• Preamble

• Thank you for visiting this website and we hope you will be delighted to learn more about This website is owned and administered by SC Tessuto Textil SRL-D, Str. Bucharest no. 64 ap. 71 400148 Cluj-Napoca, Cluj county Romania CUI RO 36739374, J12/4078/14.11.2016.

• The website is designed as a website for online commerce (E-commerce) of TESSUTO TEXTIL SRL-D products. By using this website, you agree to the practices described in this "Privacy Policy". If you do not agree with this privacy policy, please do not use this site. We reserve the right to make changes to this privacy policy at any time. Any changes will be posted in this privacy policy, and the changes will apply to activities and information collected after publication. We encourage you to periodically review this privacy policy to ensure that you are informed of any changes and how the information may be used.

• We also assure you that when browsing our website, the connection is secure: E.g. account passwords if you authenticate, there is a VALID SSL certificate. You can find out more by pressing Learn more.

• Data protection is a particularly important aspect for us. The use of our Internet pages is possible without the indication of personal data, however, if someone wants to use our services through the site, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis or contract for such processing, we obtain the consent of the data subject.

• The processing of personal data, such as name and surname, city of residence, e-mail address, telephone number, date/month of birth, cookies according to the website policy is carried out in accordance with the General Data Protection Regulation ( GDPR). Through this data privacy policy, we want to inform you about the nature, the techniques used, the purpose and basis of the processing of personal data and the rights you have.

• In order to comply with the provisions of the General Data Protection Regulation (GDPR), we have implemented numerous technical and organizational measures aimed at ensuring the most complete protection of personal data processed through this website. However, data transfer via the Internet can, in principle, have security gaps, so absolute protection cannot be guaranteed. For this reason, each data subject has the freedom to transfer personal data to us by alternative means, e.g. by phone, in writing, etc.


Our data protection policy uses the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). We want our Data Protection Policy to be readable and easy to understand for everyone. In order to achieve this goal, we first explain the terminology used. In this data protection policy, we use, among others, the following expressions:


Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific physical, physiological factors , genetic, mental, economic, cultural or social of that natural person.


The data subject is any identified or identifiable natural person, whose personal data is processed by the operator (data controller) or authorized person (data processor).


Processing is any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation , disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.


Restriction of processing is the selection of stored personal data in order to limit future processing.


Profiling means any form of automatic processing of personal data that consists in the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or anticipate aspects of the natural person's performance at work, the situation economic, health, personal preferences, interests, behavior, location or travel.


Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and subject to technical and organizational measures to ensure that personal data cannot be attributed to an identified or identifiable natural person.


The operator or controller responsible for processing is the natural or legal person, public authority, agency or other body that, alone or together with others, determines the purposes and means of personal data processing; if the purposes and means of such processing are established by the legislation of the Union or the Member State, the operator or the specific criteria for its appointment may be provided by the legislation of the Union or the Member State.


Authorized person – The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the operator.


The recipient is a natural or legal person, public authority, agency or other body to whom the personal data is disclosed, regardless of whether it is a third party or not. However, public authorities that may receive personal data in the course of an investigation, in accordance with Union or Member State legislation, are not considered beneficiaries; the processing of this data by the respective public authorities must be in accordance with the applicable data protection rules in accordance with the purposes of the processing.


It may be a third party, a natural or legal person, a public authority, an agency or a body, other than the data subject, the operator, the authorized person, which, under the direct authority of the operator or the authorized person, is authorized to process data personal.


The data subject's consent is any specific, informed and unambiguous indication of the data subject's wishes by which he, through a statement or a clear affirmative action, accepts the processing of personal data concerning him.


Cookies are text files that are stored in a computer system through an Internet browser. Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID code. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the Internet browser in which the cookie was stored. This allows the websites and servers visited to differentiate the individual browser of the given subject from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified using the unique cookie ID. By using cookies, we can offer users of this site more user-friendly services that would not be possible without the use of cookies.

By means of a cookie, the information and offers on our website can be optimized according to the user. Cookies allow us, as previously mentioned, to recognize users of our website. The purpose of this recognition is to facilitate the use of our website. The website user e.g. they do not have to enter access data every time the site is accessed, because it is retrieved and the cookie is thus stored in the user's computer system. Another example is the cookie of a shopping cart in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart by means of a cookie.

