Total Laser’s data protection statement

Name and address of the Data Controller

For the purposes of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States and other applicable data protection provisions, the Data Controller is:



Sibiu, STR. Stefan cel mare no 154

Sibiu, Romania

+40 762 00 99 38

The Data Administrator has designated the following person as Data Protection Officer:


Gabriel LASCU

Total Laser Administrator

+40 762 00 99 38


General information on data processing


Scope of personal data processing

We collect and use the personal data of our users only to the extent necessary to provide a functional website, content and services. We collect and use the personal data of our users only after obtaining the user’s consent. An exception is the case where the user’s consent cannot be obtained for real reasons and data processing is permitted by law.

The legal basis for the processing of personal data

Article 6, point 1, letter a) of the GDPR represents the legal basis if we obtain the consent of the data subject in order to process personal data.

Article 6, point 1, letter b) of the GDPR represents the legal basis for the processing of personal data, necessary for the execution of a contract to which the data subject is a party. This also applies to processing operations necessary for the implementation of pre-contractual measures.

Article 6, point 1, letter c) of the GDPR represents the legal basis if the processing of personal data is necessary to fulfill the legal obligations that our company has.

Article 6, point 1, letter d) of the GDPR represents the legal basis if the vital interests of the data subject or another real person require the processing of personal data.

Article 6, paragraph 1, letter f) of the GDPR is the legal basis if data processing is necessary to protect a legitimate interest of our company or a third party that overrides the interests, fundamental rights and fundamental freedoms of the data subject.

Deletion of data and its storage period

The personal data of the data subject are deleted or blocked as soon as the purpose of their storage has been achieved. It is possible to store for a longer period if this is provided for by the European or national legislator within relevant Union regulations, laws or other provisions governing the data administrator. At the same time, the data is deleted or blocked after the expiry of the legal retention period, unless there is a requirement to retain the data in order to conclude or execute a contract. The data we store includes, but is not limited to, the following:

Log files for a maximum period of 14 days;
Databases for logins during the existence of the account;
Site Provisioning and Log File Generation


Description and scope of data processing

Our system automatically collects data and information from the access computer each time a user visits our website.

The following data is collected:

(1) Information about the browser type and version used

(2) User’s operating system

(3) The user’s internet service provider

(4) User’s IP address

(5) Date and time of access

(6) Websites from which the user was redirected to our site

(7) Websites accessed by the user’s system through our website

(8) Duration of the user’s visit

(9) User’s country of origin

(10) User’s preferred language

(11) The time of the user’s first visit and that of the user’s most recent visit

This data is also saved in log files in our system. We do not store this data together with other personal data of the user.

The legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6, point 1, letter f) of the GDPR.

Purpose of data processing

The temporary storage of the IP address by our system is necessary for the purpose of delivering the site to the user’s computer. Therefore, the user’s IP address must be stored for the duration of the session. The storage of data in log files serves to guarantee the proper functioning of our website. The data is also used to optimize the site and protect the security of our IT systems. These goals represent