PRIVACY POLICY

For Stilio Digital SRL ("Stilio"), your privacy and the security of your personal data are very important. We collect and manage your personal data with the utmost care and take specific measures to keep them safe.

Below, you will find the main information about Stilio's processing of your personal data in connection with your navigation on https://stilio.md and the Stilio app, and the use of the services offered. For detailed information on how Stilio manages your personal data, please read further.

This information is provided in accordance with the provisions of Law No. 133 of July 8, 2011 on personal data protection.(referred to hereinafter as the "Law"), to the users (hereinafter: "Users") of the desktop and mobile version of the website and any mobile application related to the service (hereinafter: the "Site and Application") owned by Stilio Digital SRL, Data Controller (hereinafter: "Data Controller"), and aims to describe the methods of managing the Site and Application with regard to the processing of personal data and to allow Users of the site and application to know the purposes and methods of processing personal data by the Data Controller in case of their provision.

As specified in the Terms and Conditions of Use, the services offered by the Administrator/Operator and Partners are intended for individuals over 18 years of age. In case the Administrator becomes aware of the processing of data of minors under 18 years of age without valid consent from parents or a legal guardian, the right to unilaterally suspend the use of the service offered is reserved, as well as the right to cancel acquired data.

Please also read the "Terms and Conditions of Use" of the Stilio platform, which contains detailed information about the conditions related to our services.

The Data Controller, under and in accordance with the Regulation, announces that the aforementioned legislation provides for the protection of individuals with regard to the processing of personal data and that such processing will be based on the principles of fairness, legality, transparency, and protection of confidentiality and fundamental rights.

Users who also want to book or purchase the offered services, or to receive automatic updates and information, need to register by creating their corresponding User page and becoming a "Subscriber."

The personal data necessary for user registration are:

Data related to how you use the platform, such as your behavior/preferences/habits on the website, as well as any other categories of data you provide directly in the context of making a reservation or in any other way resulting from the use of the Site.

Later, the User can become a "Partner," "Salon," or professionals (Providers) who offer their products and services for sale on the STILIO platform.

Terms not defined in this Privacy Policy have the same meaning as described in the Terms and Conditions of Use.

The computer systems and technical and software procedures underlying the operation of the Site and Application acquire, during normal operation, certain personal data, the transmission of which is implicit in the mechanisms and protocols of access and operation used on the Internet.

Whenever the User connects to the Site and Application and whenever the User calls or requests content, access data is stored on our systems, in the form of tabular or linear data files.

This data may be used by the Data Controller for the exclusive purpose of obtaining anonymous statistical information regarding the use of the Site and Application to identify pages preferred by Users and, therefore, to provide increasingly suitable content and to verify its correct operation. At the request of the Authority, the data could be used to ascertain liability in the event of hypothetical computer crimes against the Site and Application or its Users.

In addition, the categories of personal data that Stilio collects and processes when you browse or make reservations on https://stilio.md are as follows:

For the registration of your Stilio account, we collect your name and surname, email address, password, and birthdate. If you are a registered user, we collect information about your access to the reserved area of the Site. With your explicit consent, through the analysis of your personal data, we can process information about your interests and preferences regarding our services, in order to present proposals and offers that match your tastes.

Information about profiling, search engines, and location data.

We collect information about your navigation on the STILIO platform, such as the pages/screens you visit and how you interact with a single page/screen, and save this information on our servers. Only with your consent, the Data Controller will be able to personalize your experience as a registered user using this information, analyzed and through automated processes such as profiling, to offer you advances and offers according to your tastes and to send you personalized commercial communications according to your interests. These communications will take place exclusively in the manner you have chosen.

When using the STILIO platform with the location detection function active, the Site and Application may collect and process information about the current location of the User. This data is processed in a format that allows the personal identification of the registered User and is used to enable the sending of personalized promotional communications based on the places registered by the location service. This user location information is not shared with third parties, and the mentioned services can be activated or deactivated by the User at any time by accessing the settings of their device. Location data, used to offer registered Users promotional communications targeted to their areas of interest, will be retained for a period not exceeding 12 months from the last geolocation performed.

