MyToolHouse S.R.L. ("MyToolHouse", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you visit our website, create an account, place an order, or interact with us in any way.
This policy is in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Romanian data protection legislation, including Law No. 190/2018. By using our website and services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller: MyToolHouse S.R.L., Str. Mihai Eminescu Nr. 74, Sector 2, București 020085, România. VAT: RO41527836. Email: contact@mytoolhouse.com.
We collect personal data that you provide directly to us, as well as data that is collected automatically when you use our website. The types of personal data we may collect include:
| Category | Data Collected |
|---|---|
| Identity Data | First name, last name |
| Contact Data | Email address, phone number, shipping address, billing address |
| Account Data | Username, password (encrypted), account preferences |
| Transaction Data | Order details, payment method type, transaction amount, purchase history |
| Technical Data | IP address, browser type and version, device type, operating system, time zone setting |
| Usage Data | Pages visited, products viewed, search queries, click patterns, session duration |
| Communication Data | Customer support messages, feedback, reviews, survey responses |
We collect your personal data through: direct interactions when you create an account, place an order, fill out a contact form, subscribe to our newsletter, or communicate with our customer support team; automated technologies such as cookies, server logs, and similar tracking technologies that collect technical and usage data as you navigate our website; and third-party sources such as payment processors and courier partners who may provide transaction and delivery data related to your orders.
We use your personal data only for legitimate and clearly defined purposes. These include:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Processing and fulfilling your orders, including payment, shipping, and delivery | Performance of a contract (Art. 6(1)(b)) |
| Creating and managing your user account | Performance of a contract (Art. 6(1)(b)) |
| Communicating with you about your orders, account, or inquiries | Performance of a contract (Art. 6(1)(b)) |
| Sending marketing communications and promotional offers (with your consent) | Consent (Art. 6(1)(a)) |
| Improving our website, products, and customer experience | Legitimate interest (Art. 6(1)(f)) |
| Preventing fraud and ensuring website security | Legitimate interest (Art. 6(1)(f)) |
| Complying with legal obligations such as tax reporting and consumer protection laws | Legal obligation (Art. 6(1)(c)) |
We do not sell, rent, or trade your personal data to any third party for their own marketing purposes. We may share your personal data with the following categories of trusted service providers who assist us in operating our business:
Payment Processors: To securely process your transactions. Courier and Shipping Partners: To deliver your orders to the specified address. IT and Hosting Providers: To maintain and secure our website infrastructure. Analytics Providers: To help us understand website traffic and user behavior (data is anonymized where possible). Legal and Regulatory Authorities: When required by law, court order, or government regulation.
All third-party service providers are contractually bound to process your data only in accordance with our instructions and in compliance with GDPR. They are not permitted to use your personal data for their own purposes.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically: account data is retained for as long as your account remains active and for 30 days after account deletion to allow for recovery; transaction data is retained for 10 years as required by Romanian fiscal and tax legislation; communication data from customer support inquiries is retained for 3 years; technical and usage data is retained for 24 months; and marketing consent records are retained for as long as the consent is valid, plus 12 months after withdrawal.
After the applicable retention period expires, your data will be securely deleted or anonymized so that it can no longer be associated with you.
As a data subject under the GDPR, you have the following rights regarding your personal data:
Right of Access (Art. 15): You have the right to request a copy of the personal data we hold about you. Right to Rectification (Art. 16): You may request correction of any inaccurate or incomplete personal data. Right to Erasure (Art. 17): You may request deletion of your personal data, subject to legal retention obligations. Right to Restriction (Art. 18): You may request that we restrict the processing of your data in certain circumstances. Right to Data Portability (Art. 20): You may request to receive your data in a structured, commonly used, machine-readable format. Right to Object (Art. 21): You may object to the processing of your data based on legitimate interests or for direct marketing purposes. Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption for all data transmitted between your browser and our servers, encrypted storage of passwords using industry-standard hashing algorithms, regular security audits and vulnerability assessments, access controls ensuring that only authorized personnel can access personal data, and secure backup procedures with encrypted storage.
While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest practical standards of data protection.
Your personal data is primarily stored and processed within the European Economic Area (EEA). In the event that any data is transferred to a country outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions, to ensure that your data receives an equivalent level of protection as required by GDPR.
Our website uses cookies and similar tracking technologies to improve your browsing experience, analyze website traffic, and personalize content. For detailed information about the types of cookies we use, their purposes, and how you can manage your cookie preferences, please refer to our Cookie Policy page.
Our website and services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete such data from our systems. If you believe a child has provided us with personal data, please contact us at contact@mytoolhouse.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically. For significant changes, we may also notify you by email or through a prominent notice on our website.
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP), located at B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, București, 010336, România. You may also contact them at anspdcp@dataprotection.ro. However, we encourage you to contact us first at contact@mytoolhouse.com so we can address your concerns directly.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
MyToolHouse S.R.L.
Str. Mihai Eminescu Nr. 74, Sector 2, București 020085, România
VAT: RO41527836 | Reg: J40/1234/2020
Email: contact@mytoolhouse.com
Phone: +40 31 234 5678
Working Hours: Monday – Friday, 09:00 – 18:00 (EET)
Privacy questions or data requests?
Contact us at contact@mytoolhouse.com or call +40 31 234 5678
Monday – Friday, 09:00 – 18:00 (EET)