Coșul dvs. este gol
Puteți verifica toate produsele disponibile și cumpăra unele din magazin
Înapoi la magazinPrivacy Policy
www.inkspirio.com | www.inkspirio.ro
The protection of your personal data is a priority for INKSPIRIO S.R.L.. This Privacy Policy explains what personal data we collect, for what purposes, on what legal basis, to whom we disclose it, how long we store it, and what rights you have as a data subject. Please read this document carefully before using the Site or placing an Order.
Capitalized terms used in this Privacy Policy and not expressly defined herein shall have the meaning assigned to them in the Terms and Conditions published on the Site, which form an integral part of the legal and contractual framework applicable to the use of the Site.
Data Controller
The websites www.inkspirio.com and www.inkspirio.ro (the “Site”) are operated by INKSPIRIO S.R.L., a Romanian company with its registered office in Sat Sânmihaiu Român, Comuna Sânmihaiu Român, No. 422/D, Apartment 2, Timiș County, Romania, registered with the Trade Register under no. J2025067699000, with tax identification code RO 52461422, hereinafter referred to as “InkSpirio”, “we”, “us”, or the “Controller”.
For any questions regarding personal data processing, you may contact us at: contact@inkspirio.com.
[Optional GDPR contact / DPO: If a Data Protection Officer has been appointed under Article 37 GDPR, their name, role, and dedicated email address may be added here. If no DPO has been appointed, this placeholder may be removed and the general contact address above may remain the GDPR contact point.]
Legal Basis of this Policy
This Privacy Policy is drafted in accordance with the following legal framework: Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”); Romanian Law no. 190/2018 on measures for implementing the GDPR; and Romanian Law no. 506/2004 regarding the processing of personal data and the protection of privacy in the electronic communications sector, where applicable.
Categories of Data Processed, Purposes, and Legal Basis
We process your personal data only for the purposes and on the legal grounds described below. We do not process your data for other purposes without informing you in advance, unless such processing is permitted or required by law.
User account creation and management
Data processed may include your email address and password, the latter being stored only in encrypted / hashed form. The purpose of this processing is to create and manage your personal account on the Site, enable subsequent authentication, provide access to order history, wishlist features, and delivery tracking where such functionalities are available. The legal basis is Article 6(1)(b) GDPR, namely performance of a contract or taking steps at your request prior to entering into a contract.
Order processing and fulfillment
Data processed may include your first name and last name, delivery address, billing address, phone number, email address, company name and tax identification data where invoicing to a business entity is requested, as well as order history, including products ordered, quantities, prices, delivery details, and order status. The purpose of this processing is to confirm, process, manufacture where applicable, prepare, dispatch, deliver, and administer your Orders, issue invoices, and communicate with you regarding the status of your Order. The legal basis is Article 6(1)(b) GDPR, namely performance of the contract concluded with you.
Payment processing
Depending on the payment method chosen, data processed may include transaction-related information, the type of card used, the last digits of the card where such information is provided by the payment processor, and billing-related information. InkSpirio does not store the full bank card number, expiration date, or CVV/CVC code. Online payments are processed through external payment service providers acting either as independent controllers or processors, depending on the specific service and legal arrangement in place. The purposes are payment authorization, payment processing, payment confirmation, fraud prevention, and transaction security. The legal basis is Article 6(1)(b) GDPR for contract performance and, where applicable, Article 6(1)(f) GDPR for our legitimate interest in preventing fraud and ensuring transaction security.
Compliance with accounting and tax obligations
Data processed may include identification data appearing on invoices and other accounting documents, transaction values, refund-related banking data such as IBAN where applicable, and other legally required fiscal information. The purpose is to issue, store, archive, and report accounting and tax documents, as well as to comply with obligations toward public authorities. The legal basis is Article 6(1)(c) GDPR, namely compliance with a legal obligation to which the Controller is subject.