The data subject can at any time prevent the use of cookies by our website by means of an appropriate setting of the internet browser. In addition, the cookies already set can be deleted at any time from the Internet browser.

This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website can be used in full.

The principles governing our privacy and personal data processing policy are:

• The principle of legality, fairness and transparency. This requires that personal data be processed in a legal, fair and transparent manner in relation to the data subjects.

• Principle of goal limitation. This requires that personal data must only be collected for specified, explicit and legitimate purposes.

• Principle of minimum data collection to achieve the purpose for which consent was obtained. According to this principle, personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

• The principle of keeping data up to date ensures that personal data is correct and updated where necessary.

• The principle of data storage strictly for the period for which consent was obtained. This requires that personal data be kept in a form that allows identification of the data subjects for as long as necessary for data processing.

• Principle of ensuring adequate data security so that they are intact, confidential and available.

• Principle of responsibility, the operator is responsible for compliance with the principles listed in Article 5(1) of the GDPR and must be able to demonstrate compliance with them.

privacy policy

When you visit the website or when you use our services, you entrust us with your information, some of which is personal. The purpose of this Privacy Policy is to show you what data we process, why we process it and what we do with it. Fully aware that your personal information belongs to you, we do our best to store it securely. We do not provide information to unauthorized third parties without informing you.

By browsing the website, you declare that you have read and been adequately informed about the personal data processing policy by going through this existing document on the website called: Privacy Policy. Terms and conditions.

According to Regulation (EU) 679/2016 (applicable at the EU level from May 25, 2018), known as the GDPR acronym, it refers to the protection of natural persons with regard to the processing of personal data and the free movement of such data and repeals the Directive 95/46/EC.

Personal data, in the sense of the GDPR, means any information regarding an identified or identifiable natural person (data subject). An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identification element such as a name, an identification number, location data, an online identifier or one or more elements specific, specific to his physical, physiological, genetic, psychological, economic, cultural or social identity.

TESSUTO TEXTIL SRL-D may change this Privacy Policy at any time. All updates and changes to this Policy are valid immediately after notification to users, which we will do by displaying on the website and/or notification by e-mail.

• Questions and requests

If you have questions or concerns about the processing of your data, or wish to exercise your legal rights in relation to the data we hold, or if you have concerns about how we handle any privacy issue, you can contact the data protection contact data at the level of TESSUTO TEXTIL SRL-D has the email:

Personal data collected

• Information you voluntarily provide to us

When you use the website to place an order or when you contact us by phone, email or communicate with us in any way (e.g. by phone) you voluntarily give us your personal information. This information includes your first and last name, shipping/billing address, email address and phone number. By giving us this information, we keep it secure and confidential in our database.

• Information we collect automatically

When you browse our site, we may collect information about your visit to the site. This information may include your IP address, operating system, browser, browsing activity and other information about how you interacted with the site. We may collect this information through the use of cookies or other similar technologies. You will be informed about cookies the first time you browse the website.

Regarding data that we collect automatically through the use of cookies or other similar technologies, the basis for processing is consent. By accessing the site, you validly give your consent to the processing, so please accept this cookie policy. You also have the option to view details, to inform yourself accordingly, after which you can refuse or accept the cookie policy of

We store personal data only for the period necessary to fulfill the purposes, but no longer than 10 years after the last visit to the site or the last interaction with us, for the following purposes:

• to take the necessary steps in order to promote advantageous promotional offers for you or for other marketing activities, but only if you have given your consent in advance;

• to answer your questions and requests;

• to offer and improve the services we offer, both directly and through our collaborators

Also, the data regarding invoicing and other such legal obligations are kept in accordance with the Law - Fiscal Code and Application Rules - applicable on the territory of Romania.

• Processing of personal data

Regarding the data that you voluntarily provide us by completing and sending the forms or by contacting us in any way, the legal basis is to take measures at the request of the data subject before providing services (art. 5, para. 2 letter (a) of Law no. 677/2001) and to take steps at the request of the data subject for the provision of a service (art. 6, paragraph (1) letter b of Regulation (EU) 679/2016). Both according to the current legislation and according to the GDPR (applicable from May 25, 2018), your consent is not required in the situation where the processing is necessary to carry out steps to provide a service, fulfill a legal obligation or legitimate interest.

