1. Introduction

Thank you for your interest in our company, our products, and/or services. When you enter into any kind of relationship with us, you entrust us with your information. The information presented in this document (hereinafter referred to as the “Privacy Policy”) is important. We recommend that you read it carefully.

The purpose of this Privacy Policy is to explain what data we process (collect, use, share), why we process it, how we process it, your rights under the GDPR, and how you can exercise these rights. In collecting this information, we act as a data controller and, by law, are required to provide you with this information.

The protection and confidentiality of your personal data are very important to us. Being fully aware that your personal information belongs to you, we make every effort to store it securely and process it carefully. We do not provide information to third parties without informing you in accordance with legal provisions. We do not make exclusively automated decisions with a significant impact on you.

By visiting our website, purchasing our products and/or services, or interacting with us through any means and/or communication channel (email, phone, social networks, etc.), you agree to this Privacy Policy and also consent to the use of your data for advertising or marketing purposes, as described in the dedicated Marketing and Advertising sections below. If you do not agree with the terms described in this Privacy Policy, please do not use our services or products.

2. Other Services

This Privacy Policy does not cover third-party applications and websites that you may access through links on our website. This is beyond our control. We encourage you to review the Privacy Policy of any website and/or application before providing personal data.

3. Who Are We?

ZEGA IMPEX SRL, headquartered at STR. ȘTEFAN CEL MARE, NR. 47, BL. A1, SC. B, AP. 16, MUN. SUCEAVA, registered with the Trade Register under no. J33/1687/1993, tax identification number CIF: RO4840647, is responsible for processing your personal data that we collect directly from you or from other sources.

Under the law, our company is a personal data controller. To ensure your data is processed securely, we have made every effort to implement reasonable and appropriate technical and organizational measures to protect your personal information.

4. Who Are You?

Under the law, you—as an individual benefiting from our products and/or services, a company representative or contact person, a website visitor, or someone in any kind of relationship with our company—are a “data subject”, meaning an identified or identifiable natural person. To be fully transparent about data processing and to allow you to easily exercise your rights at any time, we have implemented measures to facilitate access to information. Please refer to Sections 7, 10, and 11 of this document.

5. Our Commitment

The protection of your personal information is very important to us. Therefore, we are committed to complying with European and national legislation on personal data protection, particularly Regulation (EU) 679/2016 (GDPR), and the following principles:

  • Legality, fairness, and transparency
    We process your data lawfully and fairly. We are always transparent about the information we use, and you are properly informed.
  • You retain control
    Within legal limits, we provide you with the ability to review, modify, and delete the personal data you have shared with us, as well as exercise other rights. For more information, see Sections 7, 10, and 11 of this document.
  • Data integrity and purpose limitation
    We use data only for the purposes described at the time of collection or for new purposes compatible with the original ones. In all cases, our purposes comply with the law. We take reasonable measures to ensure that personal data is accurate, complete, and up to date.
  • Security
    We have implemented reasonable security and encryption measures to protect your personal information as effectively as possible. However, please note that no website, application, or internet connection is completely secure.

6. Changes

We may change this Privacy Policy at any time. All updates and modifications to this Policy take effect immediately after notification, which we will provide by posting on our website and/or via email.

7. Questions and Requests

If you have questions or concerns regarding the processing of your data, wish to exercise your legal rights regarding the data we hold, or have any privacy-related concerns, you can email us at: zega.funghi@gmail.com.

8. Your Information

8.1. What kind of information do we collect about you?

When you browse our website, send us an email request, or contact us for any purpose through any communication channel, you may provide us with the following personal data, which we collect directly from you or from other sources, such as:

  • Name and surname
  • Age
  • Email address
  • Phone number
  • Your role within the company
  • Password

Most of the information we collect comes directly from you (e.g., by filling out a form on the website). The majority of the information is as described above, but there may be cases where we collect data from third parties (e.g., partners, advertising platforms), such as purchase history and interests.

In addition to the information listed above, we may also collect the following, depending on circumstances:

  • How you interact with our website(s) or ads (e.g., information about how and when you access our site or what device you use);
  • Information provided when filling out forms or surveys;
  • The content of messages sent via messaging systems and email;
  • Your interactions with us on social networks (e.g., likes, shares, comments);
  • Information we collect about you from other group companies or third parties who have obtained your consent or have another legal right to share this information with us (including advertising/publishing partners and data aggregators with such rights).

If you make purchases, certain payment information (card details) will be collected, but it will be stored by our payment processor partners in a way that we cannot read or access. We will only be informed whether the purchase was successful.

We may also collect data through cookies or similar technologies, such as:

  • IP address
  • Internet browser
  • Location
  • Pages you visit on our website

8.2. Why do we collect this information?

We collect personal information for the following purposes:

  • To enter into or perform a contract between you and us;
  • To respond to your questions and requests and provide customer support;
  • For marketing purposes, but only if we have your prior consent or if a legal exception applies;
  • To provide and improve the services and products we offer;
  • To diagnose or resolve technical issues;
  • To defend against cyberattacks;
  • To create and/or maintain accounts;
  • To comply with legal obligations (e.g., tax laws requiring us to keep accounting records for 10 years);
  • To establish or defend a legal claim;
  • For analytical and research purposes;
  • To conduct promotions and contests;
  • To prevent crime, fraud, or deception.

