📢 Privacy Notice: This privacy policy applies to all visitors regardless of how you found our website. We maintain the same high privacy standards for all users, including those arriving via advertisements.
🇪🇺 Your GDPR Rights at a Glance
Right to Access • Right to Rectification • Right to Erasure • Right to Portability • Right to Restrict Processing • Right to Object
Contact privacy@homylume.shop to exercise any of these rights
1. Data Controller Information
Data Controller: Homylume srl
Address: Bulevardul Mihail Kogălniceanu, București, Romania
VAT Number: RO12345678
Email: privacy@homylume.shop
Phone: +40 722 345 678
Homylume srl is the data controller responsible for your personal information collected through our website homylume.shop and related services. We are committed to protecting your privacy and complying with all applicable data protection laws, including the EU General Data Protection Regulation (GDPR).
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Name, email address, phone number, password
- Order Information: Billing and shipping addresses, payment information
- Communication: Messages, reviews, support inquiries
- Preferences: Product preferences, marketing preferences
2.2 Information Collected Automatically
- Device Information: IP address, browser type, device type, operating system
- Usage Information: Pages visited, time spent, click patterns
- Location Information: General geographic location based on IP address
- Cookies and Tracking: As detailed in our Cookie Policy
2.3 Information from Third Parties
- Payment Processors: Transaction verification and fraud prevention
- Shipping Partners: Delivery status and tracking information
- Social Media: If you connect social media accounts (with your consent)
- Advertising Partners: Campaign performance and attribution data
3. How We Use Your Information
3.1 Primary Business Purposes
- Order Processing: Fulfilling orders, payment processing, shipping
- Customer Service: Responding to inquiries, resolving issues
- Account Management: Creating and maintaining your account
- Legal Compliance: Tax reporting, regulatory requirements
3.2 Marketing and Communication
- Email Marketing: Product updates, promotions (with consent)
- Personalization: Customized product recommendations
- Analytics: Understanding customer behavior and preferences
- Advertising: Targeted advertising on our site and third-party platforms
3.3 Website Improvement
- Performance: Website optimization and error tracking
- Security: Fraud prevention and security monitoring
- Research: Product development and market research
4. Legal Basis for Processing
| Purpose |
Legal Basis (GDPR Article) |
Description |
| Order Processing |
Contractual Necessity (6.1.b) |
Required to fulfill our contract with you |
| Email Marketing |
Consent (6.1.a) |
Only with your explicit consent |
| Legal Compliance |
Legal Obligation (6.1.c) |
Tax reporting, regulatory requirements |
| Website Analytics |
Legitimate Interest (6.1.f) |
Improving our services and user experience |
| Fraud Prevention |
Legitimate Interest (6.1.f) |
Protecting our business and customers |
| Customer Service |
Contractual Necessity (6.1.b) |
Providing support for your orders |
5. Information Sharing
5.1 Service Providers
We share information with trusted third-party service providers who help us operate our business:
- Payment Processors: Secure payment processing (PayPal, Stripe)
- Shipping Companies: Order fulfillment and delivery
- Email Services: Transactional and marketing emails
- Analytics Providers: Website performance and user behavior
- Customer Support: Help desk and live chat services
5.2 Legal Requirements
We may disclose information when required by law or to protect our rights:
- Legal compliance and regulatory requirements
- Court orders and legal proceedings
- Protection against fraud and security threats
- Emergency situations involving safety
5.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business assets.
Important: We never sell your personal information to third parties for their marketing purposes. All data sharing is governed by strict contractual agreements ensuring your privacy is protected.
6. Advertising and Analytics
6.1 Google Ads and Analytics
We participate in Google advertising programs and use Google Analytics:
- Google Ads: We use Google Ads to show relevant advertisements
- Google Analytics: We analyze website traffic and user behavior
- Remarketing: We may show ads to previous visitors
- Conversion Tracking: We measure advertising effectiveness
6.2 Other Advertising Partners
We may work with other advertising platforms:
- Facebook/Meta advertising
- Other social media advertising platforms
- Affiliate marketing networks
- Email marketing platforms
6.3 Your Advertising Choices
You can control advertising:
- Google Ad Settings: Manage Google Ads preferences
- Browser Settings: Disable cookies and tracking
- Opt-out Tools: Use industry opt-out tools
- Contact Us: Request advertising opt-out
Advertising Transparency: We clearly label sponsored content and maintain editorial independence. Our product reviews and recommendations are honest and unbiased, regardless of advertising relationships.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience. For detailed information, please see our Cookie Policy.
