CONTENTS:
1. When does it apply?
2. What is the purpose of this policy?
3. What is personal data?
4. For what purpose do we collect them?
CONTRACTUAL Purposes
FUNCTIONAL purposes
MARKETING purposes
5. How do we collect them?
6. What rights do you have?
Right of access
The right to change and delete
The right to restrict processing
The right to data portability (export).
The right not to be subject to automatic action
The right to file a complaint
7. Who do we disclose data to?
8. How do we ensure data security?
9. What are the retention periods?
10. How do we treat requests from minors?
11. What do we do in case of security incidents?
12. What records do we keep?

1. When does it apply?
The privacy policy applies to the personal data of those who wish to become, are or have been clients of S.C. ROYAL FOOD S.R.L., including data collected, used or disclosed while using our company's website, available at www.mezze.ro. When we refer to "MEZZE", "we" or "our company" in this statement, we refer to S.C. ROYAL FOOD S.R.L..
You can manage your consent on the purposes for which personal data will be used by sending an e-mail to office@mezze.ro, you can write to us at Str. Mircea Vulcanescu No. 153 B, Sector 1 - Bucharest.
This policy is valid starting from 25.05.2018


2. What is the purpose?
When you use our website, you entrust us with some of your personal data. We understand this and appreciate it. Through everything we do, we strive to protect them and offer you the best possible control over them.
The privacy policy will help you understand what personal data we collect about you, how we use your personal data and what options you have on their use.
We are committed to maintaining the accuracy, confidentiality and security of your personal data. In order to be in line with the legislative changes and/or with the practical realities faced, we reserve the right to adjust this policy at any time, the changes becoming mandatory from the moment they are published on the site.


3. What is personal data?
We want you to understand as clearly as possible what "personal data" represents.
Personal data is information about an identified or identifiable person. Examples of such data: name, surname, address, telephone number, email, data related to the identity card, CNP, bank information, cookie, computer IP address, mobile device IDs, information from your web browser ( such as browser type and browser language), the actions you take on our website, etc.


4. For what purpose do we collect them?
Personal data are collected for the effective development of commercial relations, to offer you the best possible services (fast deliveries, electronic payments, etc.), to permanently improve the functionalities of our website or to bring advertisements and promotions to your attention relevant to you.

We limit the personal data we collect to what is relevant for their particular processing. We do not process your personal data in ways that are incompatible with the purposes for which the information was collected or subsequently authorized by you.

CONTRACTUAL data (mandatory) - for starting the process of hiring a contract and for the effective development of the commercial relationship.
Data can be collected (name, surname, phone, email, etc.) to be able to answer your questions related to our products and services (including by using a dedicated CRM type sales solution), to be able to organize the effective processing and delivery of your orders. These data are collected through dedicated forms on the website such as: contact, request an offer, order online, request consultation, my account, etc. These data are generically referred to as "contractual data". Without them, your order cannot be taken over (for example: we don't know how to answer your questions), it cannot be processed (for example, fiscal documents cannot be issued to collect the value of the products, etc.) and it cannot be delivered (via courier or by other accepted methods). You will not be able to benefit from our services or products using our website, without providing this data.
We may disclose your personal data without giving you the opportunity to opt-out when we use third-party processors (courier companies, online payment processors, etc.) to perform services on our behalf and according to our instructions.
Customers cannot opt out of receiving e-mails related to the processing, development and delivery of the order (or other processes associated with this purpose).
The legal basis for the processing of this data is our legitimate interests (Article 6 paragraph 1 lif (f) of the general data protection regulation).

FUNCTIONAL data - for the best possible experience in using the site
Direct data can be collected (name, surname, phone, email, etc.) to ensure a better experience in using the site. The data is collected through forms on the website such as: price alert (to receive a warning when a price drops), stock alert (to be alerted when a product appears in stock), abandoned baskets (to remind you of purchases unfinished), review request, etc.
This data is generically called "data for functional purposes".
Indirect data can be collected that can be used to create a better structured website (eg: reports from Google Analytics, etc.). This data helps us to see the navigation flow of visitors to the site, the volume of navigation as well as other useful information relevant to the improvement of the site, in order to offer you the best possible browsing experience.
All these functionalities are designed to offer you the best information and purchase options.
If you do not agree with the use of data for this purpose, you cannot benefit from the advantages of these functionalities.
The legal basis for the collection of this data is consent (art. 6 paragraph (1) letter (a) of the General Data Protection Regulation).

MARKETING data - for a better structured website, relevant advertising and information in social media
Personal data is collected, such as direct data (name, surname, phone, email, etc.) or indirect data (cookies, computer IP address, location, mobile device IDs, etc.).
Direct data is collected for newsletter subscriptions (sending newsletters, commercial offers, etc.). If you wish to stop receiving such materials, you can access the "unsubscribe" link located at the bottom of our company's marketing emails.
Cookies are data files that are sent from a website to a browser to record information about users for various purposes. We use cookies and similar technologies. For additional information, see the page on our website that contains the cookie policy.
The data can also be used to display advertisements adapted to your wishes (eg: Google Remarketing, Facebook Pixel, etc.). It is possible that you will be presented with advertisements for products that you have been interested in or that you have viewed.
Our site allows you to connect with social media networks, such as Facebook (facebook.com), Linkedin (linkedin.com) and Twitter (twitter.com) ("Social Media"). By logging in, the IP address and the page you are visiting from our website can be collected. A cookie is also set to allow social media applications to function correctly. You may be offered an option by your social media accounts to post information about your activities on your personal profile page in the social media network, in order to allow other users to access that information in your network.
We call these data generically "data for marketing purposes".
The legal basis for the collection of this data is consent (art. 6 paragraph (1) letter (a) of the General Data Protection Regulation).


