Image Alt
  >  Privacy Policy

Privacy Policy - TOAH SRL / www.toah.ro

This Privacy Policy explains how TOAH SRL collects, uses, stores and protects the personal data of users of the www.toah.ro website in accordance with Regulation (EU) 679/2016 (GDPR) and applicable national law.

By using the website and placing an order, the user confirms that he/she has read and understood this policy.

 

  1. Data controller

TOAH SRL Address: Str. Kelemen Arpad nr. 95, Chinteni, jud. Cluj, Romania E-mail: info@toah.ro Phone: 0791 520 209 CUI: 50416557 Nr. Reg. No.: J2024015457127

TOAH SRL is the controller of personal data collected through the website www.toah.ro.

 

  1. What data we collect

We only collect the data strictly necessary to process orders and operate the online shop:

Data provided directly by the client:

  • Full name
  • Delivery address
  • E-mail address
  • Phone number
  • Data required for invoicing (natural or legal person)
  • Order details (products, value, payment methods)

Data collected automatically:

  • IP address
  • Device and browser technical data
  • Cookies necessary for the functioning of the website (see Cookies Policy)

We do not collect sensitive data.

 

  1. Purposes of data processing

TOAH SRL processes personal data exclusively for:

  • order processing and confirmation
  • issuing invoices
  • delivery of products
  • communications strictly related to the order placed
  • managing returns and guarantees
  • meeting legal obligations (accounting, taxation)
  • fraud prevention and transaction security

We do not use the data for marketing, newsletters or profiling.

 

  1. Legal basis of processing

We process data on the basis of:

  • contract execution (order processing)
  • legal obligations (invoicing, accounting)
  • legitimate interest (site security, fraud prevention)
  • consent, where necessary

 

  1. To whom we transmit personal data

TOAH SRL transmits personal data only to the partners necessary to process the order, respecting the principle of data minimization.

Data may be sent to:

  • DPD and Dragon Star – to deliver orders
  • EuPay – for online payment processing
  • IT service providers (for technical maintenance only)
  • Public authorities, only on legal request

We do not sell, rent or transfer personal data to third parties for commercial purposes.

 

  1. Data storage duration

Data is kept only as long as necessary for:

  • order processing
  • legal obligations (e.g. invoices are kept for 10 years under tax law)
  • Collateral management (24 months)

After the legal deadlines expire, the data is deleted or anonymized.

 

  1. Data security

TOAH SRL implements technical and organizational measures for data protection:

  • encryption of data transmitted through the website
  • secure servers
  • restricted access to data
  • GDPR compliant contractual partners
  • permanent platform security monitoring

Card details are NOT accessed and are NOT stored by TOAH SRL. Payments are processed exclusively by EuPlătesc, in 3D-Secure system.

 

  1. User rights (GDPR)

According to Regulation (EU) 679/2016, the user has the following rights:

  • Right of access to personal data
  • Right to rectification
  • Right to erasure (‘right to be forgotten’)
  • Right to restrict processing
  • Right to oppose
  • Right to data portability
  • Right to complain to the ANSPDCP

To exercise these rights, the user can send a request to: 📩 info@toah.ro

 

  1. Minors

The www.toah.ro website is not intended for minors. We do not knowingly collect data from people under 18.

 

  1. Cookies

The site uses cookies necessary for its functioning. For details, see our Cookies Policy.

 

  1. Policy changes

TOAH SRL reserves the right to update this policy. The updated version will be published on the website.

 

  1. Contact

For questions about data protection:

TOAH SRL E-mail: info@toah.ro Str. Kelemen Arpad nr. 95, Chinteni, jud. Cluj