The security of your data is the most important to us, that’s why we treat with SERIOUSNESS and INVOLVEMENT any issue related to the protection of your data. Moreover, we AMBITIONAM to offer you a unique experience both in the online store and in the showroom in Bucharest, helping you to choose the best solution for your home.

What happens from 25 May 2018?

From this date, Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) known as GDPR (General Data Protection Regulation) will be implemented. This means that any Controller/entity processing personal data must apply these new requirements and provide in a transparent way information on how the data is processed.

Why is my data processed?

Considering the need to comply with the GDPR provisions, as well as the fact that we are dedicated to taking care of your personal data (which may include name, surname, e-mail address, etc. depending on the purpose of the processing) that are in our database, we inform you that they are used only for the purpose of successfully carrying out the processes carried out in relation to you (we mention some processes without limiting ourselves to them: RESERVATION/SALE/DELIVERY OF ORDERS, TRANSPORT and DELIVERY, GUARANTEES and SERVICE, maintenance of customer relations – CUSTOMER SUPPORT SERVICE, recruitment processes).

What options do I have?

To exercise your rights regarding the processing of personal data, please consult the section Rights of the data subject.

How do I find out more about the new regulations?

We are committed to the protection and security of your data and we want you to be informed and to make an informed decision about how the information you give us is used.

In this regard, please consult the following pages to learn more about the application of the “GDPR” as of 25 May 2018 and how it translates into our relationship.

How can I contact you?

If you have any further questions or would like more information about data protection, please send us an e-mail to and we will reply as soon as possible.

Note: AESTHETIC INDESIGN complies with all legislative measures on the protection of personal data.



From 25 May 2018, Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter referred to as “GDPR Regulation” applies.

Please refer to the information in this document as it expresses Aesthetic Indesign’s policy on the processing of personal data.

Within AESTHETIC INDESIGN SRL we process personal data exclusively within the framework of the legal provisions on the protection of personal data see legal basis.


● Controller = The controller responsible for data processing for the purposes of the GDPR Regulation is AESTHETIC INDESIGN S.R.L., a privately owned company, registered with the Trade Register under No. J15/58/2018, fiscal code 38697577 and registered office in Str. Ciprian Porumbescu 7, Targoviste, Dambovita, hereinafter referred to as “the Operator” or “AESTHETIC INDESIGN”.

● Contact details of the Data Protection Officer (DPO) = Address where requests for information on the processing of personal data can be sent: Mun. Bucharest, str. Ciobanasului, nr. 20, AESTHETIC Work Point or by e-mail:

● Cookies = A “cookie” is a small file, usually made up of letters and numbers. It is downloaded to the memory of a computer or other type of device used for internet browsing (smartphone, tablet, etc.) when the user accesses a particular website.

● Data subject for the purposes of the GDPR Regulation = an identified or identifiable natural person (who can be identified, directly or indirectly, in particular by reference to an identifier: name, identification number, location data, an online identifier, or to one or more specific elements of his/her physical, physiological, genetic, mental, economic, cultural or social identity). The data subject may be the applicant for a service offered by the Operator, as well as any other natural person whose personal data is transmitted to the Operator (for example, a client or potential client, a candidate for a particular job vacancy, a user of the Operator’s website, etc.).

● Categories of data processed = Personal data (first name, surname, date of birth, address, telephone number and e-mail address, etc.) are processed by us only when you enter this data in a box on the website or send it to us by e-mail.

● Processing personal data means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


According to Regulation (EU) 2016/679 and related legislation, the purposes for which we process your personal data are strictly related to the relationship between AESTHETIC INDESIGN and the data subject. The information you provide to us is treated with the utmost confidentiality and exclusively for the purposes for which it was collected.

Please see below for details of the purposes for which we process data and the legal basis:

1.1. Contracting and customer relationship management:

a. Accessing the website:

Each time a user accesses a page of our offer and each time a file is opened, the access data is saved by us and partially by third parties in the form of protocol files. Each data set includes: the web page from which you access our site, IP address, date and time of access, client request, http response code, amount of data transferred, information about your browser and operating system.

b. Geographical location:

By means of geographic location, using the IP address, it is technically possible to estimate the location of the Internet user. After the end of the current session, the IP address is not stored with us for geographic location purposes.

Note: Certain traffic data (such as IP addresses or other identifiers of the devices with which you access our site) may in certain circumstances be personal data and we will treat it as such.

c. Customer account data:

When creating a customer account using the “new customer” option, your data will be saved in the AESTHETIC INDESIGN database. You can request the deletion of your data and your customer account at any time. If you place an order on our website, the data will be processed for the purpose of successfully completing the sales process.

d. Data for placing an order:

The stored personal data will be used for the purpose of carrying out contracts and processing your requests. After the completion of the contract or your request, your data is saved taking into account the retention periods according to tax and commercial legislation and where appropriate for a period necessary to protect the rights of the Operator.