Marketing communications and newsletter
Data processed for this purpose usually consists of your email address and, where relevant, your marketing preferences. The purpose is to send newsletters, product updates, promotional campaigns, exclusive offers, and other commercial communications relating to InkSpirio’s products or services. The legal basis is Article 6(1)(a) GDPR, namely your explicit consent, granted through the relevant opt-in mechanism. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal, by using the unsubscribe link included in each marketing email or by contacting us at contact@inkspirio.com.
Traffic analysis and Site improvement
We may process technical and behavioral navigation data such as pseudonymized or anonymized IP address, browser type and version, operating system, visited pages, session duration, source of traffic, viewed products, and cart interactions, using web analytics tools such as Google Analytics or similar services. The purpose is to understand how Users interact with the Site, identify technical issues, improve performance, optimize the browsing experience, and better understand product and content engagement. The legal basis is Article 6(1)(a) GDPR for analytics cookies and similar technologies requiring consent, as managed through the cookie banner, and Article 6(1)(f) GDPR for strictly necessary technical data processed based on our legitimate interest in ensuring the secure and effective operation of the Site.
Online advertising and remarketing campaigns
We may process device identifiers, pseudonymized IP information, browsing behavior, and ad interaction data collected through tracking pixels or similar technologies such as Meta Pixel or Google Ads tags. The purpose is to display relevant advertisements on third-party platforms to Users who have visited the Site, build audience segments, measure conversions, and assess campaign effectiveness. The legal basis is Article 6(1)(a) GDPR, namely consent provided through the cookie banner for marketing cookies and tracking technologies.
Handling complaints, returns, and disputes
For this purpose, we may process data relating to your Order, contact details, complaint descriptions, attached photographs, email or phone correspondence, and refund-related banking data where necessary. The purpose is to manage complaints relating to Products or delivery, process returns and withdrawals where applicable, respond to legal requests, and defend our rights and interests in potential disputes. The legal basis may be Article 6(1)(b) GDPR for contract performance, Article 6(1)(c) GDPR where legal obligations apply, and Article 6(1)(f) GDPR for our legitimate interest in handling disputes and defending legal claims.
Fraud prevention and Site security
Data processed may include IP address, login-related information, transaction history, unusual platform behavior, and other indicators relevant for detecting abuse or unauthorized access. The purpose is to prevent fraud, protect accounts, detect unauthorized use, secure our information systems, and protect both Clients and the Site infrastructure. The legal basis is Article 6(1)(f) GDPR, namely our legitimate interest in ensuring the security of the Site and protecting our business and clients from fraud and unauthorized activity.
Order status updates and technical notifications
We may process your email address, phone number, and Order-related information in order to send you order confirmations, payment confirmations, production or dispatch updates, delivery notifications, stock-related notices, password reset emails, account-related technical notices, and notifications regarding relevant changes to the Terms and Conditions or this Privacy Policy where appropriate. The legal basis is Article 6(1)(b) GDPR for communications necessary for contract performance and, where applicable, Article 6(1)(f) GDPR for our legitimate interest in ensuring proper and transparent communication with Users and Clients.
Data We Do Not Intentionally Collect
We do not intentionally collect or process special categories of personal data within the meaning of Article 9 GDPR, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for the purpose of uniquely identifying a natural person, data concerning health, sex life, or sexual orientation.
If such data is accidentally disclosed to us, for example through a contact message or an attachment sent by a User, we will not use it for any purpose unrelated to the original communication and will delete it where appropriate and permitted by law.
