Your Cart
  • ONE free product for orders over 25€
  • TWO free products for orders over 40€
0
  • ONE free product for orders over 25€
  • TWO free products for orders over 40€
0%

Add products worth 15 EUR to complete your order

Privacy Policy

Privacy Policy on processing of personal data

Mr. Iron undertakes to observe the right to personal data protection. Thus, we will process your personal details in accordance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”) and the legal provisions in force in Romania.

By means of this policy, we want you to know how we collect, use, transfer and protect your personal data when you interact with us.

This privacy policy can pe periodically updated, in accordance with the relevant legal provisions. It can be accessed on www.mriron.eu website for the latest update.

Pursuant to the data protection law, the undersigned has the quality of operator when it processes the personal data of its customers or partners.

Our customers opinions are very important to us. This is why we are at your disposal for any further information regarding your data at the following e-mail address: contact@mriron.eu or at our registered office address, by specifying: For DPO attention.

  1. A) Categories of Processed Personal Data:

A.1) We collect the personal data of the Customers / Buyers / Users directly from them, customers are remaining in full control of the data provided.

A.2) When creating an account, the Customers / Buyers / Users provide us the name (as surname and name, as well as the e-mail address).

A.3) On the account editing page, the Customers / Buyers / Users can enter the delivery address for the ordered products, the phone number, alternative addresses.

A.4) When placing an order, the Customers / Buyers / Users provide us information on the ordered product, the surname and name, the delivery address, the invoicing details, the phone number.

A.5) On our website, the information can be stored and collected in cookies and similar technologies, according to the Cookie Policy.

A.6) The undersigned does not collect or process sensitive data in any other way. All data provided by the customers are used for informational purposes in regard to the products sold or placing of orders.

A.7) The undersigned does not collect or process data belonging to people younger than 16 years old.

  1. B) Processing Purposes and Reasons:

B.1) Services:

This purpose includes:

B.1) To create and manage an account;

B.2) To process the orders and to make possible the delivery flow (receiving, individualizing, validating, sending and invoicing them);

B.3) To solve the possible order-related problems (delays, losses, damaged parcels, wrong deliveries);

B.4) To return the purchased products;

B.5) To reimburse the prices of the products;

B.6) To provide support services concerning the content of our products or the order status.

The data processing for such purposes is necessary for the agreement between the undersigned and their customers to be properly executed.

  1. C) For Marketing – Publicity:

C.1) Communications intended for Customers / Buyers / Users containing the promotions and products of the undersigned.

C.2) The messages sent to the Customers / Buyers / Users can contain general information, product changes as well as other communications directly related to the undersigned’s activity or updating of the products sold by the undersigned.

C.3) For the marketing communications, we will previously ask for the consent of the Customers / Buyers / Users.

C.4) If the Customers / Buyers / Users no longer wish to be informed on these updates, they can send an e-mail to the address: contact@mriron.eu

C.5) In all situations, the undersigned process the data according to its legitimate interest, guaranteeing a balance between our interests and the fundamental rights and freedoms of the Customers / Buyers / Users.

  1. D) Retention Period for Personal Data

D.1) We will retain the data of the Customers / Buyers / Users throughout the whole period they have an active account on our website.

D.2) Customers / Buyers / Users can request us to delete data, certain information or delete their account at any time. We will comply with the request by removing the data from our system, except for data kept according to the legislation in force for a legitimate interest

D.3) The data deletion is irreversible. Once it was performed, the data disappear from the system and they can be only restored if the Customer / User / Buyer enters them again.

  1. E) Where the Data are Sent

E.1) The data are sent to:             

E.1.1) courier service providers for order delivery

E.1.2) payment/banking service providers

E.2) The state authorities if we have the legal obligation to send all these data. However, we constantly ensure that the data of the Customers / Buyers / Users sent to third parties are managed in accordance with the legal provisions aimed at ensuring the confidentiality of information.

E.3) All partners of the undersigned must comply with EU Regulation 2016/679, our collaboration being carried out exclusively with people who have implemented a GDPR policy at organizational level, and a current personal data protection system.

  1. F) Countries to which the Personal Data are Transferred

F.1) The personal data are stored and processed within the European Economic Area.

F.2) In regard to the data transferred outside the European Union, the transfer will be processed in the terms provided by the enforceable law.

  1. G) Personal Data Protection

G.1) We ensure data security according to current standards

G.2) Payment related information is made through the payment processor, in an encrypted system, however, we cannot be responsible for vulnerabilities of systems that are not under our control

G.3) We periodically update the security policies and constantly monitor the data flow in order to detect possible vulnerabilities.

G.4) If an information leakage is detected, we will do all we can do in order to prevent its spreading and to limit its perpetuation.

G.5) The people affected by a possible information leakage will be notified as soon as possible for the damages to be limited.

  1. H) Rights of Data Subjects

H.1) Regulation 679/2016 provides some rights for the personal data subjects. Thus, considering the above-mentioned regulations, the Customers / Buyers / Users (data subjects) can request access, deletion, objection to data processing or correction at any time.

H.2) According to the mentioned Regulation, the data subject has the right to bring the case to the Court or before the national competent authority.

H.3) As we acknowledge that personal data are of particular importance, we kindly ask the Customers / Buyers / Users (data subjects) to submit the request related to such data by using exclusively the account address registered on our website. In any other situations, we reserve the right to make further checks on the identity of the applicant.

 

 

 

 

  1. I) Cost

I.1) All requests related to a right provided by GDPR Regulation are free of charge.

 

  1. J) Period

J.1) Our desire is to be as close as possible to the Customers / Buyers / Users of Mr.Iron. Thus, for the personal data-related requests, the maximum response time is one month. In exceptional situations, the period can be extended with the prior notification of the applicants.

 

  1. K) What the Data Subjects can Request

K.1) To copy the data

K.2) To confirm the data processing

K.3) Information on the stored data

  1. L) Data Modification

L.1) The data subject can request the data modification, including the rectification or completion of the inaccurate, incomplete or wrongly communicated personal data.

 

  1. M) Data Deletion

M.1) The data subject can request the deletion of the personal data.

M.2) If the processing of the personal data of the data subject is necessary in order to comply with a legal obligation or to acknowledge and exercise or defend a right in court, the undersigned reserves the right not to comply with data subject’s request.

0