Privacy Policy (GDPR)


1 Purpose of the Data Handling Information:

Steel Sump Guard SRL as a data controller agrees to the content of this legal notice. We commit ourselves to ensure that all data management related to our business complies with the requirements of this legal notice and the applicable national legislation and the legal acts of the E.U..

The privacy policies of the Steel Sump Guard SRL data management are continuously available at

Steel Sump Guard SRL reserves the right to change this information at any time. Of course, we will notify our audience in due time of any changes. If you have any questions about this announcement, please write to us and our colleague will answer your question.

Steel Sump Guard SRL is committed to protect the privacy of its clients' information self-determinated, in order to protect the privacy of our clients and partners. Steel Sump Guard SRL handles personal data confidentiality and takes all security, technical and organizational measures that guarantee the security of the data. Steel Sump Guard SRL describes its data management practices below.

2 Data Manager Details:

If you are looking for our Company you can contact us via contact information below. Steel Sump Guard SRL will delete all the emails it has received, including personal data, after a maximum of one year from the date of disclosure.

Name: Steel Sump Guard SRL
Headquarters: Sambatesti street nr. 33, Ap. 2, Odorheiu Secuiesc, 535600
Company registration number: J19/710/2019
Name of the registration court: Trade Registry Office near the Harghita court
Tax number: RO41651103
Phone number: +40 743 912 540

2.1 Privacy Officer:

Name: Hunor Vass
Phone: +40743912540

3 Personal Data Handled:

3.1Personal data to be provided during the session:

No personal data is collected throughout the session, only after the user accepts the Terms & Conditions at the checkout page or the Privacy Policy at anytime.

3.2 Technical Specifications:

Steel Sump Guard SRL selects and manages the IT tools used to manage personal data in the provision of the service so that the data handled is:

1. accessible to the authorized person (availability);
2. credibility and authentication (credibility of data management);
3. its integrity can be verified (data integrity);
4. unauthorized access (confidentiality of data).

Steel Sump Guard SRL protects the data by appropriate action against unauthorized access, alteration, transmission, disclosure, deletion or destruction and against accidental destruction.

Steel Sump Guard SRL provides technical and organizational measures to protect the security of data management that provides a level of protection that meets the risks associated with data management.

Steel Sump Guard SRL keeps confidentiality in the course of data management:
it protects the information so that it can only be accessed by those who are entitled to it;
it protects the accuracy and completeness of the information and processing method;
Ensure that when the eligible user needs it, you really have access to the information you need and you have the tools available to do this.

3.3 Cookies:

3.3.1 The function of cookies:

Collects information about visitors and their equipment; records the custom settings for visitors that may be used (e.g.when using online transactions, so you do not have to type them again; facilitate the use of the website; to ensure the qualityof the user experience.

For a tailor-made service, the user's computer receives a small data packet, called a cookie and it can be read later. If the web browser returns a previously saved cookie, the cookie operator can link the user's current visit with the past one, but only for their own content.

3.3.2 Essentially, session cookies:

These cookies are designed to allow visitors to browse our site completely and smoothly, to use its features and the services available. The duration of this type of cookie expires after the session (browsing) ends, or by closing the browser, this type of cookies is automatically deleted from the computer or other device used for browsing.

3.3.3 Third Party Cookies (Analytics):

We use Google Analytics as a third-party cookie on your site. Using Google Analytics for statistical purposes, we collect information about how our site: is used by visitors. The data is used to improve the site's development and user experience. These cookies will remain in your browser until expiration or on other devices used for browsing until you decide to cancel them.

3.4 Online ordering data:

Legal form
Legal name
VAT identification number
Name and surname
E-mail address
Billing address
Delivery address
Phone number

All fields are mandatory for correct billing and shipping informations.

3.5 Data related to online administration and intended use:

Any visitor of our website can contact us through our Contact form.In order to do this we require the following personal data from the user:

  1. Name
    2. Phone number
    3. Email address

    The purpose of the personal data collected in this form is only for contancting you back to respond your enquiry. All data collected will be stored for one year or will be deleted at visitor request.

4 Retention time of treated data:

The duration of the data processing process is mandatory for the successful completion of the ordering process. For non-compulsory data, data management will last until the data in question is entered from the time the data is deleted. Customer data will be stored for one plus one year, so two years, or will be deleted at customer request.

