Free EU delivery on orders over €100Handcrafted in Bulgaria · Delivered in 1-7 days EU-wideplus de 12 ans de savoir-faire &middot ; Matériaux de première qualité uniquementFree EU delivery on orders over €100Handcrafted in Bulgaria · Delivered in 1-7 days EU-wideplus de 12 ans de savoir-faire &middot ; Matériaux de première qualité uniquement

Privacy Policy

Dernière mise à jour : May 2026

1. Introduction

Vivid International Srl (operating the brand “Vivid Home,” referred to as “we,” “us,” “our”), CUI 48711172, with registered office at Aurel Vlaicu 2 bl. 5A ap. 28, 400335 Cluj-Napoca, Romania, is the data controller responsible for your personal data collected through vividhome.eu and its subdomains.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have regarding your data. It applies to all visitors and customers of our Website.

We are committed to protecting your privacy and processing your personal data in full compliance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applicable Bulgarian data protection legislation.

If you have any questions about how we handle your data, you can contact us at any time:

  • Email: [email protected]
  • Phone: +359 883 335 778
  • Address: Vivid International Srl, Aurel Vlaicu 2 bl. 5A ap. 28, 400335 Cluj-Napoca, Romania

2. What Data We Collect

a) Information You Provide Directly

When you interact with our Website — placing an order, creating an account, or contacting us — you may provide:

  • Identity data: your name, surname
  • Contact data: email address, phone number, billing address, shipping address
  • Payment data: payment method selection and transaction references (full card numbers are processed by our third-party payment providers — we never store them on our servers)
  • Account data: username, password (encrypted), order history, saved preferences
  • Communication data: the content of emails, contact form submissions, and any messages you send us
  • User content: custom images you upload for personalised printing

b) Information Collected Automatically

When you visit our Website, we automatically collect certain technical data:

  • IP address (anonymised for analytics purposes)
  • Browser type and version
  • Device type, operating system, and screen resolution
  • Pages visited, time spent on each page, and navigation path
  • Referring website (the site you came from)
  • Cookie and similar technology data (see our Cookie Policy for details)

c) Information from Third Parties

We may receive limited data from trusted third parties:

  • Payment processors (Visa/Mastercard networks, PayPal) — payment confirmation, transaction status, and fraud screening results
  • Delivery partners — shipping status updates, delivery confirmations, and failed delivery notifications

3. How We Use Your Data

We only process your personal data when we have a valid legal basis under GDPR Article 6. Here is how each legal basis applies:

a) Contract Performance (Article 6(1)(b))

Processing necessary to fulfil our contract with you:

  • Processing and fulfilling your orders (production, packaging, shipping)
  • Sending order confirmation, dispatch, and delivery notifications
  • Providing customer support related to your purchases
  • Managing your account (if you create one)
  • Processing returns and refunds

b) Legitimate Interests (Article 6(1)(f))

Processing based on our legitimate business interests, balanced against your rights:

  • Improving our Website, user experience, and product offerings
  • Fraud prevention and security monitoring
  • Analysing website traffic and usage patterns (using anonymised data)
  • Internal record-keeping and business administration

c) Consent (Article 6(1)(a))

Processing based on your freely given consent, which you can withdraw at any time:

  • Sending marketing emails, newsletters, and promotional offers
  • Setting non-essential cookies (analytics, marketing)

d) Legal Obligation (Article 6(1)(c))

Processing required to comply with the law:

  • Maintaining tax and accounting records
  • Responding to lawful requests from regulatory authorities
  • Complying with consumer protection regulations

4. Data Sharing

We share your personal data only with trusted third parties who need it to help us serve you. We require all third parties to respect the security of your data and process it in accordance with applicable law.

  • Payment processors (Visa/Mastercard payment networks, PayPal) — to securely process your payments
  • Shipping and courier companies — to deliver your orders (name, address, phone number, and order reference only)
  • Website hosting provider — to operate and maintain our Website infrastructure
  • Analytics services (Google Analytics) — to help us understand how visitors use our Website (IP addresses are anonymised)
  • Email service provider — to send order confirmations and, with your consent, marketing communications
  • Legal authorities — when required by law, court order, or regulatory obligation

We do not sell, rent, or trade your personal data to any third party. Ever.

