it would adversely affect the rights and freedoms of other data subjects.
You can ask us:
You may ask us to correct or complete your inaccurate or incomplete personal data.
We may try to verify the accuracy of the data before rectifying it.
You can ask us to delete your personal data, but only if:
We are not obligated to comply with your request to delete your personal data if the processing of your personal data is necessary:
There are certain other circumstances in which we are not required to comply with your request to delete data, although these are the two most likely circumstances in which we may deny this request.
Please note that before exercising this right, you must download from your Helener account and save all documents related to orders placed with Helener, regardless of whether the invoicing was made to you or to another natural or legal person (such as : invoices, guarantee certificates). If you do not do this before you exercise your right of deletion, you will lose all these documents and Helener will be unable to provide them to you, as appropriate, because the process of deleting the data, respectively the Helener account , with all its data and documents, is an irreversible process.
Restricting data processing
You can ask us to restrict the processing of personal data, but only if:
We may continue to use your personal data following a request for a restriction if:
You can ask us to provide you with personal data in a structured, commonly used and automatically readable format, or you can request that it be "ported" directly to another data controller, but in each case only if:
You may object at any time, for reasons related to your particular situation, to the processing of your personal data under our legitimate interest, if you consider that your fundamental rights and freedoms prevail over this interest.
You may also object at any time to the processing of your data for direct marketing purposes (including profiling), without giving any reason, in which case we will cease processing as soon as possible.
Automatic decision making
You can request not to be subject to a decision based solely on automatic processing, but only when that decision:
This right shall not apply where the decision reached following the automatic decision-making:
You have the right to lodge a complaint with the supervisory authority regarding the processing of your personal data. In Romania, the contact details of the data protection supervisory authority are the following:
National Authority for the Supervision of Personal Data Processing
B-dul G-ral. Gheorghe Magheru no. 28-30, Sector 1, postal code 010336, Bucharest, Romania
Phone: +40.318.059.211 or +40.318.059.212;
Without prejudice to your right to contact the supervisory authority at any time, please contact us in advance, and we promise that we will make every effort to resolve any issue amicably.
Cookies usage policy
This policy applies to cookies and web pages operated by Helener Store Online S.R.L. and complements the Helener policy. as regards the conditions of use of the site and that of the protection and processing of personal data in full compliance with Regulation (EU) 2016/679 ("General Data Protection Regulation" or "GDPR").
What are cookies?
A cookie is a small file, consisting of letters and numbers, that will be stored on a computer, mobile terminal, or other equipment of a user accessing the Internet. The cookie is installed by the request issued by a web server to a browser (eg Internet Explorer, Chrome) and is completely "passive" (does not contain software, viruses or spyware and can not access the information on the user's hard drive) .
What are cookies used for?
These files make it possible to recognize the user's terminal and present the content in a relevant way, adapted to the user's preferences. Cookies provide users with a pleasant browsing experience and support our efforts to provide comfortable services to users: eg: - online privacy preferences, shopping cart or relevant advertising. They are also used in the preparation of anonymous aggregate statistics that help us understand how a user benefits from our web pages, allowing us to improve their structure and content, excluding the user's personal identification.
What cookies do we use?
We use two types of cookies: per session and fixed. The latter are temporary files that remain in the user's terminal until the end of the session or closing the application (web browser). The fixed files remain on the user's terminal for a period in the cookie parameters or until they are manually deleted by the user.
How are cookies used by this site?
A visit to this site may place the following types of cookies:
• Strictly necessary cookies
• Site performance cookies
• Visitor analysis cookies
• Cookies for geotargetting
• Registration cookies
• Cookies for advertising
• Cookies of advertising providers
Strictly necessary cookies are essential for the proper functioning of the website. These cookies do not require your prior consent to be downloaded to your device. You can set your browser to block these cookies, but in this case certain sections of the website will not work properly.
Do cookies contain personal data?
Security and privacy issues
Cookies are NOT viruses! They use plain text formats. They are not made up of pieces of code so they cannot be executed or auto-run. Consequently, they cannot be duplicated or replicated on other networks to run or replicate again. Because they cannot perform these functions, they cannot be considered viruses. Cookies may, however, be used for negative purposes. Because it stores information about users' preferences and browsing history, both on a particular site and on several other sites, cookies can be used as a form of Spyware. Many anti-spyware products are aware of this and constantly mark cookies to be deleted during anti-virus / anti-spyware deletion / scanning procedures. In general, browsers have integrated privacy settings that provide different levels of acceptance of cookies, validity period and automatic deletion after the user has visited a particular site. Other security issues related to cookies: Because identity protection is very valuable and represents the right of every internet user, it is advisable to know what possible problems cookies can create. Because through them information is constantly transmitted in both directions between the browser and the website, if an attacker or unauthorized person intervenes during the transmission of data, the information contained in the cookie may be intercepted. Although very rare, this can happen if the browser connects to the server using an unencrypted network (eg an unsecured WiFi network). Other cookie-based attacks involve incorrect cookie settings on servers. If a website does not require the browser to use only encrypted channels, attackers can use this vulnerability to trick browsers into sending information through unsecured channels. Attackers then use the information for the purpose of unauthorized access to certain sites. It is very important to be careful in choosing the most appropriate method of personal information protection.
Tips for safe and responsible browsing based on cookies
Here are some tips that can ensure that you browse without worries but with the help of cookies:
• Customize your browser settings for cookies to reflect a comfortable level of cookie security for you.
• If you do not mind cookies and you are the only person using the computer, you can set long expiration dates for storing your browsing history and personal access data.
• If you share access to your computer, you can consider setting your browser to clear individual browsing data each time you close your browser. This is a way to access sites that place cookies and to delete any visit information at the end of the browsing session.
• Install and constantly update your antispyware applications.
Spyware detection and prevention applications include site attack detection. This prevents the browser from accessing websites that could exploit browser vulnerabilities or download malicious software. Make sure your browser is always up to date.
Cookie-based attacks are exploited by exploiting the weaknesses of older versions of browsers. Cookies are everywhere and cannot be avoided if you want to enjoy access to the best and largest sites on the Internet - local or international. With a clear understanding of how they operate and the benefits they bring, you can take the necessary security measures so that you can surf the internet with confidence.
Disabling and refusing to receive cookies may make certain sites impractical or difficult to visit and use. Also, the refusal to accept cookies does not mean that you will no longer receive / see online advertising. It is possible to set in the browser so that these cookies are no longer accepted or you can set the browser to accept cookies from a specific site. But, for example, if you are not registered using cookies, you will not be able to leave comments. All modern browsers offer the ability to change cookie settings. These settings are usually found in the "options" or "preferences" menu of your browser.
Cookies can be set when visiting www.helener.com, by helener.com or by third party partners (facebook.com, zendesk chat, youtube, Google Analytics, Google Adwords).
We remind you that you can contact the Helener.com Data Protection Officer at any time by submitting your request in any of the following ways:
- by e-mail to: firstname.lastname@example.org or
- by post or courier to the address:Helener Store Online SRL, bd. Socola 134, Iași, Iași County, Romania- with the mention in the attention of the Helener Data Protection Officer.