5. How do we collect them and how do you manage your consent?
When you interact with our website, we offer you the possibility to grant and withdraw your consent for the use of your data at any time.
We offer site visitors and customers who provide personal data the means to choose how we use this data. Consent regarding the processing of personal data can be requested when creating an account, when launching an order (with or without an account), when launching a form, as well as for any other purpose that involves the granting of consent, by accessing a general control panel ( cumulative or individual, for each category of data or individual purpose) or by other technical means, created for this purpose.
You will have the opportunity to explicitly give your consent to the purposes for which personal data will be used and to manage it later, in accordance with the regulations in force.


6. What rights do you have?
We make every effort to guarantee you the rights you have, in accordance with the legislation in force.

You have the right to access your personal data. Consequently, if applicable, we offer you access to the personal data we keep about you. We also offer you the opportunity to choose if you want to receive offers and promotions from us, but also to correct, modify or delete your information.

We can limit or deny access to personal data, if the efforts or expenses of providing access would be disproportionate to the risks for your privacy, or if the rights of other people, other than you, would be violated. Other reasons for denying or limiting access may include the restrictions imposed by the legislation in force or other similar, corrected aspects.

You have the right to modify and delete your personal data, especially incomplete or inaccurate data, for example, if some of the personal data you provided (phone number, e-mail address, authorized person, etc.) .) are no longer current.
We take reasonable steps to ensure that the personal data we process is viable for the intended use and accurate, complete and current. In this sense, we rely on you to update and correct personal data to the extent necessary for the purposes for which they were collected or subsequently authorized by you.
Requests to access, modify or delete information will be processed within 30 days.

You have the right to restrict the processing, to object to the processing of your personal data and to request the rectification, updating or deletion of the data under the law. This right can be exercised at any time, free of charge and without justification, with the exception of those data for which the processing represents a legal obligation.

You have the right to request portability (export) of personal data. We can limit or refuse the portability of personal data, if the efforts or expenses of providing access would be disproportionate to the advantages brought in the respective case.

You have the right not to be subject to an automatic individual decision.

You have the right to submit a complaint to the National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.), as well as to go to court, in accordance with the legal provisions in force.


7. To whom do we disclose your data and where do we transfer it?
We collaborate with courier companies, authorized electronic payment processors and internet companies: Google, Facebook, etc. - all this, for the best possible experience with our website.

We can share your personal data with service providers contracted to process and deliver orders (such as payment processors, courier service providers, etc.), in order to improve the experience of using the online store (eg: Google Analytics, etc.) or offering services in the field of marketing, advertising and publicity (Google, Facebook, Mailchimp, etc.), as well as for other purposes: accounting services, law, consulting, affiliates, business partners, etc. The disclosure of data is based on the fact that the services necessary for the running of our business cannot be provided by us. We make every effort to obtain a confidentiality commitment from them, which guarantees that these data are kept safe and that the provision of this personal information is done in accordance with the legislation in force. If our providers of hosting services, sending newsletters or other similar services are transferred outside the European Economic Area (EEA), efforts are made to ensure adequate protection measures.

It is possible for us to disclose your personal data, either through the prescriptions of the law, legal process, litigation and/or requests from the public and governmental authorities in your country of residence or outside it. We may also disclose personal information about you if we determine that disclosure is reasonably necessary to ensure compliance with our terms and conditions or to protect our operations or users. Relevant information can also be found in the announcements regarding specific data processing activities.

We may also transfer personal data in the event of an audit, or in the event of the sale or total or partial transfer of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).


8. How do we ensure data security?
The security of your data is important to us. We make all the necessary efforts in this regard.

We take reasonable and appropriate measures to protect personal data from loss, misuse and unauthorized access, disclosure, modification and destruction, taking into account their nature. We take all internal measures to identify and ensure the security of information, the measures being regularly checked and adapted to the state of the art. Our company uses related service providers with notoriety in the market (eg: hosting services, software development services, marketing solutions, etc.) to fulfill this objective.


9. What is the retention period?
We keep the information according to the legal specifications and as long as you agree.

The storage of personal data is done for the periods of time specified by the legislation in force, in order to maintain records related to the activities carried out, for the protection of legal rights and the exercise of other rights according to the law and concluded contracts, the fulfillment of possible archiving requirements, in accordance with the legal provisions. The personal data necessary to benefit from the functionalities of our website and promotional activities are stored for an indefinite period of time, until your account is deleted.


10. How do we treat requests from minors?
We do NOT provide services and do NOT deliver goods to minors except in the express cases provided by law.

In its data processing activities, our company does NOT process the personal data of minors under the age of 16. We do not carry out promotional marketing activities directly to minors.

Any person who provides us with personal data guarantees that he is of age, or has full legal capacity. If there is still a processing of personal data for a person who is not of age, we will stop the processing of this data once we become aware of this fact.

Any processing of minors' personal data is carried out in accordance with legal requirements and in strictly determined cases. Minors who have reached the age of 14 can purchase services, request and receive communications from our company only if they have the consent of their representative or legal guardian, according to the law.


11. What do we do in case of security incidents?
Informing you and the authorities is the first step. Fixing the situation is our priority.
In the event of a personal data breach, we will notify the competent data protection authorities within 72 hours, depending on the degree of risk for the client or the website visitor. Affected customers or site visitors will also be notified of the breach.

We will take all necessary measures to remedy the situations that arise, in order to protect your rights.


12. What records are kept?
We keep records to demonstrate compliance with the requirements of this policy.

We will keep relevant records about:
a. the purpose of processing personal data;
b. the categories of the persons concerned and of the personal data processed;
e. when possible, the expected retention periods for different categories of personal data;
f. a general description of the security measures used to protect personal data;
g. exercising the rights you have.