This Privacy Policy explains how Clevr House SRL, trading as Clevr House, processes personal data when you use our website or place an order.
1. Who We Are
The data controller is: Clevr House SRL
Email: privacy@clevr.house
2. What Data We Collect
When you place an order, we collect the data needed to process, deliver, and invoice your purchase:
- name;
- delivery address;
- email address and phone number;
- order details, such as products, date, value, and delivery status.
When you visit the website, our server may automatically process technical data such as IP address, browser type, device information, and log data for security, troubleshooting, and website operation.
We do not intentionally collect CNP, health data, or other special categories of personal data.
3. Why We Use Your Data
| Purpose | Legal basis |
|---|---|
| Processing and delivering your order | Contract |
| Customer support and order communication | Contract / legitimate interest |
| Issuing invoices and complying with tax/accounting obligations, including RO e-Factura where required | Legal obligation |
| Website security, fraud prevention, and technical logs | Legitimate interest |
We do not sell your personal data and we do not use automated decisions that produce legal or similarly significant effects for you.
4. How Long We Keep Your Data
We keep personal data only as long as necessary for the purposes above:
- order, invoice, and accounting data: generally 5 years, or longer if required by law;
- account data: until your account is deleted, unless we must keep certain data for legal reasons;
- technical server logs: normally up to 12 months, unless needed for security investigation or legal claims.
5. Who We Share Data With
We share data only where necessary, for example with:
- courier companies, for delivery;
- hosting, email, IT, and website service providers;
- accounting and invoicing service providers;
- public authorities, including ANAF, where required by law.
These providers may process data only for the relevant service and legal purpose.
6. International Transfers
Some service providers may be located outside the European Economic Area. Where this happens, we use appropriate safeguards such as an adequacy decision, the EU–U.S. Data Privacy Framework, or Standard Contractual Clauses.
7. Cookies
We use essential cookies, needed for cart, checkout, login, security, and website operation. We do not currently load analytics or marketing cookies. If that changes in the future, we will update this Policy and ask for your consent through the cookie banner before any non-essential cookies are set.
8. Your Rights
Under GDPR, you may request:
- access to your personal data;
- correction of inaccurate data;
- deletion of data, where legally possible;
- restriction of processing;
- objection to processing based on legitimate interest;
- withdrawal of consent, where processing is based on consent;
- data portability, where applicable.
To exercise your rights, contact us at privacy@clevr.house.
We normally respond within one month. ANSPDCP also explains that this period may be extended by two further months where necessary, depending on the complexity and number of requests.
You also have the right to complain to the Romanian data protection authority:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal — ANSPDCP
Website: dataprotection.ro
9. Security
We use reasonable technical and organisational measures to protect personal data, including HTTPS, access controls, password hashing, and limiting access to people who need it for their role.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on this page.