Your GDPR Rights - Homylume.shop
๐Ÿ“ข GDPR Notice: Your data protection rights are the same regardless of how you found our website. We fully respect your GDPR rights whether you discovered us through ads or direct visits.

Your GDPR Rights

Data Protection โ€ข Privacy Control โ€ข EU Rights

Exercise your rights under the General Data Protection Regulation

๐Ÿ‡ช๐Ÿ‡บ Your Data Protection Rights

Under the EU General Data Protection Regulation (GDPR), you have comprehensive rights regarding your personal data. We are committed to honoring these rights promptly and transparently.

Response Time: 30 days maximum โ€ข Service: Free of charge โ€ข Support: Available in multiple languages

๐Ÿ“„ Right to Access

Article 15 GDPR

Get a copy of all personal data we hold about you, including:

  • What data we collect
  • How we use your data
  • Who we share it with
  • How long we keep it
  • Your other rights

โœ“ Available in portable format

โœ๏ธ Right to Rectification

Article 16 GDPR

Correct any inaccurate or incomplete personal information:

  • Update contact details
  • Fix incorrect information
  • Complete missing data
  • Update preferences

โœ“ Updated immediately

๐Ÿ—‘๏ธ Right to Erasure

Article 17 GDPR - "Right to be Forgotten"

Request deletion of your personal data when:

  • Data no longer needed
  • You withdraw consent
  • Data unlawfully processed
  • Legal obligation to delete

โš ๏ธ Some exceptions apply

โธ๏ธ Right to Restrict

Article 18 GDPR

Limit how we process your data in certain situations:

  • While accuracy is verified
  • When processing is unlawful
  • For legal claims
  • Pending objection decision

โ„น๏ธ Data stored but not processed

๐Ÿ“ค Right to Portability

Article 20 GDPR

Get your data in a portable format to:

  • Transfer to another service
  • Keep for personal use
  • Share with third parties
  • Maintain data control

โœ“ Machine-readable format

๐Ÿšซ Right to Object

Article 21 GDPR

Object to processing based on:

  • Legitimate interests
  • Direct marketing
  • Profiling for marketing
  • Scientific/historical research

โœ“ Immediate effect for marketing

๐Ÿ“‹ Submit a Data Protection Request

Exercise Your GDPR Rights

Must match the email associated with your account/orders
Required to verify your identity and protect your data
What happens next? We will acknowledge your request within 72 hours and provide a full response within 30 days. Complex requests may take up to 60 days with notification.

โฑ๏ธ Request Processing Timeline

Step 1: Request Submission

Timeframe: Immediate

Submit your request using the form above or contact us directly. You'll receive an automatic confirmation with a reference number.

Step 2: Identity Verification

Timeframe: 1-3 business days

We verify your identity to protect your data. We may request additional information if needed to confirm your identity.

Step 3: Request Processing

Timeframe: 1-30 days

Our data protection team processes your request. Complex requests may require additional time (up to 60 days total).

Step 4: Response Delivery

Timeframe: Final step

We provide a complete response with the requested information or confirmation of action taken. All responses are secure and private.

Fast Track: Simple requests like marketing opt-outs and basic data corrections are often processed within 24-48 hours.

Right to Access (Article 15)

You can request a complete overview of your personal data processing, including:

Information Provided Details Included
Personal Data Categories Contact info, order history, preferences, analytics data
Processing Purposes Order fulfillment, marketing, analytics, customer service
Legal Basis Consent, contract, legitimate interest, legal obligation
Data Recipients Payment processors, shipping companies, analytics providers
Retention Periods How long each type of data is stored
Your Rights Complete overview of all available rights

Right to Rectification (Article 16)

Correction of personal data is available for:

  • Factual Errors: Incorrect names, addresses, phone numbers
  • Outdated Information: Old contact details, preferences
  • Incomplete Data: Missing information that affects service
  • Account Settings: Communication preferences, marketing consent

Right to Erasure (Article 17)

Data deletion is available in these circumstances:

โœ… When Erasure is Available

  • Personal data no longer necessary for original purpose
  • You withdraw consent (where consent was the legal basis)
  • You object to processing and no overriding legitimate grounds exist
  • Personal data has been unlawfully processed
  • Erasure required for compliance with legal obligation
  • Data collected from children under 16 without proper consent

โš ๏ธ When Erasure May Not Be Possible

  • Freedom of expression and information
  • Compliance with legal obligations (e.g., tax records)
  • Public interest tasks
  • Exercise or defense of legal claims
  • Archiving in the public interest, scientific/historical research

Right to Data Portability (Article 20)

We provide data in structured, commonly used formats:

