Skip to Content

PRIVACY POLICY AND PROCESSING OF PERSONAL DATA

Last updated: 23 January 2026

Introduction1. IDENTITY OF THE DATA CONTROLLER2. CATEGORIES OF DATA, PURPOSES AND LEGAL GROUNDS3. RECIPIENTS OF PERSONAL DATA4. DATA RETENTION PERIOD5. RIGHTS OF DATA SUBJECTS6. DATA SECURITY7. COMPETENT AUTHORITY

Introduction

Welcome to tesoris.ro. The privacy of your data is a priority for us. This policy transparently explains how we collect, use, and protect your information when you interact with the Tesoris brand.

The company TESORIS 3D S.R.L., as the data controller, is committed to respecting the privacy and security of the personal data processing of every visitor and client accessing the website www.tesoris.ro, in accordance with the provisions of EU Regulation 2016/679 (GDPR) and applicable national legislation.

This document explains how we collect, use, transmit, and protect your data.


1. IDENTITY OF THE DATA CONTROLLER

The controller of your personal data is:

  • Company Name: TESORIS 3D S.R.L.

  • Unique Registration Code (CUI): 53162666

  • Trade Register Number: J2025099548008

  • Registered Office: Bucharest, Sector 2, Aleea Pantelimon, 13, Bl. B5 Sc. 1 Et. 1 Ap. 15, Code: 022402

  • Email contact data protection: [email protected]

In the sense of European legislation (EU Regulation 2016/679 - "GDPR"), we are the Controllerof personal data.

2. CATEGORIES OF DATA, PURPOSES AND LEGAL GROUNDS

We collect personal data only to the extent necessary to fulfil the purposes mentioned below, adhering to the principle of data minimisation.

Processing and delivery of orders

  • Data collected: Name, surname, delivery address, billing address, phone number, email address.

  • Purpose: Processing orders, delivering goods, informing Customers about the status of the Order.

  • Legal basis: The performance of a contract to which the data subject is a party (Art. 6(1)(b) of the GDPR).


Compliance with legal obligations (Invoicing)

  • Data collected: Data necessary for issuing tax invoices (Name, Surname/Company details, Address).

  • Purpose: Issuing financial-accounting documents and reporting to tax authorities.

  • Legal basis: Compliance with a legal obligation to which the controller is subject (Art. 6(1)(c) of the GDPR).


Commercial Communications (Marketing / Newsletter)

  • Data collected: Email address.

  • Purpose: Sending news, offers, and promotional materials.

  • Legal basis: The explicit consent of the data subject (Art. 6(1)(a) of the GDPR). You can withdraw your consent at any time by accessing the "Unsubscribe" link.


Operation and security of the website

  • Data collected: IP address, browser type, operating system, pages visited (via cookies).

  • Purpose: Monitoring traffic, preventing fraud, and ensuring the security of information systems.

  • Legal basis: The legitimate interest of the operator (Art. 6 para. 1 lit. f of the GDPR).

3. RECIPIENTS OF PERSONAL DATA

Your data will not be sold or rented to third parties. They may only be shared with the following contractual partners, strictly for the purpose of conducting business activities:

  1. Courier service providers, for the delivery of orders.

  2. Online payment processors, for the secure processing of banking transactions.

  3. IT and hosting service providers, for the maintenance and hosting of the web platform (Odoo).

  4. Financial and accounting services, for mandatory accounting records.

  5. Public authorities, only in the case of an express legal obligation or at their request according to the law.

4. DATA RETENTION PERIOD

We keep your data only as long as necessary to achieve the stated purposes:

  • Financial and accounting documents (invoices): 10 years, according to legal archiving terms.

  • User account: Until the user requests the deletion of the account.

  • Marketing data: Until consent is withdrawn (unsubscribe).

  • Cookies: According to the cookie policy, for the duration of the session or until they expire.

5. RIGHTS OF DATA SUBJECTS

In accordance with GDPR, you have the following rights:

  1. The right of access: The right to obtain confirmation of data processing and access to it.

  2. The right to rectification: The correction of inaccurate or incomplete data.

  3. The right to erasure ("The right to be forgotten"): The erasure of data when it is no longer necessary or consent has been withdrawn (except for data necessary for compliance with legal obligations).

  4. The right to restriction of processing.

  5. The right to data portability: The transfer of data to another controller.

  6. The right to object: The right to object to processing for marketing purposes.

To exercise these rights, please send a written request to the email address: [email protected]. Requests will be resolved within the legal timeframe of a maximum of 30 days.

6. DATA SECURITY

ÎTESORIS 3D S.R.L. implements appropriate technical and organisational measures to protect data against accidental or unlawful destruction, loss, alteration, disclosure or unauthorised access. Data transfer is carried out through secure protocols (SSL/TLS).

7. COMPETENT AUTHORITY

If you believe your rights have been violated, you have the right to lodge a complaint with The National Authority for the Supervision of Personal Data Processing (ANSPDCP) - www.dataprotection.ro.