Privacy Policy

Policy

Privacy

The Privacy Policy applies to the personal data of individuals who wish to become, are, or have been our clients.

he Privacy Policy applies to the personal data of individuals who wish to become, are, or have been our clients, including data collected, used, or disclosed while using our website, available at www.mirrorism.com or by visiting our contact page.

This policy has been in effect since May 25, 2018.

2. What is the purpose?

When you use our website, you entrust us with some of your personal data. We understand and value this trust. Everything we do is aimed at protecting your data and giving you the greatest possible control over it.

This Privacy Policy helps you understand what personal data we collect about you, how we use your personal data, and the options you have regarding its use.

We are committed to maintaining the accuracy, confidentiality, and security of your personal data. To stay aligned with legislative changes and/or practical realities, we reserve the right to adjust this policy at any time, with modifications becoming effective upon publication on the website.

3. What constitutes personal data?

Personal data is information about an identified or identifiable individual. Examples of such data include: name, surname, address, phone number, email, identity card details, personal identification number (CNP), banking information, cookies, computer IP address, mobile device IDs, information from your web browser (such as browser type and language), actions you take on our website, and so on.

4. For what purpose do we collect them?

Personal data is collected to carry out professional relationships, provide you with the best possible services, continuously improve the functionality of our website, and present information relevant to you.

We limit the personal data we collect to what is necessary for processing. We do not process your personal data in ways incompatible with the purposes for which the information was collected or subsequently authorized by you.

Contractual Data (mandatory) – To initiate a contract process and effectively manage the professional relationship. Data such as name, surname, personal identification number (CNP), phone, email, etc., may be collected to respond to your inquiries about our products and services (including via a solution dedicated to you) and to organize the processing and delivery of services. These data are collected via dedicated site forms such as: contact, request consultation, my account, etc. These are generally referred to as “contractual data.” Without these data, your request cannot be processed (for example, we cannot respond to your questions) or fulfilled (for example, fiscal documents cannot be issued). You will not be able to benefit from our services via the website without providing this data.

Clients already engaged in a contract cannot opt out of personal data processing without accepting the effects such restriction, refusal, or deletion may have on contract execution. The legal basis for processing this data is both the execution of the contract and our legitimate interests (Article 6(1)(f) of the GDPR).

Functional Data – For the best possible experience using the website.

Direct data (name, surname, phone, email, etc.) may be collected to ensure a better website experience. These data are collected through site forms and are referred to as “data for functional purposes.”

Indirect data may also be collected to create a better-structured website (e.g., Google Analytics reports). This data helps us understand visitor navigation flows, browsing volumes, and other relevant information to improve the site and provide the best browsing experience. If you do not agree to the use of data for this purpose, you will not benefit from these functionalities. The legal basis for collecting these data is consent (Article 6(1)(a) of the GDPR).

Marketing Data – For a better-structured website, relevant information about our activity, and social media communication.

Personal data, such as direct (name, surname, phone, email, etc.) or indirect data (cookies, computer IP address, location, mobile device IDs, etc.), may be collected.

Direct data is collected for newsletter subscriptions (sending newsletters, relevant information about us, etc.). If you no longer wish to receive such materials, you can click the “unsubscribe” link at the bottom of marketing emails or contact us at gina@mirrorism.com to update, restrict, delete your information, or exercise any rights provided under EU Regulation 2016/679 (GDPR).

Cookies are data files sent from a website to a browser to record information about users for various purposes. We use cookies and similar technologies. For more information, see the cookie policy on our website. Data may also be used to display ads tailored to your interests (e.g., Google Remarketing, Facebook Pixel, etc.). You may see ads for products you have shown interest in or viewed, which are not necessarily related to our website.

Our website allows you to connect with social media networks such as Facebook (facebook.com), LinkedIn (linkedin.com), and Twitter (twitter.com) (“Social Media”). Connecting in this way may collect your IP address and the page you visit on our site. A cookie is also set to allow social media applications to function correctly. Your social media accounts may offer options to post information about your activities on your personal profile, allowing access by other users within your network.

These data are generally referred to as “marketing data.” The legal basis for collecting these data is consent (Article 6(1)(a) of the GDPR).

5. How do we collect them and how can you manage your consent?

When you interact with our website, we provide you with the possibility to give and withdraw your consent for the use of your personal data at any time.

We offer website visitors and clients who provide personal data the means to choose how we use this data. Consent for the processing of personal data may be requested when subscribing to the newsletter, submitting a contact form, or for any other purpose requiring consent. This can be done via a general control panel (either cumulative or individually, by each data category or specific purpose) or through another technical mechanism designed for this purpose.

