Beauty begins with a secret
Be part of the Momirov community and enjoy exclusive offers, skincare tips, and loyalty points with every purchase.
Confidentiality
Momirov E-Commerce SRL
Last updated: [28/04/2026]
1. Who is the data controller
The personal data controller is MOMIROV E-COMMERCE S.R.L., with its registered office at Str. Răsăritului 6, Recaș, Romania, Tax Identification Number RO40244659, registered with ONRC under no. J35/4325/2018, owner of the website www.momirov.ro.
You can contact us at:
📧 comenzi@momirov.ro
📞 0371 230 834
2. What personal data do we process
Depending on your interaction with the site, we may process the following categories of data:
· First and last name
· Delivery/billing address
· Phone number
· Email address
· Order history
· Payment method information (without storing card details)
· Data collected via cookies (IP, device, browsing behavior)
· Interactions with marketing campaigns (email, SMS, WhatsApp)
· Reviews and comments published on the site
· Facial photos voluntarily uploaded for AI skin analysis (temporarily processed, not permanently stored)
· General skin analysis results and indicators (e.g., scores, categories, or tags associated with the customer profile)
We do not store bank card data. Online payments are processed through Shopify Payments, according to its policies.
3. Purposes and legal grounds for processing
We process your data for the following purposes and on the basis of the following legal grounds:
a) Contract execution
(Art. 6 para. 1 lit. b GDPR)
· order processing
· product delivery
· returns management
· transactional communications (confirmations, delivery, clarifications)
· operational messages via email, phone, SMS or WhatsApp regarding orders
b) Legal obligations
(Art. 6 para. 1 lit. c GDPR)
· invoicing
· accounting and tax records
· reporting to authorities
c) Legitimate interest
(Art. 6 para. 1 lit. f GDPR)
·····(Art. 6 para. 1 lit. a GDPR)
·····Consent can be withdrawn at any time.
4. Profiling and behavioral advertising
We may use tools such as:
···These help us analyze user behavior and display personalized ads.
This type of processing is based on the consent expressed through the cookie banner.
5. AI-assisted facial analysis
We may provide users with an optional AI-assisted facial analysis functionality, powered by the Face Age application, for the indicative assessment of certain cosmetic skin characteristics, such as wrinkles, pores, firmness, dark circles, general skin appearance, and estimated skin age.
To use this functionality, the user can upload a photo or take a photo with their device's camera. The photo is transmitted via a secure connection to the Face Age provider and is processed in real-time to generate the analysis report. According to the information provided by Face Age, the photo is not permanently stored, is not written to disk, and is deleted after processing is complete.
MOMIROV E-COMMERCE S.R.L. does not store the photo used for analysis and does not use it for personal identification, training AI algorithms, advertising, or other independent commercial purposes. The user can download the generated report and can choose to send it via email.
The analysis results may include general scores or categories regarding certain skin aspects. For users already in our database, certain general results can be associated with the customer's profile as tags, exclusively for personalizing product recommendations and the shopping experience.
This functionality does not constitute medical advice or dermatological diagnosis and does not replace the recommendation of a specialist doctor. The generated recommendations are indicative and cosmetic in nature.
The processing of the photograph and analysis results is carried out only based on the user's explicit consent, in accordance with art. 6 para. 1 lit. a GDPR and, where applicable, art. 9 para. 2 lit. a GDPR. The user can withdraw their consent at any time, without this affecting the legality of processing carried out before the withdrawal.
The functionality is intended exclusively for individuals aged 18 years or older.
Data may be processed by the Face Age provider, operated by AL UMA ALRAQAMI COMPUTER SYSTEMS DESIGN, as the technical provider of the AI solution. Insofar as this processing involves data transfers outside the European Economic Area, these will be carried out based on applicable legal mechanisms, such as Standard Contractual Clauses or other appropriate safeguards provided by GDPR.
6. WhatsApp Communications
We may send:
· transactional messages (related to orders, delivery, support)
· commercial messages (only with consent)
WhatsApp is a service provided by Meta Platforms. Its use may involve data transfers outside the EU, based on applicable legal mechanisms.
7. Who we transfer data to
Data may be transferred to:
· Shopify (e-commerce platform)
· Shopify Payments (payment processing)
· courier companies
· Klaviyo (email marketing)
· Meta Platforms (Facebook, Instagram, WhatsApp)
· Google (Analytics, Ads)
· TikTok
· IT providers and maintenance services
· Face Age (technical provider for AI facial analysis)
All partners are contractually obliged to protect data.
8. International transfers
Certain providers (e.g. Meta, Google, Shopify, Face Age) may process data outside the European Economic Area.
These transfers are carried out on the basis of Standard Contractual Clauses approved by the European Commission or other applicable legal mechanisms.
9. Storage period
· Billing data: according to tax legislation (10 years)
· Customer account data: until account deletion or prolonged inactivity
· Marketing data: until consent is withdrawn
· Data for fraud prevention: according to justified legitimate interest
10. Data Security
We apply appropriate technical and organizational measures to protect data against unauthorized access, loss, or destruction.
11. Your rights
You have the following rights:
· right of access
· right to rectification
· right to erasure
· right to restriction of processing
· right to data portability
· right to object
· right to withdraw consent
· right to lodge a complaint with ANSPDCP
Requests can be sent to comenzi@momirov.ro.
12. Supervisory Authority
National Supervisory Authority for Personal Data Processing
www.dataprotection.ro
- Choosing a selection results in a full page refresh.