In addition to the data mentioned in the "What Personal Data Do We Collect? Collection of Browsing Data" paragraph, when using the App version of our Site, Stilio may, with your express consent:

How Do We Use the Collected Personal Data? Purpose, Legal Basis for Processing, and Optional Nature of Provision

The personal data collected by the Data Controller through the use of the Site and Application will be processed, with the consent of the interested parties, for the purposes described below:

The Data Controller ensures that personal data are processed in full compliance with Law No. 133, in paper and/or electronic format, also through the use of automated procedures. The processing can also be carried out through automated tools designed to store, manage, and transmit data.

The collected and processed data will be protected with physical and logical methods to minimize the risks of unauthorized access, dissemination, loss, and destruction of data. The processing will not last longer than necessary to fulfill the purposes for which they were collected.

The interested party will have the right at any time and quickly and easily revoke the consent for processing and request the cancellation of their personal data by sending a communication to the Data Controller at the following address: [email protected]. Upon the User's cancellation request, all personal data will be deleted without prejudice to subsequent storage required by regulatory obligations.

The Data Controller reports that the User who has requested cancellation from the Site and Application may receive subsequent communications from the Data Controller in a limited way after this request, due to the time required by the Data Controller's systems to process the unsubscribe and cancellation procedure. In any case, the Data Controller ensures that within a maximum of ten days from the cancellation request, the User will no longer receive any further communications, and their data will be canceled unless there are other regulatory obligations.

In cases where a cancellation request is not received by the Data Controller, personal data will be retained for a period not exceeding 2 (two) years from the last access to the Site and/or Application by the User. Data collected when purchasing services or goods from https://stilio.md or from Stilio's APPs will be processed until all administrative and accounting formalities are completed; therefore, they will be retained for a maximum period of 10 (ten) years under fiscal conditions, in accordance with local legislation (ten years) from the date of the last purchase made on the https://stilio.md website and in the case of the receipt issued in the salon through the Stilio cash systems.

Your personal data will be processed by personnel appropriately trained by Stilio as Data Controller. Furthermore, for organizational and functional needs related to the provision of services on https://stilio.md , your data may be processed by our providers. The latter have been evaluated and selected by Stilio for their reliability and proven competence and process your data as Data Processors on behalf of Stilio.

The personal data collected may be processed by subjects or categories of subjects acting as data processors. Furthermore, for certain services, the data may be disclosed to companies that collaborate or use the services of the Data Controller (e.g., Professionals who own salons or beauty centers, Partners) solely for the purpose of providing the services requested by the User. In these cases, the Partners are autonomous owners; therefore, the Owner is not responsible for the processing of data by them. Likewise, the Data Controller is not responsible for the content and compliance with personal data protection legislation by sites that are not administered by the Data Controller.

In particular, the data provided by the User may be shared by the Data Controller with the following third parties exclusively to provide the services requested by the User or to comply with other regulatory obligations:

In addition to the scenarios mentioned above, personal data will be communicated only to subjects, entities, and authorities to whom communication is obligatory under legal or regulatory provisions.

The User, as an interested party, has the right to exercise specific rights regarding their personal data. In particular, the interested party has the right to obtain:

To exercise the rights mentioned above, the interested party can contact the Data Controller and/or the Data Protection Officer at any time for any communications regarding the processing of Personal Data or to know the updated list of any designated Data Processors by the Company, by sending a communication to the contact persons listed below:

Data Controller:

Stilio Digital SRL [email protected]

Stilio has appointed a Data Protection Officer.

If you wish, for any requests regarding the protection of your personal data and the exercise of your rights, you can contact [email protected]

This information may be subject to changes. To keep the User updated, the Data Controller invites them to visit this page periodically. Moreover, in the event that such changes have an impact on User data (e.g., if the Data Controller intends to process the User's personal data for purposes other than those previously communicated in this Information), the Data Controller will inform the User before the changes take effect, by publishing them prominently on your website and application.