You will have the opportunity to explicitly give your consent for the purposes for which your personal data will be used and to manage it later, in accordance with applicable regulations.

6. What rights do you have?

We make every effort to guarantee your rights in accordance with applicable law.

You have the right to access your personal data. Accordingly, if applicable, we provide you with access to the personal data we hold about you. You also have the option to choose whether you want to receive information from us, as well as to correct, modify, or delete your information.

We may limit or refuse access to personal data if the efforts or costs required to provide access are disproportionate to the risks to your privacy, or if the rights of other individuals would be affected. Other reasons for denying or limiting access may include legal restrictions or similar justified circumstances.

You have the right to modify or delete your personal data, especially incomplete or inaccurate data. For example, if some personal data you provided (phone number, email address, authorized person, etc.) is no longer current.

We take reasonable measures to ensure that the personal data we process is suitable for the intended use and is accurate, complete, and up-to-date. In this regard, we rely on you to update and correct personal data as necessary for the purposes for which it was collected or subsequently authorized by you. Requests for access, modification, or deletion of information will be handled and resolved as quickly as possible, within a maximum of 30 days.

You have the right to restrict processing, to object to the processing of your personal data, and to request correction, updating, or deletion of data in accordance with the law. This right can be exercised at any time, free of charge and without justification, except for data whose processing is a legal obligation.

You have the right to request the portability (export) of your personal data. We may limit or refuse data portability if the efforts or costs required to provide access are disproportionate to the benefits in the given case.

You have the right not to be subject to an automated individual decision.

You have the right to file a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) and to seek judicial remedy, in accordance with applicable legal provisions.

7. To whom do we disclose your data and where is it transferred?

We collaborate with other service providers, contract employees, accounting service providers, and companies in the Internet sector—such as web design, hosting, Google, Facebook, iCloud, email, etc.—all to ensure the best possible experience on our website.

We may share your personal data with service providers to improve the website experience (e.g., Google Analytics) or to provide services (Google, Facebook, Mailchimp, etc.), as well as for other purposes such as accounting, consulting, affiliates, or collaborators. Disclosure of data is based on the fact that the services necessary for running our business cannot be provided by us alone.

We make every effort to ensure that these service providers commit to confidentiality, guaranteeing that the data is kept secure and that personal information is handled in compliance with applicable law. In cases where our hosting providers, newsletter services, or similar services are located outside the European Economic Area (EEA), appropriate safeguards are applied to ensure adequate protection of your data.

8. How do we ensure data security?

The security of your data is important to us, and we make every necessary effort to protect it.

We take reasonable and appropriate measures to safeguard personal data against loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the nature of the data. All internal measures are implemented to identify and secure information, regularly reviewed and updated in line with technological developments. Our company uses reputable service providers (e.g., hosting services, software development, marketing solutions, etc.) to help achieve this objective.

9. What is the retention period?

We retain information in accordance with legal requirements, for the duration of our company’s activities, and as long as you consent.

Personal data is stored for the periods specified by applicable law, in order to maintain records of activities carried out, protect legal rights, exercise other rights under the law and contracts, and comply with any archiving requirements. Personal data necessary to benefit from the functionalities of our website is stored for an indefinite period, until the website is removed or you unsubscribe from it.

10. How do we handle requests from minors?

We DO NOT provide services or deliver goods to minors except in cases expressly permitted by law.

Our company does NOT process personal data of minors (individuals under 18) in its data processing activities. We do not conduct direct marketing promotions aimed at minors.

Any individual who provides us with personal data and indicates that they are a minor will be contacted to obtain parental consent. If personal data is nevertheless processed for an individual who is not of legal age, we will cease processing such data upon becoming aware of this fact, unless parental consent is obtained.

Any processing of personal data of minors is carried out in compliance with legal requirements and only in strictly determined cases. Minors aged 14 and above may purchase services, request, and receive communications from our company only if they have the consent of a legal representative or guardian, in accordance with the law.

11. What do we do in the event of a security incident?

Informing you and the authorities is our first step. Remediating the situation is our priority.

In the event of a personal data breach, we will notify the competent data protection authorities within 72 hours, depending on the level of risk to the client or website visitor. Affected clients or website visitors will also be informed of the breach.

We will take all necessary measures to remediate the situation and protect your rights.

12. What records are kept?

We keep records to demonstrate compliance with the requirements of this policy.

We maintain relevant records regarding:
a. the purpose of processing personal data;
b. the categories of data subjects and the personal data processed;
c. where possible, the intended retention periods for different categories of personal data;
d. a general description of the security measures used to protect personal data;
e. the exercise of your rights.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.

Privacy Policy

Policy

Privacy

product, wedding, event, concert, portrait, children, and family photographer