  • JSON Format: Machine-readable data export
  • CSV Files: For spreadsheet applications
  • PDF Reports: Human-readable summaries
  • API Access: Direct data transfer (where technically feasible)

๐Ÿค– Automated Decision Making & Profiling

Under Article 22 GDPR, you have rights regarding automated decision-making and profiling:

Our Use of Automated Processing

  • Product Recommendations: Algorithm-based suggestions
  • Fraud Detection: Automated security screening
  • Marketing Personalization: Targeted content and offers
  • Price Optimization: Dynamic pricing based on demand

Your Rights

  • Not to be subject to decisions based solely on automated processing
  • Human intervention: Request human review of automated decisions
  • Express your point of view: Challenge automated decisions
  • Contest the decision: Appeal automated outcomes

Important: None of our automated processing produces legal effects or significantly affects you without human oversight. All significant decisions involve human review.

โš–๏ธ Complaints and Supervisory Authority

Internal Complaint Process

If you're not satisfied with our response to your GDPR request:

  1. Contact our Data Protection Officer at privacy@homylume.shop
  2. Escalate to Management: Request review by senior management
  3. Internal Appeal: Formal internal appeal process available
  4. Resolution Timeline: Internal appeals resolved within 30 days

External Supervisory Authorities

You have the right to lodge a complaint with supervisory authorities:

Authority Jurisdiction Contact Information
Romanian DPA Primary authority (our establishment) www.dataprotection.ro
Your National DPA Your country of residence Find your national DPA
EU Data Protection Board EU-wide coordination edpb.europa.eu

What to Include in a Complaint

  • Description of the data protection issue
  • Steps you took to resolve it with us
  • Our response and why it was unsatisfactory
  • What outcome you're seeking
  • Any supporting documentation

๐Ÿ‘ค Data Protection Officer (DPO)

Our Data Protection Officer is your primary contact for all privacy and data protection matters:

DPO Contact Information

Email: dpo@homylume.shop
Phone: +40 722 345 678 (ext. 101)
Mail: Homylume srl, Data Protection Officer, Bulevardul Mihail Kogฤƒlniceanu, Bucureศ™ti, Romania

Languages: Romanian, English
Response Time: 72 hours for acknowledgment, 30 days for full response

When to Contact the DPO

  • GDPR rights requests
  • Data protection complaints
  • Privacy policy questions
  • Data breach notifications
  • Consent withdrawal
  • Third-party data sharing concerns

๐ŸŒ International Data Transfers

When we transfer your data outside the EU, we ensure adequate protection:

Transfer Mechanisms

  • Adequacy Decisions: Countries deemed to have adequate protection by the EU
  • Standard Contractual Clauses (SCCs): EU-approved contracts ensuring data protection
  • Binding Corporate Rules: Internal rules for multinational companies
  • Certification and Codes of Conduct: Industry-specific protection standards

Your Rights Regarding Transfers

  • Information: Know when your data is transferred internationally
  • Safeguards: Understand what protections are in place
  • Copies: Request copies of safeguards (where commercially reasonable)
  • Object: Object to transfers in certain circumstances
Service Provider Transfer Destination Safeguard
Google Analytics United States Standard Contractual Clauses + Additional Safeguards
PayPal United States Standard Contractual Clauses
Amazon Web Services Various (EU preference) Data Processing Agreement + EU data centers

๐Ÿ›ก๏ธ Exercise Your GDPR Rights

Your data protection rights are fundamental. We're committed to making them easy to exercise and understand.

๐Ÿ“ง Data Protection Officer
dpo@homylume.shop
Primary GDPR contact
๐Ÿ”’ Privacy Team
privacy@homylume.shop
General privacy questions
๐Ÿ“ž Phone Support
+40 722 345 678
Mon-Fri 9:00-18:00 EET
๐Ÿ“‹ Request Form
Submit GDPR Request
Use form above

๐Ÿ‡ช๐Ÿ‡บ Your Rights Are Protected: Under GDPR, exercising your rights is free of charge and we cannot discriminate against you for making requests. We're here to help you understand and exercise your data protection rights.

โš–๏ธ Legal Framework

This page outlines your rights under Regulation (EU) 2016/679 - the General Data Protection Regulation (GDPR). These rights are enshrined in EU law and apply to all EU residents regardless of nationality.

๐Ÿ‡ช๐Ÿ‡บ GDPR
Regulation (EU) 2016/679
๐Ÿ“… Effective Date
May 25, 2018
๐ŸŒ Territorial Scope
EU residents worldwide
โš–๏ธ Enforcement
National data protection authorities
Google Ads Compliant Footer
Scroll to Top