7.1 Types of Cookies We Use
- Essential Cookies: Required for website functionality
- Performance Cookies: Help us understand website usage
- Functional Cookies: Remember your preferences
- Marketing Cookies: Enable targeted advertising
7.2 Managing Cookies
You can control cookies through:
- Browser settings
- Our cookie consent banner
- Third-party opt-out tools
- Contact us for assistance
8. Data Retention
| Data Type |
Retention Period |
Reason |
| Account Information |
Until account deletion |
Account management and service provision |
| Order History |
7 years |
Legal/tax compliance, warranty claims |
| Marketing Data |
Until opt-out + 30 days |
Email unsubscribe processing |
| Website Analytics |
26 months |
Google Analytics default retention |
| Support Inquiries |
3 years |
Customer service and quality improvement |
| Security Logs |
1 year |
Security monitoring and fraud prevention |
Automated Deletion: We have automated systems to delete data when retention periods expire, unless longer retention is required by law.
9. Data Security
9.1 Technical Safeguards
- Encryption: SSL/TLS encryption for data transmission
- Secure Storage: Encrypted data storage with access controls
- Network Security: Firewalls and intrusion detection systems
- Regular Updates: Security patches and system updates
9.2 Organizational Measures
- Access Control: Limited staff access on need-to-know basis
- Training: Regular privacy and security training
- Incident Response: Procedures for data breaches
- Third-party Audits: Regular security assessments
9.3 Data Breach Notification
In the unlikely event of a data breach:
- We will notify authorities within 72 hours (GDPR requirement)
- We will notify affected individuals without undue delay
- We will provide clear information about the breach and recommended actions
10. Your Rights Under GDPR
🛡️ Complete List of Your Rights
10.1 Right of Access (Article 15)
You have the right to know what personal data we hold about you and how it's being processed.
10.2 Right to Rectification (Article 16)
You can request correction of inaccurate or incomplete personal data.
10.3 Right to Erasure (Article 17)
You can request deletion of your personal data in certain circumstances.
10.4 Right to Restrict Processing (Article 18)
You can request that we limit how we use your data in specific situations.
10.5 Right to Data Portability (Article 20)
You can request your data in a portable format to transfer to another service.
10.6 Right to Object (Article 21)
You can object to processing based on legitimate interests or for marketing purposes.
10.7 Rights Related to Automated Decision Making (Article 22)
You have rights regarding automated profiling and decision-making.
10.8 How to Exercise Your Rights
- Email: privacy@homylume.shop
- Phone: +40 722 345 678
- Mail: Homylume srl, Privacy Officer, Bulevardul Mihail Kogălniceanu, București, Romania
- Response Time: We will respond within 30 days
11. International Data Transfers
Your data is primarily processed within the EU. When we transfer data outside the EU, we ensure adequate protection:
- Adequacy Decisions: Transfers to countries with adequate protection
- Standard Contractual Clauses: EU-approved contracts for data protection
- Certification Schemes: Providers with recognized privacy certifications
- Binding Corporate Rules: Internal rules for multinational companies
Third-party Services: Some services (Google, PayPal) may process data outside the EU but have appropriate safeguards in place.
12. Children's Privacy
Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.
If we discover we have collected information from a child under 16:
- We will delete the information immediately
- We will not use the information for any purpose
- We will not share the information with third parties
Parents and Guardians: If you believe we have collected information from your child, please contact us immediately at privacy@homylume.shop.
13. Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements.
When we make changes:
- We will update the "Last Updated" date
- We will notify you via email for significant changes
- We will post a notice on our website
- We may request renewed consent where required
Version History: Previous versions of this policy are available upon request.