Privacy Policy

Last updated: February 9, 2026

This Privacy Policy explains how Zentus Workwear (the “Store”, “we”, “us”, “our”) collects, uses, and shares personal information when you visit, interact with, or make a purchase from our website (the “Services”), or otherwise communicate with us.

Where you are located in the European Union / EEA, this policy is intended to reflect the requirements of the General Data Protection Regulation (GDPR).

---

1) Who we are (Data Controller)

SC Createur Groupe S.R.L. (Romania)
VAT (CUI): RO42705716
Trade Register No.: J15/602/2022
Registered office: Str. Robănești, nr. 2A, Găești, Dâmbovița, Romania
Website: zentus-workwear.com
Email (GDPR & support): contact@zentus-workwear.com
Phone: +40 758 307 307

This policy describes what personal information we process, why we process it, the legal bases we rely on, who we share it with, how long we keep it, and your rights.

---

2) Personal information we collect

A. Information you provide

• Name and surname
• Email address and phone number
• Shipping and billing address
• Company details (if you request an invoice for a business: company name, VAT number, address)
• Content of messages you send us (email, forms, customer support requests)

B. Order and transaction information

• Products purchased, order value, order status, invoicing details
• Payment method and payment confirmation details

We do not store full payment card details. Card data is processed by our payment providers.

C. Automatically collected technical/usage information

• IP address, device identifiers, browser type, operating system
• Pages visited and actions on the site (e.g., product views, add-to-cart events)
• Cookies and similar technologies (see “Cookies & Tracking”)

---

3) Why we use your information (purposes and legal bases)

1. To provide and perform the Services (Contract)

• Process orders, payments, shipping, delivery, returns, and refunds
• Send transactional messages (order confirmation, delivery updates, customer support)
• Manage your account (if you create one)

2. To comply with legal obligations (Legal obligation)

• Accounting, tax compliance, and required document retention
• Handling complaints and consumer-law related requests where applicable

3. To operate, secure, and improve the business (Legitimate interests)

• Fraud prevention, abuse prevention, and website security
• Internal analytics to improve our store and services (in reasonable limits)
• Establishing, exercising, or defending legal claims in case of disputes

4. Marketing and certain cookies (Consent, where required)

• Newsletter / promotional communications (email/SMS) when you opt in
• Non-essential cookies (analytics/marketing) only if you accept them via the cookie banner

---

4) Marketing, remarketing, and profiling

If enabled, we may use marketing and analytics tools (for example, advertising pixels and conversion tracking) to:

• Measure ad performance
• Show relevant ads (remarketing) based on your interactions with our Store
• Create audience segments for marketing campaigns

Where required by law, we use non-essential cookies and similar technologies for these purposes only with your consent collected via our cookie banner. You can update your choices at any time using the cookie settings on the website (where available).

These activities do not produce legal effects for you. The consequence is receiving more relevant ads/offers. You can object to direct marketing at any time (see “Your rights”).

---

5) Who we share personal information with

We share personal information only when necessary, with categories of recipients such as:

• E-commerce platform providers used to run the Store (including Shopify) and essential apps
• Payment processors and banks involved in processing payments
• Shipping and logistics partners (name, address, phone, email needed for delivery)
• IT, hosting, and security providers
• Analytics and advertising partners (only if enabled and, where required, consented)
• Professional advisors (lawyers, accountants) where necessary for legal obligations or disputes
• Public authorities when disclosure is required by law

In cases of suspected fraud, disputes, or where required by law, data may be disclosed to competent institutions and relevant service providers for investigation, prevention, or legal defense.

---

6) Shopify and the Services

Our Store is hosted on Shopify. Shopify processes certain information about your access to and use of the Services to provide and improve Shopify’s services and to help maintain the Store’s security and performance.

To learn more about how Shopify processes personal information, please refer to Shopify’s Consumer Privacy Policy and privacy controls:

• Shopify Consumer Privacy Policy
• Shopify Privacy Controls (Privacy Portal)

---

7) International transfers (outside the EU/EEA)

Some service providers may process personal information outside the EU/EEA. Where this happens, transfers are made with appropriate safeguards under the GDPR, such as the European Commission’s Standard Contractual Clauses (SCCs), or other valid transfer mechanisms.

---

8) Data retention

We keep personal information:

• As long as needed to perform the contract (order, delivery, support)
• As required by applicable legal obligations (e.g., accounting/tax retention)
• As needed to defend our rights in case of disputes
• For marketing purposes, until you withdraw consent or unsubscribe (where consent is the basis)

---

9) Data security

We use reasonable technical and organizational measures to protect personal information (access controls, platform security measures, need-to-know access). However, no online system can guarantee absolute security.

---

10) Your rights (GDPR)

Where the GDPR applies, you may have the right to:

• Access your personal information
• Rectify inaccurate information
• Request deletion (“right to be forgotten”), where applicable
• Restrict processing, where applicable
• Data portability, where applicable
• Object to processing (including direct marketing)
• Withdraw consent at any time (where processing is based on consent)
• Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects

To exercise your rights, email us at contact@zentus-workwear.com with the subject line: “GDPR – Request”.

You also have the right to lodge a complaint with the relevant supervisory authority. If you are in Romania, the authority is ANSPDCP: ANSPDCP contact page.

---

11) Cookies & tracking

We use cookies and similar technologies:

• Strictly necessary cookies to operate the Store (cart, checkout, security)
• Analytics and marketing cookies only if enabled and, where required, accepted via the cookie banner

If you maintain a separate Cookie Policy page, you can link it here.

---

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal/regulatory reasons. The updated version will be posted on the website with a revised “Last updated” date.

---

Contact

If you have questions about this Privacy Policy or how we process personal information, contact us:

Email: contact@zentus-workwear.com
Phone: +40 758 307 307
Registered office: Str. Robănești, nr. 2A, Găești, Dâmbovița, Romania