Privacy and data protection policy

Grandis Apulum Hotel, CUI RO7370485, registered at the Trade Register with J03 / 492/1995, as a personal data operator collects and processes data in accordance with the provisions of Law no. 677 of 21.11.2001, and of 25.05.2018 and with the provisions of Regulation no. 679 of 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

The purpose of this document is to inform you correctly, specifically and unequivocally about how, the purpose for which this data is collected, processed, the period for which this data is stored, how to exercise individual rights and information related to the secondary purpose of the processing, if the data will be processed for a purpose other than that for which they were collected by the associated operators.

In processing this data, we take into account the laws in force regarding the protection and processing of personal data. For this purpose we performed an internal audit on how to collect, process and transmit personal data, we took appropriate technical measures and established a series of internal technical and administrative procedures, we conducted trainings within the team, in order to raise awareness and empower team members.

PERSONAL DATA COLLECTED BY OUR COMPANY, THROUGH THE SITE OR THROUGH DIRECT COMMUNICATIONS, FOR THE PURPOSE OF CARRYING OUT THE WORKS

If you send us a message through one of the forms on the site, we collect and process the following data, for the legitimate purpose of processing the request: name and surname, phone, email, subject, message, company, date check in, date check out, type desired room, full address.

If you choose to subscribe to the company’s newsletter, without being a customer, we collect email for marketing communications and your name.

If you are a visitor, only those data registered by the cookies accepted by the visitor at the time of the first visit to the site are registered, through the cookie policy notification window and described in the Cookies Policy page.

DURATION OF PERSONAL DATA PROCESSING

The duration of storage and processing of personal data is closely related to the collaboration relationship between our company and you as a customer or potential customer. The data may be deleted at the explicit request of the account holder or as long as necessary to achieve the purposes stated through this page.

The data necessary for the preparation of fiscal invoices and contracts are kept for a period necessary to fulfill the legal obligations (fiscal, archiving) imposed by Romanian law.

RECIPIENTS OF PERSONAL DATA

Personal data may be communicated to the following persons or entities, or may be accessed by them, as part of the daily work process:

  • to the employees of our company in order for the good development of the activity
  • to the company’s collaborators, limited, in order to carry out the company’s activity in good conditions (to the accounting service providers, the hosting service provider – by sending the form on the site, the invoicing service provider)
  • in cases where this communication would be necessary for the awarding of prizes or other facilities to the persons concerned, obtained as a result of their participation in various promotional campaigns organized by Hotel Grandis Apulum through the Site or associated promotion channels, for example Facebook, Instagram etc
  • for measuring visits, performing data analysis, testing and research, monitoring usage and activity trends, developing security features and authenticating users, to specific modules, such as Google Analytics or similar;
  • for the transmission of commercial marketing communications, under the conditions and limits provided by law, to platforms or software packages such as sending newsletters
  • when the disclosure of personal data is provided by law
  • to providers of marketing and promotion services, automated and LIMITED (through cookies), as well as
    • Google.com
    • Facebook.com
    • Pinterest.com
    • YouTube.com
    • Instagram.com
    • WordPress.com

 

INFORMATION ON THE METHOD OF DATA COLLECTION AND THE ACCEPTANCE OF COLLECTION

Each user of our site is presented at the time of the first visit to the site the list of cookies collected or which collect, in one way or another, explicitly or implicitly, data that may fall into the category of personal data. This is done through the notification at the top of the site, notification through which the visitor has the opportunity to accept the privacy and data protection policy.

In the case of forms, they are sent only when reading and accepting the data collection and protection policy, this being certified by the mandatory ticks in the footer of each form that requires this, such as: the form on the contact page and the comments form in BLOGS

THE RIGHTS OF PERSONS WHOSE DATA ARE COLLECTED

a) The right of access to data and information The persons whose data have been collected have the right to be informed about the data that have been collected, the purpose and duration of the collection of these data.

b) The right to intervene on the data The persons whose data have been collected have the right to obtain on request the data collected, to request the correction, updating, completion or deletion of these data, especially of inaccurate data.

The request for modification, update, deletion of data will be addressed in writing or to the email address dpo@hotelgrandisapulum.ro and will include mentions regarding the option of communicating the answer, respectively on physical or electronic support. The communication of the answer to such requests will be made within 30 days from the date of receiving the request.

c) The right of opposition The persons whose data have been collected may oppose at any time the processing of personal data concerning them, unless this is contrary to the legislation in force (fiscal, archiving).

For this purpose, as well as for any other purpose regarding personal data, the data subjects will address in writing to the company or by email to the address dpo@hotelgrandisapulum.ro, the communication of the answer being made within 30 days. on the date of receipt of the application.

For any questions about how the data of the data subjects are used or if any additional clarifications are needed in connection with any aspect related to data processing, they can contact the data protection officer within the company, by email dpo@hotelgrandisapulum.ro or personally submitting a handwritten signed notification at our office located at Hotel Grandis Apulum, B-dul Dacia no. 14 A, Mioveni – Argeş