Privacy policy

Your privacy matters to us. At La Marffra, we are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data protection laws.

This Privacy Policy explains how we collect, use, share, and protect your information when you shop for fragrance products on our website.

1. Who We Are (Data Controller)

SC LA MARFFRA SRL
Teilor Street, Number 74, Ramniceni, Vrancea, Postal Code 627192, Romania
Tax Identification Number: RO51271454
EUID: ROONRC.J2025009691008
Trade Register Number: J2025009691008
Email: [email protected]

For purposes of the GDPR, we are the data controller responsible for your personal data.

2. Personal Data We Collect

We collect personal data that is necessary to fulfill your orders and provide a smooth shopping experience.

Data you provide directly:

  • Full name
  • Email address
  • Shipping and billing addresses
  • Phone number (optional)
  • Payment information (handled securely via third-party processors)
  • Marketing preferences

Data collected automatically:

  • IP address
  • Device and browser type
  • Referral URL
  • Pages visited and time on site
  • Cookie data and tracking behavior

3. Legal Bases for Processing (GDPR Article 6)

We only process your personal data when we have a legal basis to do so, including:

  • Performance of a contract – to process your orders and deliver products.
  • Consent – for sending marketing emails or using non-essential cookies.
  • Legitimate interests – to improve our website, detect fraud, or analyze user trends (without overriding your rights).
  • Legal obligation – to comply with applicable tax, accounting, or consumer protection laws.

4. How We Use Your Data

  • Process and deliver your perfume orders
  • Provide customer support
  • Communicate order and shipping updates
  • Offer personalized fragrance recommendations
  • Send marketing communications if you’ve opted in
  • Analyze site performance and improve our services

5. Your GDPR Rights

Under GDPR, you have specific rights regarding your personal data:

  • Right to access – You can request a copy of the data we hold about you.
  • Right to rectification – Request corrections to inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) – Request deletion of your data.
  • Right to restrict processing – Ask us to limit how your data is used.
  • Right to data portability – Receive your data in a machine-readable format.
  • Right to object – Object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – At any time, for marketing or cookies.

To exercise any of these rights, contact us at [email protected]. We aim to respond within 30 days.

6. International Data Transfers

If you are located in the EU/UK, and your data is transferred outside the EEA (e.g., to US-based services), we ensure adequate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Transfers to countries with adequacy decisions

7. Data Retention

We retain your data only as long as necessary for the purposes described:

  • Orders: Retained for tax and legal compliance (usually 6-10 years)
  • Marketing: Until you unsubscribe
  • Cookies: Per cookie type and settings

8. Third Parties & Processors

We work with trusted third parties who process data on our behalf:

  • Payment providers (e.g. Stripe)
  • Email marketing platforms (e.g. ?; only if you opt in)
  • Delivery couriers (e.g. DHL, UPS, Royal Mail)
  • Analytics tools (e.g. Google Analytics – anonymized usage data)
 

Each third-party processor is GDPR-compliant or bound by equivalent data protection standards.

9. Cookies & Tracking Technologies

We use cookies for:

  • Site functionality (e.g. keeping your cart active)
  • Personalizing fragrance recommendations
  • Analytics and performance
  • Marketing (if consented)
 

We offer a cookie banner for EU/UK visitors allowing you to manage your preferences.

For more, see our Cookie Policy.

10. Data Security

We use SSL encryption, access controls, and secure hosting to protect your data. Payment data is never stored directly on our servers.

Despite our efforts, no transmission is 100% secure. If we detect a data breach that impacts you, we’ll notify you as required by law.

11. Children’s Privacy

Our site is not intended for children under 13 (or under 16 in the EU). We do not knowingly collect personal data from minors.

12. Updates to This Policy

We may update this Privacy Policy to reflect legal changes or improve clarity. Significant changes will be clearly communicated via our website or email.

13. Contact Us (GDPR Inquiries)

📧 [email protected]

If you are in the EU/UK, you may also lodge a complaint with your local data protection authority.