5. International Data Transfers

Our primary servers and database are located within the European Union, ensuring your data benefits from GDPR protections by default.

Some of our service providers (such as Google Analytics or PayPal) may process data in countries outside the EU/EEA. When this occurs, we ensure your data is protected by one or more of the following safeguards:

  • EU adequacy decisions — the European Commission has determined that the recipient country provides an adequate level of data protection
  • Standard Contractual Clauses (SCCs) — EU-approved contract terms that require the recipient to protect your data to EU standards
  • Binding Corporate Rules — for transfers within international corporate groups

You may request further details about the safeguards in place by contacting us at [email protected].

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our retention periods are:

Data Type Retention Period Reason
Order & transaction data 5 years from order date Tax and legal obligations
Account data Until you delete your account Ongoing service provision
Marketing consent records Until you unsubscribe Consent management
Analytics data 26 months Website improvement
Customer support communications 2 years Service quality & dispute resolution
Custom uploaded images 30 days after order completion Production & quality assurance

After these periods expire, your data is securely deleted or anonymised so it can no longer be linked to you.

7. Your Rights

Under the GDPR (Articles 15–22), you have the following rights regarding your personal data:

a) Right of Access (Article 15)

You can request a copy of the personal data we hold about you, along with information about how it is processed.

b) Right to Rectification (Article 16)

You can ask us to correct any inaccurate or incomplete personal data we hold about you.

c) Right to Erasure (Article 17)

Also known as the “right to be forgotten” — you can request the deletion of your personal data where there is no compelling reason for us to continue processing it.

d) Right to Restrict Processing (Article 18)

You can ask us to limit how we use your data in certain circumstances, for example while we verify the accuracy of data you have contested.

e) Right to Data Portability (Article 20)

You can request your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON), and have it transferred to another controller where technically feasible.

f) Right to Object (Article 21)

You can object to processing based on our legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

g) Right to Withdraw Consent (Article 7(3))

Where processing is based on your consent (e.g., marketing emails or non-essential cookies), you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

h) Right to Lodge a Complaint

If you believe we have not handled your data correctly, you have the right to lodge a complaint with a supervisory authority. For Bulgaria, this is:

Commission for Personal Data Protection (CPDP)
Website: www.cpdp.bg
You may also contact the data protection authority in your country of residence.

How to Exercise Your Rights

To exercise any of these rights, send an email to [email protected] with the subject line “Data Request”. We may ask you to verify your identity before processing your request.

We will respond to all valid requests within 30 days. If your request is complex or we receive a high volume of requests, we may extend this by a further 60 days, and we will notify you of any such extension.

8. Data Security

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it:

  • SSL/TLS encryption on all pages of our Website, ensuring data transmitted between your browser and our servers is encrypted
  • PCI DSS-compliant payment processing through certified third-party providers — we never handle or store your full card details
  • Access controls — only authorised personnel can access personal data, on a need-to-know basis
  • Authentication and password security — passwords are stored using strong one-way hashing algorithms
  • Regular security reviews and updates to our systems and processes

While we take every reasonable precaution, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your data during transmission.

9. Children’s Privacy

Our Website and services are not intended for children under the age of 16. We do not knowingly collect, process, or store personal data from anyone under 16 years of age.

If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that data from our systems. If you believe a child has provided us with personal data, please contact us at [email protected].

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations.

For significant changes that materially affect how we process your data, we will notify you by email (if we have your email address) or by posting a prominent notice on our Website before the changes take effect.

The “Last updated” date at the top of this page indicates when the policy was most recently revised. We encourage you to review this policy periodically.

11. Contact & Data Protection

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Data Controller: Vivid International Srl (CUI 48711172)
  • Email: [email protected]
  • Phone: +359 883 335 778
  • Address: Aurel Vlaicu 2 bl. 5A ap. 28, 400335 Cluj-Napoca, Romania

If you are not satisfied with our response, you have the right to contact the Bulgarian data protection authority:

Commission for Personal Data Protection (CPDP)
Sofia, Bulgaria
Website: www.cpdp.bg

You may also contact the supervisory authority in the EU member state where you reside or work.