Privacy Policy and Data Protection (GDPR) — Lumea Blănosilor Platform

We, NEXTERAWEB™, as data controller, are committed to protecting the privacy and security of personal data of all Lumea Blănoșilor platform users (pet owners and service providers). This policy explains what data we collect, how we use it, and how we keep it secure, in accordance with Regulation (EU) 2016/679 (GDPR).

GDPR requests: contact@lumeablanosilor.ro (update for production).

To provide Lumea Blănosilor platform services, we collect the following categories:

For Clients (pet owners): name, email, phone number, location (city/GPS for filtering), pet details (name, breed, size).

For Providers (businesses): legal representative name, company name, tax ID (CUI), registered/office address, phone, email, financial details (processed via an authorised payment provider), terms acceptance history (including IP address).

Automatically collected: IP address, browser type, device identifiers, and navigation data via Cookies (see Cookie Policy).

We process your data for the following lawful purposes:

Contract performance: account creation, enabling clients to contact clinics/trainers, and processing subscription payments and billing via the platform's payment provider.

Legitimate interest: platform security against fraud, site performance, and user experience improvements.

Consent: automated email or SMS notifications (e.g. trial expiry alerts, booking confirmations).

We retain personal data only as long as necessary for the stated purposes or to comply with legal obligations (e.g. Romanian tax law requires keeping provider billing data for 10 years).

Inactive accounts may be deleted or anonymised after 2 years from last login.

Terms acceptance proof (timestamp, IP, document version) is kept at least 5 years for payment disputes.

Lumea Blănoșilor does NOT sell or rent your personal data. To operate the platform, data is partially shared with trusted processors:

Payment processor: certified online payment partner (card data is entered on their secure page; Lumea Blănosilor never stores CVV or raw card data).

Cloud and hosting: AWS / Google Cloud (where the secure platform database is stored). Production may also use Supabase or equivalent.

User interaction: provider phone numbers and names are displayed publicly in the catalogue so clients can contact them directly.

We implement strict security measures against unauthorised access, modification, or deletion:

All connections are encrypted using HTTPS (SSL).

The database is secured and user passwords are hashed with strong algorithms (e.g. bcrypt) and cannot be read in plain text, even by administrators.

Access to the Lumea Blănosilor admin panel is protected by two-factor authentication (2FA).

Under EU law, Lumea Blănosilor users have the following rights:

Right of access: request a copy of data we hold about you.

Right to rectification: update incorrect data in your dashboard.

Right to erasure (“right to be forgotten”): request permanent account deletion (except data we must keep by law, such as invoices).

Right to data portability: request export of your data in a structured format.

Right to lodge a complaint with your supervisory authority (ANSPDCP in Romania).

Lumea Blănoșilor is a marketplace (web directory). NEXTERAWEB™ does not perform veterinary, grooming, or training services and is not liable for independent listed providers. Service complaints must be resolved directly with the chosen provider.