Regulation No 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, applies to the website https://carpatinn.ro/, with the purpose of informing data subjects about the processing of personal data by SC Complex Inn Carpatin SRL as a personal data controller, with the Carpat Inn working point in Azuga, Prahova County, registered with the Trade Register Office under No J17/840/2019, with CUI: RO40967508, (hereinafter referred to as “the Controller”).
Please read this Privacy Policy carefully, and if you do not agree with its provisions, please immediately close the search engine page containing the https://carpatinn.ro/ website, the necessary cookies used to access the web page will be deleted immediately. By accessing the website https://carpatinn.ro/, we will consider that you have accepted the Operator’s Privacy Policy.
The European Union law on the protection of personal data, Regulation 2016/679 (hereinafter “GDPR”) entered into force on May 25, 2016, but begins to take effect on May 25, 2018.
The protection of your personal data is important to us, therefore we pay particular attention to protecting the privacy of visitors who access the https://carpatinn.ro/ website, in accordance with the GDPR on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Please read the following Privacy Policy carefully.
The Personal Data Protection Policy explains https://carpatinn.ro/’s practices regarding the application of the GDPR and the rights you have regarding the way your information is used through the https://carpatinn.ro/ website.
The processing of personal data by the Operator will always be carried out in accordance with the provisions of the GDPR, as well as with the regulations on the protection of personal data, specific to each country in which https://carpatinn.ro/ operates.
Through the Personal Data Protection Policy, https://carpatinn.ro/ wishes to inform visitors about the nature of the personal data we collect and process, as well as the purposes of the processing.
In addition, visitors to the websites are informed by means of the Personal Data Protection Policy about their rights.
“Personal data” means any information or information that can identify you directly (e.g. your name) or indirectly (e.g. through pseudonymous data such as a unique identification number).
“Processing” shall mean any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, transmission by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
– For the conclusion and performance of contracts – According to Art. 6 para. 1 lit. b) GDPR, personal data may be processed for the purpose of the conclusion or performance of the contract. In order to be able to provide our services to you, we need to process personal data belonging to you.
– In order to fulfill legal obligations – According to Art. 6 para. 1 lit. c) of the GDPR, personal data may be processed for the purposes of complying with legal obligations. We require a range of personal data including, in certain circumstances, your personal identification number, in order to fulfill our obligations imposed by the tax authorities in relation to invoicing and reporting to the tax authorities.
– For marketing purposes – According to Art. 6 para. 1 lit. a) of the GDPR, personal data may be processed if the data subject has consented to the processing of his/her personal data for one or more specific purposes.
https://carpatinn.ro/ is bound by the personal data protection principles (hereinafter “the Principles”) set out in the GDPR to ensure that all data is:
1. Processed fairly, lawfully and transparently;
2. Collected for specified, explicit and legitimate purposes;
3. Adequate, relevant and limited in relation to the purposes for which they are processed;
4. Fair and up-to-date;
5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes of the processing;
6. Processed in accordance with the data subject’s rights, in a manner that ensures adequate security of processing so that the data are integral, confidential and available.
Personal data means any information about you that allows us to identify you, such as your name, contact details, booking reference number, payment details and information about your access to our website.
We may collect personal data from you when you use the https://carpatinn.ro/ website and other websites accessible through the website, when you participate in a survey or competition or when you contact us.
Specifically, we may collect the following categories of information:
1. Name, home address, e-mail address, phone number, city;
2. Detailed information about participants including name, date of birth, gender, ID card number;
3. Information about your purchases of services;
4. Information about your use of our website;
5. Communications that you make to us or direct to us through letters, emails, chat services, calls and social networking;
6. Your location, including the real-time geographic location of your computer or device via GPS and your address. IP address, along with Wi-Fi hotspot and gsm locations if you use location-based features and enable Location Services settings on your device and computer.
The Customer’s/ User’s/ Buyer’s payment card data will not be accessible nor stored by https://carpatinn.ro/, but only by the institution authorizing the Transaction or another entity authorized to provide card identification data storage services, of which the Customer/ User/ Buyer will be informed, prior to data entry.
Your data may be used for the following purposes:
1. To provide the services you request: we use the information you provide to perform the services you have requested-;
2. To contact you in the event of a schedule change or cancelation: we send you information about the services you have requested and any changes to those services. The information is not for commercial purposes and you cannot unsubscribe;
3. We use your payment information for accounting, billing and auditing purposes and to detect and/or prevent any fraudulent activity;
4. For administrative or legal purposes: we use your data for statistical and marketing analysis, systems testing, customer satisfaction studies, maintenance and development, or to resolve a dispute or claim.