➢ LEGAL ISSUE: the legitimate interest of the Operator to avoid online fraud and to ensure the general functionality of the website, the performance of a contract and the consent of the data subject, as appropriate.

1.2. Business administration: COOKIES Policy

●To improve your online browsing experience, we use cookies to facilitate visitors’ use of the AESTHETIC INDESIGN online store.

●In general, the role of cookies is to ensure quick and easy interaction between users and websites. Cookies are also used so that users can easily resume their activities the next time they visit a previously visited website. Basically, cookies tell the server which pages to display to the user, without the user having to remember which pages they have browsed or to browse the entire site from the beginning. Please see Cookies Policy for detailed information.

➢ LEGAL ISSUE:   legitimate interest to continuously provide improved services to users of the AESTHETIC INDESIGN website.

Note: In the event that we intend to process your data. personal data for a purpose other than those mentioned above, we will provide you, prior to such further processing, with information on the secondary purpose and any relevant information.


2.1. Rights of the data subject and how they can be exercised

According to the GDPR Regulation, as a data subject you benefit from a combination of rights, namely:

a. The right to information and access to personal data: the right to obtain confirmation as to whether or not personal data concerning you are being processed and, if so, access to such data.

b. The right to rectification: the right to request the Operator and to obtain, without undue delay, the rectification of inaccurate personal data relating to you and/or to obtain the completion of personal data that are incomplete, with the proviso that in the case of an online account, these changes can be made personally in the editing section of the account data.

c. The right to erasure of data (“right to be forgotten”): the right to obtain the erasure of personal data concerning you without undue delay if certain grounds mentioned in the GDPR Regulation apply.

d. Right to restriction of processing: right to obtain restriction of processing in certain cases.

e. The right to data portability: the right to receive your personal data and to transmit them to another controller.

f. Right to object: the right to object at any time to the processing of your personal data, under the GDPR Regulation.

g. The right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly affects you to a significant extent.

h. The right to lodge a complaint with the National Authority for the Supervision of Personal Data Processing (ANSPDCP) if you consider that your data has not been processed in accordance with the law.

➢ How can you exercise these rights?

In order to exercise the rights mentioned above, please send a written request, dated and signed to the e-mail address:, or to the postal address: str. Ciobanasului nr 20, Bucharest, to the attention of the Data Protection Officer.

➢ How soon do we respond to your requests?

Within a maximum of one month, calculated from receipt of your request, you will be provided with information on the action taken or, where applicable, on the reasons why the requested action cannot be taken.

Note: Please note that in order to comply with a request for access to personal data we will take all reasonable steps to verify the identity of the data subject.

Also, according to the GDPR Regulation, the above-mentioned response period may be extended by up to two months if necessary, taking into account the complexity and number of requests, and we will inform you about this if necessary.


Recipients processing personal data within the European Union are obliged to comply with the same legal provisions, providing the same level of protection as the Controller.

3.1. Transmission of data for order processing purposes

Personal data stored by AESTHETIC INDESIGN is transmitted to our collaborators for the purpose of order completion/delivery. For example, your details will be sent to courier companies if you opt for delivery by courier.

If you select the option to pay online with a bank card, it is important to know that this operation is carried out securely on the website provided by the payment processor, and AESTHETIC INDESIGN only transmits to the payment processor data related to your order (AESTHETIC INDESIGN does not access and process any personal data related to the bank card).

3.2. Forwarding to public institutions, courts of law, as well as authorities competent to investigate the commission of criminal offences

In special cases, when required by law, AESTHETIC INDESIGN may provide the competent institutions with information on personal data.

3.3. Transmission to other third parties

In order to provide you with the most enjoyable online experience, we are constantly working to improve/maintain the software we use. In this respect, we have development contracts with companies specialized in software programming and maintenance.

3.4. Transmission of data to organisations outside the EU

Exceptionally, your data may also be transferred to or accessed by entities outside the European Union, including in countries to which the EU does not recognise an adequate level of personal data protection. These situations arise in particular when we talk about the use of online platforms/programs/tools for order processing, promotion or related IT infrastructure. For example, in the case of using Amazon Web Services infrastructure or applications provided by Google or Microsoft, although the infrastructure as such is located in the European Union, it can be accessed by parent organisations in the country of origin. In all such situations, AESTHETIC INDESIGN will take the necessary measures to ensure that your data is protected, such as standard contractual clauses issued by European bodies or relevant certifications on the matter and recognized within the European Union.


For even more details you can consult the legal basis:

●Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (accessible at ).

● Law No 506/2004 on the processing of personal data and protection of privacy in the electronic communications sector.

● Standard Contractual Clauses (SCC) at the link:

Top management is committed to ensuring that this privacy policy is respected by all employees by implementing internal procedures specific to the rules on the protection of personal data, in accordance with the legal basis for their processing.