The website www.drcamilianes.ro uses all necessary resources and efforts to process your data in full compliance with Regulation (EU) 2016/679 ("General Data Protection Regulation" or "GDPR") and all other laws applicable in Romania.

Since transparency is a key principle of this legal framework, please read this document. We want to inform you about how we collect, use, transfer, and protect your personal data when you interact with us in connection with our products and services, including through our website.

We reserve the right to periodically update and amend this Privacy Policy to reflect changes in the way we process your data or changes in legal requirements.

In the event of such changes, we will publish the amended version of the Privacy Policy on our website.

We recommend that you review the contents of this page regularly.

Contact Information

www.drcamilianes.ro is the trade name of ENDODONTIC TEAM SRL, with the following registered office:

Headquarters: Dumbrăvița, Dumbrăvița Municipality, Str. Londra No. 12, Ap. Cam. 3, Dumbrăvița, Timiș County, Romania

CUI: 35934652

Commercial Registration Number: J35/1129/2016

Bank Account (IBAN): RO63BTRLRONCRT0344763101

Account Currency: RON

SWIFT: BTRLRO22

Bank: Banca Transilvania

Legal Representative: Dr. Camil Ianeș

Email Address: camil.ianes@drcamilianes.ro

In accordance with data protection laws, ENDODONTIC TEAM SRL is the controller of your personal data.

If you have any questions or concerns about data protection, you can contact us:

📧 by email to: camil.ianes@drcamilianes.ro

📫 by mail or courier to the above-mentioned address of the company headquarters

We generally collect your personal data directly from you, so you have full control over what information you provide to us.

For example, we may collect the following data:

When you create an account on the website www.drcamilianes.ro:

First name, last name, email address, password

When you place an order:

First and last name, delivery address, billing address, desired product, payment method, telephone number, bank card details (via authorized processors)

When you contact us via form or email:

First name, last name, email address, sent message

When you interact with us on social networks:

data publicly available in your profile and the content of the sent message

When you browse our website:

We collect data through cookies or similar technologies, such as B. IP address, pages viewed, length of visit, browser settings, etc. – in accordance with the Cookie Policy.

Important Notice:

We do not intentionally collect or process sensitive data (such as religious beliefs, political orientation, health status, etc.) and do not wish to collect data from minors under the age of 16. If we discover that such data has been provided in error, we will take steps to delete it immediately.

We use your personal data for the following purposes:

We use your personal data for the following purposes, depending on how you interact with the website www.drcamilianes.ro or our services:

1. To provide services for your benefit

This general purpose may include, where appropriate:

Creating and managing your customer account on the platform

Processing orders: acceptance, validation, shipping, and invoicing

Processing inquiries related to orders, products, or services

Returning products and refunding amounts in accordance with legal requirements

Providing the necessary support: questions, clarifications, and post-order support

Legal basis: Contractual performance and legal obligations (tax, accounting)

2. To improve services and user experience

Collecting feedback through satisfaction surveys

Analyzing website behavior to optimize content and features

Conducting internal studies or market research

Legal basis: legitimate interest in improving the services offered and user experience

3. For marketing activities

Sending offers, promotions, and relevant information by email Email/SMS/Notifications

Personalization of communication based on previous behavior (e.g., products viewed, ordered, or added to wishlist)

Communication is based on:

Your consent (which you can withdraw at any time)

Legitimate interests (for existing customers, within the limits of legal provisions)

You can object to processing at any time by clicking on the link included in each message or by contacting us directly.

4. To protect legitimate interests

Protecting the website and users from fraud or cyberattacks

Transferring data to competent authorities, if necessary

Implementing legal measures to protect business activities

Legal basis: Legitimate interest and/or legal obligations

To protect our legitimate interests

Measures to prevent and detect fraud attempts, including the transmission of information to competent authorities;

Measures to manage various other risks.

The fundamental basis for this type of processing is our legitimate interest in maintaining our business activities. We ensure that all measures we take balance our interests with your fundamental rights and freedoms.

In certain cases, we also base our processing on legal requirements, such as the obligation to ensure the security of goods and valuables in accordance with applicable laws.

How long we retain your personal data:

We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected or as required by law.

In general:

The data linked to the customer account is retained for as long as it is active.

If you request deletion of the account, we will delete the data, with the exception of data we are obliged to retain (e.g., invoices – at least 10 years under tax law).

For orders and transactions:

Information on placed orders, invoices, and payments is generally retained for 10 years from the date the document was issued, in accordance with legal obligations (e.g., accounting, archiving).

For marketing purposes:

Data processed based on your consent will be stored until you revoke it.

If you no longer wish to receive marketing messages, you can unsubscribe at any time. The associated data will then be deleted or anonymized.

To protect legitimate interests:

We may retain certain data for as long as necessary to defend our rights in court, resolve potential disputes, or conduct investigations.

In any case, we regularly review stored data and delete it when it is no longer needed, in compliance with deadlines and legal requirements.

We currently store and process your personal data on Romanian territory.

However, we may transfer some of your personal data to companies within or outside the European Union, including to countries whose level of personal data protection has not been recognized as adequate by the European Commission.

We will always take measures to ensure that any international transfer of personal data is handled carefully to protect your rights and interests. Transfers to service providers and other third parties are always protected by contractual obligations and, where applicable, other safeguards, such as standard contractual clauses issued by the European Commission or certification systems such as the Privacy Shield, to protect personal data transferred from the EU to the US.