Please note that we may perform data profiling, based on the data we collect from you, for statistical analysis and marketing purposes. Any profiling activity will only be carried out with your prior consent and making every effort to ensure that any data on which it is based is accurate.
By providing any personal data you explicitly agree that we may use it to carry out profiling activities in accordance with this Privacy Policy;
5. Security, health, administration, crime prevention/detection: we may share your information with government or law enforcement authorities to comply with legal requirements;
6. For Customer Service communications: we use your information to manage our relationship with you as a customer and to improve our services and your experience with us;
7. To provide personalized services: we use your data to provide information that we believe is of interest to you before, during and after your participation and to personalize the services we provide to you;
We may also process your personal data in one or more of the following cases:
– To comply with a legal obligation (e.g. accounting requirements);
– You have given us consent to use your personal data. personal data (e.g. for commercial purposes);
– To protect your vital interests or those of another person (e.g. in a medical emergency);
– It is part of our legitimate interests in operating as a marketing agency (e.g. for administrative purposes).
Only persons aged 18 or over can give consent. For children under this age, the consent of their parents or legal guardians is required.
We will not keep your data longer than necessary to fulfill the purpose for which it is processed. To determine the appropriate retention period, we take into account the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes by other means.
We also need to consider the periods for which we may need to retain personal data in order to fulfill our legal obligations or to deal with complaints, enquiries and to protect our legal rights in the event of a claim.
When we no longer need your personal data, we will securely delete or destroy it. We will also consider whether and how we can minimize over time the amount of personal data we use and whether we can ensure the anonymity of your data. Personal Data so that it can no longer be associated with you or identify you, in which case we may use that information without notifying you later.
https://carpatinn.ro/ may keep the processed data for various periods of time, deemed reasonable, in accordance with the purposes indicated above. We keep your data only for as long as necessary to fulfill the purpose for which we hold the data, to meet your needs or to fulfill our obligations imposed by law.
To know how long your data can be kept, we use the following criteria:
1. When you purchase our services, we retain your personal data for the duration of our contractual relationship;
2. If you participate in a promotional offer, we keep your personal data for the duration of the promotional offer;
3. If you contact us with a question, we keep your personal data for as long as necessary to process your questions, but not more than 5 years after the last correspondence sent;
4. Where you have provided your consent for marketing, we retain your personal data until you unsubscribe or request deletion or after a period of inactivity (no active interaction with our brands), defined in accordance with local regulations and guidelines. In this regard, we note that data stored in our databases for the purpose of direct marketing communications is deleted from the records of these databases 5 years after the last interaction with you;
5. Where cookies are stored on your computer, we retain them for as long as necessary for them to fulfill their purposes and for a period defined in accordance with local regulations and guidance.
In this regard, we note that the data processed through cookies used to provide online behavioral advertising, to personalize our services to you and to enable the distribution of our content on social networking sites (distribution buttons for displaying the site), will be kept for a maximum period of 5 years after their collection, based on your consent.
https://carpatinn.ro/ has adopted technical data processing measures, updated in accordance with the GDPR requirements, in order to protect your personal data against any unauthorized access, improper use or unauthorized transmission, unauthorized alteration, destruction or accidental loss.
All https://carpatinn.ro/ members and contributors, as well as any third parties acting on behalf of and for https://carpatinn.ro/, are required to respect the confidentiality of your information and the requirements of the GDPR, in accordance with the provisions of this Policy.
We follow strict security procedures in storing and disclosing your personal data and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using Secure Socket Layer (SSL) technology. SSL is the industry-standard method of encrypting personal information and data so that it can be transferred securely over the internet.
All registration details are transmitted over an SSL connection and are stored in accordance with the Data Security Standards.
We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data in accordance with Irish and EU data protection laws.
https://carpatinn.ro/ will use the information you provide in the appropriate contact section of the website solely for the purpose of processing your request.
By providing any personal data through the https://carpatinn.ro/ website, you understand and agree that your data will be processed in accordance with the provisions of the Personal Data Protection Policy of https://carpatinn.ro/.
Please note that in order to process your requests submitted in the registration section, we may, under certain circumstances, be required to share your data with partners with whom https://carpatinn.ro/ cooperates and/or other third party service providers of https://carpatinn.ro/.
However, https://carpatinn.ro/ has adopted appropriate technical measures to ensure the security of the data transfer as well as the GDPR-compliant processing of your data by the aforementioned entities.
The Operator undertakes not to process the personal data provided for any other purpose than that for which it was transmitted, except in situations where there is your express consent to use it for other purposes.