5 The purpose, method and legal basis of data management



E-mail address

Through this you will be informed about the status of your order. You will also receive information via our e-mail address from the parcel delivery service status of your order.

Phone number

Confirming Purchase Orders (If Needed) You can and will be contacted on the provided phone number by the parcel delivery operator for delivery purposes.

Name and surname

We use your name, so we can contact you in our mail and adress you politely.

Billing name and address, VAT ID, the list of purchased products and services

If you buy something from us, we'll ask for your billing name and address. These data must be preserved by all means on the basis of section C. Law on Accounting 2634/2015 on a different way of at least five years.

Delivery name and adress

This is what we have provided for the courier services. Thus, ordered products will be sent to you by a third party parcel delivery company.

Your devecies IP adress and browser ID

In order to gain access to independent site and other webanalytical data, the Site Administrator will use the Google Analytics software. Here we get statistics for visitors. These are not connected to your personal information.

Social media sites relations

For your convenience, we can ensure that you can communicate on social media sites (such as Facebook)with us, instead of the usual communication modes (such as e-mail) or you can like and share our products.

Product feedback

You can add your own comment/feedback on our products. You can help others in choosing our products.


5.1 General Data Management Policies:

The data management of the activity of Steel Sump Guard SRL is based on voluntary consent or statutory authorization. In the case of data management based on voluntary contributions, the data subjects may withdraw their consent at any time during the processing of data. In some cases, the management, storage, and transmission of a particular set of data is mandatory by law, which is specifically notified to our customers.

Steel Sump Guard SRL would like to be informed by information providers that, if they do not provide their personal information, the data supplier is obliged to obtain the consent of the person concerned.The principles of its data management are in line with current legislation on data protection, in particular: Act of CXII. Information Self-Determination and Freedom of Information ;
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 / (General Data Protection Regulation, GDPR); Act V of 2013 - Civil Code ; section C. Law on Accounting 2634/2015; 656/2002 and 125/2017. Law on the Prevention and Control of Money Laundering and Terrorist Financing ; 2013 CCXXXVII. Act on Credit Institutions and Financial Enterprises.

6 Physical storage locations:

Your personal information (that is, the data that may be associated with you) can be treated in the following way:
On one hand, technical data on your computer, browser, web address, visited pages, on the other hand, you may also provide your name, contact details or other information if you intend to contact us personally using this site.
Technically recorded data during the operation of the system: the data of the computer of the person concerned that is generated during the session and which is recorded by the system as an automatic result of the technical processes.

Data that is automatically recorded will be logged automatically when entering or exiting, without the particular statement or action of the person concerned. This data can not be linked to other personal user data except in cases that are legally binding. Only we can access the data .

7 Data Transmission, Data Picking, Data Captors:

PayPal: Headquarters: 2211 North First Street San Jose, California, United States. You can read PayPal`s Privacy Policy here:

Braintree by PayPal: Headquarters: Chicago,222 W Merchandise Mart Plaza, Suite 800, Chicago, IL 60654 You can read Braintree by PayPal Privacy Policy here:

Stripe, Inc. 510 Townsend Street, San Francisco, CA 94103, USA You can read Stripe Privacy Policy here:

Google: Headquarters: 1600 Amphitheatre Parkway in Mountain View, California, United States, You can read Google`s Privacy Policy here:

European Comission VIES Database: Headquarters: Charlemagne building, Rue de la Loi 170, 1040, Brussels, Belgium You can read the European Comission`s Privacy Policy here:

Facebook: Headquarters: Menlo Park, California, United States. You can read Facebook`s Privacy Policy here:

8 Affected Rights and Enforcement:

You may request the information concerned to handle your personal data and may request the rectification of your personal data or, with the exception of mandatory data, cancellation, revocation, discretion and right of protest as indicated in the record and the above mentioned contact details of the data controller.

8.1 Right to information:

Steel Sump Guard SRL shall take appropriate measures to ensure that all information relating to the processing of personal data referred to in Articles 13 and 14 of the GDPR and to Articles 15-22. and Article 34, in a concise, transparent, comprehensible and easily accessible manner, in a clear and unambiguous manner.