You can contact us at any time using the contact details provided above to obtain further information about the countries to which we transfer your data and the safeguards we have in place in connection with these transfers.

How we protect the security of your personal data

We are committed to ensuring the security of your personal data through appropriate technical and organizational measures in accordance with industry standards.

Your personal data is transferred using state-of-the-art encryption algorithms, and we store it on secure servers, ensuring data redundancy.

For payments, we use the services of the payment processor Stripe. All payment information is encrypted using HTTPS technology.

Despite the measures taken to protect your personal data, we inform you that the transmission of information over the Internet in general or over other public networks is not completely secure and there is a risk that the data may be viewed and used by unauthorized third parties. We cannot accept responsibility for such vulnerabilities in systems that are not under our control.

In order to carry out our activities under optimal conditions and provide you with a comprehensive and secure experience, we may transfer or grant access to certain personal data to the following categories of partners and cooperation partners:

Trusted Partners:

Courier service providers for the delivery of products or required documents;

Payment/banking service providers such as Stripe for payment processing;

IT service providers for website administration, hosting, maintenance, or technical support;

Digital marketing service providers for the transmission of commercial communications (email, SMS, etc.);

Providers of market research services and satisfaction surveys.

We respect laws and confidentiality:

We always ensure that access to data is based on a legal basis and a confidentiality agreement, and that our partners comply with GDPR standards when processing your data.

Legal obligations and authorities:

We may transfer your data to authorities, courts, or other competent institutions:

if necessary to comply with a legal obligation;

if necessary to defend our legitimate rights or to prevent fraud, litigation, or abuse.

Transfers outside the European Union:

We currently store your data exclusively on Romanian territory.

If we transfer data outside the European Economic Area (EEA), this is only done on the basis of:

an adequacy decision of the European Commission;

standard contractual clauses;

or other legal guarantees to ensure your rights are protected.

How we protect the security of your personal data

At www.drcamilianes.ro, we take the protection of your personal data very seriously and are committed to implementing the highest security standards.

Technical and organizational measures:

We use state-of-the-art encryption algorithms for data transmission.

We store information on secure servers in protected data centers.

We ensure limited access to personal data – only for authorized personnel and only for permitted purposes.

We implement backup and redundancy measures to prevent data loss.

All payments are processed through a certified processor – in our case, Stripe. Card details are not stored on our servers.

External risks (for which we assume no responsibility):

Although we make every effort to protect your data, the transmission of information over the internet (email, public networks, Wi-Fi, etc.) is not completely secure.

There is a risk that some data may be intercepted or accessed without authorization by third parties.

In these situations, which are beyond our control, we cannot be held liable for security breaches.

Would you like more information?

If you have any questions about protecting your data, you can always write to us at:

📧 camil.ianes@drcamilianes.ro

What are your rights?

The General Data Protection Regulation (GDPR) grants you several basic rights regarding your personal data. These give you control and transparency over how your information is used.

What you can request:

Access to your data – to know what information we store and how we use it;

Recognition of data – if the data is inaccurate or incomplete;

Deletion of data – under certain conditions (e.g., if the data is no longer needed or you have withdrawn your consent);

Restriction of processing – temporary or permanent, depending on the context;

Data portability – you can request that the data be transferred to you or another controller in a user-friendly format;

Objection to processing – especially in the case of direct marketing or when the basis is a legitimate interest;

Withdrawal of consent – ​​at any time if the processing is based on consent;

Complaint to the supervisory authority – if you believe your rights have been violated;

The right not to be subject to automated decision-making – including profiling – if it significantly affects you.

How to exercise these rights

You can contact us at any time:

📩 Email: [Your contact address]

📬 Post: [Operator's full address]

Identity verification

To protect your privacy, we may ask you for additional information to verify your identity, especially if you do not use the email address associated with your account on the platform.

Our Response

We will respond to your requests within a maximum of 30 days. In complex or multiple cases, this period may be extended to 60 days upon prior notice.

Costs

Exercising your rights is free of charge. However, for excessive, repetitive, or manifestly unfounded requests, we may charge a reasonable administrative fee.

Details of each right

1. Right of access

You can request the following:

Confirmation that we process your data;

Information about how and why the data processing is carried out;

A free copy of the data (first request).

2. Right to rectification

If your data is incorrect or incomplete, you can request its rectification. In certain cases, we can verify the accuracy of the information provided.

3. Right to erasure of data ("right to be forgotten")

This request applies in the following cases:

The data is no longer required;

You withdraw your consent;

You object to the processing;

The data was collected unlawfully;

There is a legal obligation to erase it.

⚠️ Important: In some cases, we cannot delete data if this is necessary to comply with a legal obligation or to assert/defend a legal claim.

4. Right to restriction of processing

Applies if:

You dispute the accuracy of the data;

The processing is unlawful and you do not wish to have it deleted;

The data is no longer needed, but you need it for legal proceedings;

You have exercised your right of objection and are awaiting a decision.

5. Right to data portability

You can request that the data be transferred:

in a structured and machine-readable format;

to you or directly to another controller, where technically feasible.

Only applies if:

the basis for processing is consent or a contract;

the processing is automated.

6. Right to object

You have the right to object to:

processing based on legitimate interests;

the use of data for direct marketing purposes (without further justification).

7. Automated Decision-Making and Profiling

You have the right to request human intervention and to contest a decision based solely on automated processing if:

it produces legal effects concerning you;

it significantly affects you.

8. Complaints

If you have any concerns about how we handle your data, you can contact us directly or contact:

The National Supervisory Authority for Personal Data Processing