8.3. What is the legal basis for processing?

We may rely on the following legal grounds, depending on the specific case:

  • Your consent for the processing of personal data;
    However, note that if you are already our customer, we may send promotional messages (direct marketing) about similar goods and services without needing consent, under Art. 12(3) of Law No. 506/2004.
    In all cases, you can object to direct marketing and/or withdraw your consent at any time by following the “unsubscribe” instructions in each email or by sending a written request to zega.funghi@gmail.com.
  • Processing is necessary for entering into or performing a contract between you and us;
  • Processing is necessary for our or a third party’s legitimate interests, unless your interests or fundamental rights override them;
    When relying on legitimate interest, we conduct a balancing test to weigh our interests against yours. If our interests prevail, we will use legitimate interest. If your interests prevail, we will not use legitimate interest, and if no other legal basis is identified, we will not proceed with the processing activity.
  • Processing is necessary to comply with legal obligations (e.g., tax laws requiring us to keep records for 10 years or providing certain information to authorized public institutions);
  • In some cases, processing may be necessary to protect your or another person’s vital interests;

Note that obtaining consent is not always mandatory, and we will seek your consent only when no other legal basis applies.

8.4. How long do we store your data?

We store your personal data only for as long as necessary to fulfill the purposes, but no longer than 5 years after the termination of the contract or the last interaction with us.

After this period, personal data will be destroyed, deleted from our systems, or anonymized for scientific, historical, or statistical research purposes.

Note that in certain legally regulated cases, we store data for the period required by law.

8.5. How do we share your information with others?

We may disclose your data, in compliance with applicable law, to business partners or other third parties. We make reasonable efforts to ensure these third parties have adequate security measures in place. We have contractual clauses with these parties to protect your data. In such cases, we ensure that any transfer is lawful, based on your consent or another legal basis.

For example, we may provide your data to:

  • IT or telecommunications service providers, accounting firms, legal services, and other third parties with whom we have a contractual relationship. These third parties are carefully selected to ensure your data is processed only for the purposes we specify.
  • Business partners as part of joint efforts to provide a product or service.
  • Potential buyers if we sell our business or part of it in the future (this would include the transfer of your data).
  • Other parties with your consent or upon your request (e.g., if you exercise your right to data portability).

We may also provide your personal data to prosecutors, police, courts, and other authorized state bodies, based on and within the limits of legal provisions, in response to formal requests.

We will make reasonable efforts to ensure your data does not leave the European Economic Area (EEA). However, if we transfer data outside the EEA, we will ensure such transfers are lawful, based on your explicit consent or another legal basis.

9. Marketing

If we have obtained your prior consent or you are already our customer, we may use direct marketing and targeted advertising based on the information we collect about you (interests, preferences, purchases, age, location, etc.). For example, we may send emails, display ads on our website or social media, or place ads on third-party websites, apps, or other internet-connected devices.

9.1. What data do we collect for marketing?

For direct marketing or targeted advertising, we may use the following:

  • Information collected via cookies and similar technologies (location, device, browser, age, etc.);
  • Your purchases, interactions with our products/services, and feedback;
  • Age, country, region, gender;
  • Other information obtained from marketing partners (with your consent).

9.2. Marketing Partners

Our marketing partners (e.g., Facebook, Google) help us deliver marketing based on data they collect directly from you (with your consent). In some cases, we share information we collect with them. We ensure all such transfers are legal, as explained in Section 8.5.

Our partners may place ads for our products/services based on your interests. They may also use this data to improve their services and algorithms (including AI-based ones).

This Privacy Policy does not cover how our partners process your data, but we encourage you to read their privacy policies.

9.3. How can you opt out of direct marketing?

You can object to direct marketing or withdraw consent anytime by:

To disable interest-based ads, see our Cookie Policy.

10. What Are Your Rights?

Under the GDPR, you have the following rights:

  • Right to withdraw consent
    You may withdraw consent at any time by emailing zega.funghi@gmail.com. However, if we have another legal basis for processing, we will continue processing under that basis.
  • Right to be informed about data processing
  • Right of access
    You may request confirmation of whether we process your personal data and, if so, access to it under Art. 15(1) GDPR.
  • Right to rectification
    You may request correction of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”)
    Under Art. 17 GDPR, you may request deletion of personal data.
  • Right to restrict processing
    Under Art. 18 GDPR, you may request restriction of processing.
  • Right to data portability
    Under Art. 20 GDPR, you may request transfer of your data to another controller.
  • Right to object to processing
    Under Art. 21 GDPR, you may object to processing.
  • Right not to be subject to automated decision-making (including profiling)
  • Right to seek judicial remedy
  • Right to lodge a complaint with a supervisory authority

Please note:

  • You can withdraw consent for direct marketing anytime via the “unsubscribe” option in emails.
  • To exercise your rights, send a signed, dated written request to funghi@gmail.com.
  • These rights are not absolute. Exceptions apply, so each request will be analyzed to determine its validity. If valid, we will facilitate your request. If invalid, we will reject it but explain why and inform you of your right to complain to a supervisory authority or seek judicial remedy.
  • We aim to respond within one month, but this may be extended due to complexity, request volume, or identification difficulties.
  • If we cannot verify your identity, we may not fulfill the request.

11. Questions, Requests, and Exercising Your Rights

If you have questions about how we process your data, wish to exercise your legal rights, or have privacy concerns, email us at zega.funghi@gmail.com.

Our Data Protection Officer’s contact details:

Name: Cristinel Macovei

Email: zega.funghi@gmail.com

Phone: 0744779762

Congratulations! You’ve reached the end. Thank you for taking the time to learn how we protect your personal data!