1. Who is responsible for this website
S.C. WINES OF ROMANIA S.R.L., trading as Wines of Europe, is the controller of personal data collected through this website.
Trade Register No.: J202201774040
EUID: ROONRC.J2022017740403
Registered office: 26 Soldat Gh. Buciumat Street, Block C-D, 5th Floor, Staircase 3, Apartment 508D, intercom 508, Sector 1, 014384 Bucharest, Romania
Legal representative: Marinela Vasilica Ardelean
Email: hello@winesofeurope.com
2. What personal data may be collected
Depending on how the website is used, the following categories of personal data may be collected:
- Identification data, such as name.
- Contact data, such as email address, telephone number, company name, and country.
- Communication data included in forms, emails, messages, event requests, or partnership enquiries.
- Technical and usage data, such as IP address, browser type, device information, language, referring URL, pages visited, and interaction with the website.
- Marketing and preference data, such as newsletter preferences, consent choices, and event interests.
- Cookie-related data and online identifiers where cookies or similar technologies are used.
3. Why personal data is processed
Personal data may be processed for the following purposes:
- To operate, secure, and maintain the website.
- To respond to contact requests, business enquiries, media enquiries, or partnership requests.
- To provide information about wines, producers, events, publications, educational initiatives, and related services.
- To send newsletters or promotional communications where consent has been given or where another lawful basis applies.
- To analyse website traffic and improve website performance, content, and user experience.
- To comply with legal obligations, respond to lawful requests, and defend legal claims.
4. Legal bases for processing
Personal data may be processed on one or more of the following legal bases:
- Consent — for example where a visitor subscribes to a newsletter or accepts non-essential cookies.
- Performance of pre-contractual steps or a contract — for example when a visitor requests services, partnerships, or event-related information.
- Legitimate interests — such as operating and improving the website, answering business enquiries, ensuring security, and preventing misuse, provided those interests are not overridden by the user's rights and freedoms.
- Legal obligation — where processing is required by applicable law.
5. Recipients of personal data
Personal data may be shared, where necessary, with:
- Hosting providers and website infrastructure providers.
- IT, analytics, newsletter, CRM, or consent management providers.
- Professional advisers, such as lawyers, accountants, and auditors.
- Public authorities or regulators where disclosure is required by law.
6. International data transfers
If service providers are located outside the European Economic Area, personal data may be transferred internationally only where an appropriate safeguard applies, such as an adequacy decision or the European Commission's Standard Contractual Clauses, together with supplementary measures where required.
7. Data retention
Personal data is retained only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, reporting, and evidentiary requirements. Indicative retention periods:
- Contact form enquiries: up to 12–24 months after the last relevant interaction.
- Newsletter subscriptions: until consent is withdrawn or the subscriber is removed from the mailing list.
- Technical logs: for the period necessary for security, diagnostics, and service continuity.
- Consent records: for as long as needed to demonstrate valid consent and manage preferences.
8. Your rights
Subject to applicable law, you may have the right to:
- be informed about the processing of your data;
- access your personal data;
- request rectification of inaccurate data;
- request erasure of data in certain cases;
- request restriction of processing;
- object to processing based on legitimate interests;
- receive your data in a portable format where applicable;
- withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal; and
- lodge a complaint with the competent supervisory authority.
In Romania, the competent supervisory authority is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) — www.dataprotection.ro.
9. How to exercise your rights
Requests concerning privacy rights may be sent to hello@winesofeurope.com. Reasonable information may be requested to verify identity before fulfilling a request.
10. Mandatory or optional provision of data
Where a form requests specific information, fields marked as mandatory are needed to process the request or provide the requested service. If such information is not provided, it may not be possible to respond properly.
11. Automated decision-making
This website does not carry out automated decision-making producing legal or similarly significant effects on users, unless expressly stated otherwise in a specific notice.
12. Cookies and similar technologies
This website may use cookies and similar technologies. Additional information is available in the Cookie Policy. Non-essential cookies are only placed after valid consent has been obtained.
13. Changes to this Privacy Policy
This Privacy Policy may be updated from time to time to reflect legal, technical, or operational changes. The version published on this page is the current version. The effective date is shown at the top of this page.