Recipients of Personal Data
Your personal data is accessed only by authorized personnel of InkSpirio and may be disclosed, strictly within the limits of the purposes described above, to selected categories of recipients such as courier operators, payment processors, email and newsletter providers, hosting providers, e-commerce platform providers, technical maintenance providers, analytics providers, advertising platforms, accountants, auditors, lawyers, consultants, and competent public authorities where required by law or necessary for the establishment, exercise, or defense of legal claims.
| Recipient category | Data shared | Purpose | Legal role |
|---|---|---|---|
| Courier / delivery operators | Name, delivery address, phone number, email where needed | Order delivery | Independent controller |
| Payment processors | Transaction-related data, payment metadata | Online payment processing | Independent controller and/or processor, depending on service |
| Email / newsletter service providers | Email address, marketing preferences | Commercial communications | Processor under Article 28 GDPR |
| Hosting / platform / technical providers | Account data, order data, technical logs | Site operation, maintenance, security | Processor under Article 28 GDPR |
| Analytics and advertising providers | Pseudonymized technical and behavioral data | Traffic analysis, remarketing, performance measurement | Processor and/or independent controller, depending on service |
| Public authorities | Relevant data required by law or official request | Legal compliance, reporting, disputes | Independent controller |
| External advisors | Data relevant to the mandate | Legal, accounting, audit, professional support | Independent controller and/or processor, with confidentiality obligations |
We do not sell, rent, or otherwise commercially transfer your personal data to third parties for their own independent marketing purposes. All processors are selected with due care and act only on the basis of documented instructions, confidentiality obligations, and data processing agreements where required under Article 28 GDPR.
International Data Transfers
Some services used by InkSpirio may involve the transfer of personal data outside the European Economic Area. Such transfers are carried out only in compliance with Chapter V GDPR and based on one of the lawful transfer mechanisms recognized by the GDPR, such as an adequacy decision, Standard Contractual Clauses, or other appropriate safeguards. More information about the applicable transfer mechanisms may be requested at contact@inkspirio.com.
Data Retention Period
Your personal data is stored only for as long as necessary for the purposes for which it was collected, or for as long as required by law, depending on the type of data and the purpose of processing.
| Data category | Retention period | Legal basis / reason |
|---|---|---|
| Active user account data | For as long as the account remains active | Contract performance |
| User account data after deletion | Up to 1 year after deletion, unless pending obligations or disputes exist | Legitimate interest in handling potential disputes |
| Orders and invoices | 10 years from the issuance date of the accounting document | Legal accounting and tax obligation |
| Returns and complaints data | Up to 3 years from final resolution | General limitation period / legal defense |
| Newsletter / marketing data | Until consent is withdrawn | Consent |
| Analytics cookies data | According to cookie settings, typically up to 13 months | Consent / Cookie Policy |
| Marketing cookies data | According to provider settings, typically between 90 days and 2 years | Consent / Cookie Policy |
| Fraud prevention and security data | Up to 3 years or as needed in relation to incidents | Legitimate interest |
| Technical backup data | Maximum [30–90] days, according to internal backup policy | Legitimate interest / security |
At the end of the applicable retention period, personal data is deleted, anonymized, or irreversibly erased, unless a longer retention period is required by law or necessary for the establishment, exercise, or defense of legal claims.
Your Rights as a Data Subject
As a data subject, you benefit from the rights guaranteed by the GDPR, which you may exercise free of charge, subject to the conditions and limitations provided by law.
| Right | Content | GDPR Article |
|---|---|---|
| Right of access | To obtain confirmation that your data is being processed and a copy of that data, together with information about the processing | Art. 15 |
| Right to rectification | To request correction of inaccurate data or completion of incomplete data | Art. 16 |
| Right to erasure | To request deletion of your data under the conditions provided by law | Art. 17 |
| Right to restriction of processing | To request temporary suspension of processing in specific circumstances | Art. 18 |
| Right to data portability | To receive the data you provided in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another controller | Art. 20 |
| Right to object | To object to processing based on legitimate interest or for direct marketing purposes | Art. 21 |
| Right not to be subject to automated decision-making | Not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects | Art. 22 |
| Right to withdraw consent | To withdraw consent at any time, without affecting prior lawful processing | Art. 7(3) |
How to exercise your rights
Requests may be sent to contact@inkspirio.com or to the Company’s correspondence address, and should include your name, the email address associated with your account or order, the specific right you wish to exercise, and any details necessary for us to identify and process your request. We normally respond within 30 calendar days from receipt of the request, with the possibility of extending this period by up to two additional months in complex cases or where the number of requests requires it, in accordance with Article 12(3) GDPR. In order to protect personal data against unauthorized disclosure, we may request reasonable proof of identity before acting on a request.
