Fulfilo
Legal

Privacy Policy

Last updated: March 2026

1. Who we are

The personal data controller is FULFILO SRL, registered office at Str. I. H. Radulescu 32, Câmpina, Prahova County, Romania, VAT RO47668546.

Fulfilo provides fulfillment services for online stores: goods reception, warehousing, picking & packing, delivery, and returns management.

For any questions regarding the processing of personal data, you can contact us at office@fulfilo.ro.

2. What personal data we collect

We collect personal data in the following situations:

  • Contact form: name, email address, phone number, message
  • Contractual data: company identification details, address, bank details, information about orders and deliveries
  • Cookies and technical data: IP address, browser type, pages visited, session duration

3. Purposes of data processing

Personal data is processed for the following purposes:

  • Contract performance: processing orders, delivering parcels, managing returns
  • Legal obligations: accounting and tax records as required by law
  • Legitimate interests: service improvement, traffic analysis, fraud prevention
  • Consent: marketing communications (only with your explicit consent)

4. Legal basis for processing

We process your personal data based on the following legal grounds, in accordance with Regulation (EU) 2016/679 (GDPR):

  • Art. 6(1)(b) — performance of a contract
  • Art. 6(1)(c) — legal obligation
  • Art. 6(1)(f) — legitimate interest
  • Art. 6(1)(a) — consent

5. Data retention period

  • Contact data (form): kept for a maximum of 5 years from the last interaction
  • Tax and accounting data: kept for 10 years, as required by Romanian tax law
  • Technical data (cookies): according to the duration specific to each cookie

6. Data storage and security

Data is stored on servers located within the European Union. We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction: SSL/TLS encryption, role-based access control, periodic backups.

7. International data transfers

Some third-party services we use may involve transferring data outside the European Economic Area (EEA):

  • Google Analytics — web traffic analysis
  • Cloudflare — web security and performance

These transfers are protected by Standard Contractual Clauses approved by the European Commission (SCCs) or by adequacy decisions.

8. Your rights

Under the GDPR, you have the following rights:

  • Right of access — you can request a copy of the personal data we hold about you
  • Right to rectification — you can request the correction of inaccurate data
  • Right to erasure — you can request data deletion, subject to legal obligations
  • Right to restriction of processing — you can request limitation of processing under certain conditions
  • Right to portability — you can receive your data in a structured, commonly used format
  • Right to object — you can object to processing based on legitimate interest

To exercise your rights, send an email to office@fulfilo.ro. We will respond within 30 calendar days.

9. Complaints

If you consider that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the supervisory authority:

National Supervisory Authority for Personal Data Processing (ANSPDCP)

B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, Romania

Website: www.dataprotection.ro

10. Policy changes

We reserve the right to update this privacy policy. Any changes will be published on this page, with the date of the last update mentioned at the top.

HomeAboutServicesContact