8.2 Right to access:

The person concerned has the right to be informed by the data controller about the processing of his or her personal data and, if such processing is in progress, he is entitled to the access to personal information and the following information:

1. the purpose of data management;
2. the categories of personal data concerned;
3. the categories of recipients or recipients with whom or which personal data will be communicated or disclosed, including in particular third-country addressees or international organizations;
4. the intended duration of the storage of personal data;
5. the restriction of rectification, deletion or data handling and the right of protest;
6. the right to file a complaint addressed to the supervisory authority;
7. data sources;
8. the fact of automated decision making, including profiling, as well as the logic used and the understandable information on the significance of such data management and the likely consequences for the data subject.

The data controller shall provide the information within a maximum of one month from the submission of a ferm and written application.

8.3 Right of Correction:

The person concerned may request the rectification of inaccurate personal data handled by Steel Sump Guard SRL and the completeness of incomplete data.

8.4 Right of Cancellation:

If any of the following grounds are met, the Steel Sump Guard SRL may, at its request, delete personal data concerning it, without undue delay:

1. Personal data are no longer required for the purpose for which they were collected or otherwise handled;
2. Deletion of data can not be initiated if data management is required: to exercise the right to freedom of opinion and the right of access;
3. The fulfillment of an obligation under EU or Member State law applicable to the data controller
4. For the processing of personal data, or for the performance of a task carried out in the exercise of public authority exercised in the public interest or on the data controller;
5. Or for the submission, validation or protection of legal claims.

8.5 Right to Restrict Data Management:

At the request of the person concerned, Steel Sump Guard SRL limits the processing of data if one of the following conditions is met:

1. the data subject disputes the accuracy of the personal data; in this case, the restriction applies to the period of time that allows the accuracy of personal data to be verified;
2. data handling is illegal and the data subject is opposed to the deletion of the data and instead asks to limit their use;
3. the data controller no longer needs personal data for data processing purposes but the data subject requires them to submit, enforce, or protect legal claims;
4. the person concerned objected to data handling; in this case, the restriction applies to the duration of determining whether the data controller's legitimate reasons prevail over the legitimate grounds of the party concerned. If data processing is restricted, personal data may be handled only with the consent of the person concerned or the submission, enforcement or enforcement of legal claims or the protection of the rights of a natural or legal person, or in the public interest of the E.U. or of a Member State .

8.6 Right to record:

The data subject shall have the right to receive the personal data that he or she has passed to the data controller in a fragmented, widely used machine-readable format and be able to transmit such data to another data controller by his or hers choice.

8.7 Right to protest:

The person concerned is entitled to object at any time to the processing of data necessary for the execution of a task performed in the public interest or in the exercise of a public authority exercised on the data controller for the purposes of his or her own personal situation or for the treatment of the legitimate interests of the data controller or a third party, including profiling based on those provisions too. In the event of a protest, the data controller may not process personal data unless it is justified by compelling reasons of lawfulness that prevail over the interests, rights and freedoms of the person concerned, or which relate to the submission, enforcement or defense of legal claims.

8.8 Automated decision-making in individual cases, including profiling:

The data subject shall be entitled to exclude the scope of a decision based solely on automated data management, including profiling, which would have a bearing on him or would have a significant effect on him.

8.9 Right of Withdrawal:

The person concerned has the right to withdraw his consent at any time.

8.10 Right to Justice:

In case of breach of his or her rights, the data subject may turn to the court of justice.The court proceeds out of turn.

8.11 Privacy Policy Process Complaint may be addressed to the National Data Protection Authorites:

For ease of access please choose your National Data Protection Authotity here:

8.12 Minors

The processing of the personal data of a child shall be lawful where the child is at least 16 years old. Where the child is below the age of 16 years, such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.
Member States may provide by law for a lower age for those purposes provided that such lower age is not below 13 years.

The controller shall make reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over the child, taking into consideration available technology.

9 Other provisions:

Data management not listed in this information is provided when data is included. We inform our clients that information, dissemination, transfer of documents based on the authority of the court, the prosecutor, the investigating authority, the offense authority, the administrative authority, the National Data Protection Authority, the National Bank of Romania, may grant access to the data controlled by Steel Sump Guard SRL to the authorities. If the authority has indicated the exact purpose and the scope of the data request, we grant acces to personal data only to and to the extent that it is indispensable to achieve the purpose of the request.