Disclosure and transmission of personal information

We will not disclose your information to unauthorized third parties for their own marketing or commercial purposes. However, we may disclose your information to the following entities:

• Service providers. We may disclose your information to other partner companies of TESSUTO TEXTIL SRL-D (e.g. Accounting) or to third parties that provide us with services and act as authorized persons, such as companies that help us with website maintenance or specialized companies by courier.

Although in principle we only use the courier company FAN COURIER, we would like you to give us feedback regarding your experience in relation to the delivery of products, in order to be able to choose a courier company that fully respects the rules and policy of TESSUTO TEXTIL SRL-D. The confidentiality and personal data protection policy of FAN COURIER can be consulted at the following website:

Also, it is possible to pay by card through the secure platform, the platform owned by NETOPIA Payments SRL registered in Bucharest RO15565496, J40/9170/2003 bank account RO92UGBI0000102009055RON Garanti Bank – Bucharest Our address: Bd. Dimitrie Pompeiu 9 – 9A, building 24, floor 4, Sector 2, 020335. The privacy policy of the online card payment platform can be accessed below:

• Courts, prosecutors or other public authorities to comply with the law or in response to a mandatory legal process (such as a search warrant or court order);

• To other parties with your consent or instructions. In addition to the disclosures described in this Privacy Policy, we may disclose your information to third parties to whom you consent or request that we make such disclosure. We do NOT currently transfer your data to countries outside the European Union. If we change the policy, we will inform you accordingly, show you the related guarantees and ask for your consent.

• The rights of data subjects

1. The right to withdraw consent.

In the situation where the processing is based on consent, you can withdraw your consent at any time and free of charge by sending an e-mail to the address

2. The right to lodge a complaint with a supervisory authority.

According to the GDPR Regulation, the data subject has the right to file a complaint (art. 77) with the National Authority for the Supervision of Personal Data Processing, at its headquarters in B-dul G-ral Gheorghe Magheru no. 28 - 30, sector 1, Bucharest, postal code 0103336, e-mail: or to address the court (art. 79).

3. The right to appeal to justice.

If the answer provided by Societatea Noastra is unsatisfactory or evasive for you, you have the possibility to address the Court. This Right can also be exercised directly, without contacting our company, but to avoid any misunderstandings or unwanted interpretations, please contact us.

4. Right of access.

You have the right to obtain from us a confirmation that personal data concerning you is being processed or not and, if so, you have the right of access to that data.

5. The right to rectification.

You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you. In some cases, we may not be able to search your personal data because of the identifiers you provide in your request. An example of personal data that we cannot consult when you provide us with your name and email address is data collected through cookies by your browser. In such cases, if we are unable to identify you as a data subject, we are unable to comply with your request unless you provide additional information to enable identification. Taking into account the purposes for which the data were processed, you have the right to obtain the completion of personal data that are incomplete, including by providing an additional statement.

6. Right to data deletion (right to be forgotten).

In situations where the data is no longer necessary for the fulfillment of the purposes, the consent has been withdrawn and there is no other legal basis for the processing, you object to the processing and there are no legitimate reasons that prevail with regard to the processing or the personal data have been processed unlawful, you have the right to obtain the deletion of data concerning you without undue delay.

7. The right to restrict processing.

You have the right to obtain from us the restriction of processing if one of the following cases applies:

• you dispute the accuracy of the data, for a period that allows us to verify the accuracy of the data;

• the processing is illegal, and you object to the deletion of personal data, requesting instead the restriction of their use;

• we no longer need the personal data for the purpose of processing, but you request them to establish, exercise or defend a right in court;

• you have objected to processing in accordance with Article 21(1) of the GDPR, for the period of time in which it is checked whether our legitimate rights prevail over your rights.

8. The right to data portability.

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another operator, without obstacles from our part, if:

• the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of GDPR; and

• the processing is carried out by automatic means.

9. The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects that concern you or similarly affect you to a significant extent.

You do not have this right if the decision:

• is necessary for the conclusion or execution of a contract between you and a data operator;

• is authorized by Union law or domestic law that applies to the operator and that also provides for appropriate measures to protect the rights, freedoms and legitimate interests of the data subject; or

• is based on your explicit consent.

For all the rights or concerns that they attract, please address them by email the first time to, in order to receive all the necessary information.


We have implemented the following technical and organizational measures to ensure the security of personal data:

• Dedicated policies. We adopt and review our practices and policies for processing the data of our customers and others, including physical and electronic security measures, to protect our systems from unauthorized access and other potential security threats