Depending on the context, we may find it absolutely necessary to provide information at a higher level, globally, internally or externally, to our partners and to those with whom we transfer data in compliance with the above-mentioned Regulation, in order to ensure the provision of the most professional services possible.
Information controlled by https://carpatinn.ro/ may be transferred, transmitted or stored and processed in the EU or in countries other than the country in which you reside for the purposes described in this policy. These data transfers are necessary for us to provide the highest level of service to you, and to continue to provide our materials to you to the highest professional standard.
The https://carpatinn.ro/ website uses cookie identifiers. In this regard you can see our Cookie Policy below and exercise your right to disable Cookies.
Under the GDPR, you have a number of rights in relation to the personal data that https://carpatinn.ro/ processes:
1. Right of access to the data we process – You have the right to access the personal data we hold about you.
2. Right to rectification of data- You have the right to request that your Data be rectified if it is inaccurate or out of date and/or to have it completed if it is incomplete.
3. Right to erasure of data (“right to be forgotten”) – In some cases, you have the right to have your data erased or destroyed. This is not an absolute right, as sometimes we may be forced to retain your data for legal or judicial reasons.
4. Right to restriction of processing – You have the right to request restriction of the processing of your Data. This means that the processing of your Data is restricted so that we can keep the Data but not use or process it. This right applies in specific circumstances set out in the General Data Protection Regulation, namely:
– the accuracy of the Data is contested by the Data Subject (i.e. by you), for a period allowing the Controller (i.e. https://carpatinn.ro/) to verify the accuracy of the Data;
– the processing is unlawful and the data subject (i.e. you) objects to the erasure of the Data and requests the restriction of its use;
– the controller (e.g. https://carpatinn.ro/) no longer needs the Data for processing, but they are required by the data subject (i.e. you) for the establishment, exercise or defense of legal claims;
– the data subject (i.e. you) has raised objections to the processing based on legitimate grounds on the part of the controller (in this case https://carpatinn.ro/), on the basis of verifying whether the legitimate grounds of the controller (https://carpatinn.ro/) prevail over those of the data subject (i.e. you).
5. The right to data portability – You have the right to move, copy or transfer the data you are interested in from our database to another one. This applies only to the data you have provided, where the processing is based on your consent or on the basis of a contract and is implemented by automated means.
6. Right to object – You may object at any time to the processing of your data where such processing is based on a legitimate interest.
7. Right to withdraw consent at any time – You may withdraw your consent to the processing of your data where such processing is based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent prior to the withdrawal of consent.
8. Right to lodge a complaint with the competent supervisory authority – If you are not satisfied with the way in which your data is processed through our website, you can address a complaint to the National Supervisory Authority for the Processing of Personal Data, at B-dul G-ral. Gheorghe Magheru, nr. 28-30, sector 1, postal code 010336, Bucuresti, Romania or by e-mail at anspdcp@dataprotection.ro;
9. The right to object to the processing of your data for direct marketing purposes- You can unsubscribe or opt-out of our direct marketing communication at any time.
10. The right to be notified in case of data security breaches, to the extent that the controller concludes that the data subject’s rights have been affected following the investigation of the security breach internally.
11. The right to disable Cookies- You have the right to disable cookies. Internet browser settings are usually set by default to accept cookies, but you can easily adjust them by changing your browser settings.
You can exercise these rights, either individually or cumulatively, very easily by simply sending an e-mail request to: hotelcarpatinn@gmail.com.
The operator (https://carpatinn.ro/) will analyze your requests and inquiries and will respond within 30 days at the latest. If you consider that the response is not favorable, you may apply to the National Supervisory Authority for Personal Data Processing and to the competent court.
The Operator (https://carpatinn.ro/) assumes no liability if you are misled by unauthorized third parties posing as representatives of the Operator. Please inform us immediately if you become aware of any such behavior by a third party.
The https://carpatinn.ro/ website may contain links to other websites and/or other web pages that are not owned by https://carpatinn.ro/. As such, it assumes no responsibility for the content of such websites and therefore cannot be held responsible for the content, advertising, goods, services, software, information or other materials available on or through such websites.
https://carpatinn.ro/ will not be liable for the loss of personal data, for any negative effects on visitors’ personal data or for any other moral and/or patrimonial damages caused by the access to those websites.
We will review the Privacy Policy periodically in accordance with changes that arise in the personal data processing activity and publish the updated version of the document. Any changes will be made without any obligation to inform the Operator (https://carpatinn.ro/).
If you have any questions or concerns about the way we process and use your personal data, or if you wish to exercise any of your rights, please contact us at 0748 222 745 or at STR. BRAZILOR NR. 1-2, AZUGA – PRAHOVA.