Right to lodge a complaint with a supervisory authority
If you believe that the processing of your personal data infringes the GDPR or applicable national law, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) or with another competent supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement.
Romanian Supervisory Authority:
National Supervisory Authority for Personal Data Processing (ANSPDCP)
Address: Bd. G-ral. Gheorghe Magheru nr. 28-30, Sector 1, 010336, Bucharest, Romania
Phone: +40 318 059 211
Email: anspdcp@dataprotection.ro
Website: www.dataprotection.ro
The right to lodge a complaint with a supervisory authority is without prejudice to any other administrative or judicial remedy available to you.
Data Security
InkSpirio implements appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. Such measures may include password hashing and secure credential handling, HTTPS / TLS encrypted connections across the Site, access restrictions based on need-to-know principles, carefully selected service providers, processor agreements where legally required, periodic backups with secured storage, and monitoring of technical events and suspicious activity.
While we take reasonable and proportionate steps to secure the personal data we process, no system can guarantee absolute security. For that reason, Users are also encouraged to use strong passwords, keep login credentials confidential, and protect the devices through which they access the Site.
Cookies and Similar Technologies
The Site uses cookies and similar tracking technologies for technical, analytical, marketing, and personalization purposes. Full details regarding the types of cookies used, their providers, storage duration, and the ways in which consent can be managed are available in the Cookie Policy published on the Site.
Direct Marketing and Preference Management
InkSpirio sends commercial communications only on the basis of the recipient’s explicit consent, expressed through newsletter subscription forms, dedicated opt-in mechanisms, or other lawful consent collection interfaces used on the Site. Each marketing email contains an active unsubscribe link that allows immediate withdrawal of consent. Unsubscribing from marketing communications does not affect our right to send transactional communications strictly necessary for the performance of an existing contract, such as order confirmations, payment confirmations, delivery updates, or technical account notifications.
Minors
The Site is intended for general audiences and is not knowingly designed to collect personal data from children in a manner contrary to applicable law. InkSpirio does not intentionally collect personal data from minors where such collection would require parental authorization or would otherwise be unlawful under applicable data protection legislation. If we become aware that personal data of a minor has been collected in a way that is not lawful, we will take appropriate steps to delete such data as soon as reasonably possible. Parents or legal guardians who believe that a minor has provided personal data through the Site may contact us at contact@inkspirio.com.
Links to Third-Party Websites
The Site may contain links to third-party websites, services, or platforms. This Privacy Policy applies exclusively to the websites operated by InkSpirio. We are not responsible for the privacy practices, security standards, or content of third-party websites, and we recommend that you consult their privacy policies before providing them with any personal data.
Changes to this Privacy Policy
We may update this Privacy Policy periodically in order to reflect legislative changes, operational changes, technological developments, or modifications in the way we process personal data. The updated version will be published on the Site together with the relevant effective date. If the changes are significant, Users and Clients may also be informed through email notifications or a prominent message displayed on the Site. Continued use of the Site after publication of the updated version constitutes acknowledgment of the updated Policy to the extent permitted by law. Where the changes affect processing based on consent, we will seek renewed consent where legally required.
Contact for Privacy Matters
For any questions, requests, or concerns regarding the processing of your personal data, you may contact:
INKSPIRIO S.R.L.
Email: contact@inkspirio.com
Correspondence address: Sat Sânmihaiu Român, Comuna Sânmihaiu Român, No. 422/D, Apartment 2, Timiș County, Romania