Privacy Policy

TERMS AND CONDITIONS REGARDING PROTECTION OF PERSONAL DATA GDPR

We, S.C. Arco Fine Food S.R.L., adress Curtea de Arges, Str. Portelanului nr. 14b, Jud. Arges, registered with no. J03/839/2016, CUI RO 36016687, account open at BCR Curtea de Arges, owner of Hotel Subcarpati

Guarantee the following:

  1. We process your personal data exclusively for delivering, improving and guaranteeing the services we provide;
    2. Your data is stored in safety conditions;
    3. Personal data are strictly confidential and will not be trandmited to third parties.

We use the collected data for:

– Delivering and managing services, including for displaying customized content and facilitating communication with other users;
– Facilitating technical operation of services, including solving complaints, ensuring services and preventing abuse and fraud;
– Sending administrative messages and information, notifications about any modifications of services and updates of our policies;
– Sending information and messages regarding new services, new functions, promotions, informative messages (from which you can unsubscribe at any time);
– Requests for feedback and understanding your needs;
– Identifying unique users;
– Improving our services and developing new products, services and functions;
– Analysing the traffic of our site or promoting our services on othe sites and apps;

European Union Law regarding personal data protection “General Data Protection Regulation” (named “GDPR”) starts producing effects on 25th of May 2018.

Protecțion of your personal data is important to us, as such, we take measures to protect the private life of our visitors accessing the website www.hotelsubcarpati.ro, according to GDPR.

Please pay close attention to our Privacy policy. It explains our practices regarding GDPR as well as your rights regarding the way we use your information through the website www.hotelsubcarpati.ro.

The processing of personal data performed by Hotel Subcarpati will always be carried out in accordance with the provisions of the GDPR, as well as with the regulations regarding the protection of personal data, specific to each country in which Hotel Subcarpati operates.
Through the Policy on the Protection of Personal Data, Hotel Subcarpati wants to inform visitors about the nature of the personal data we collect and process, as well as the purposes of processing.
In addition, website visitors are informed through the Policy on the Protection of Personal Data and on the rights they enjoy.
WHAT IS PERSONAL DATA?

"Personal data" means any information or information that can identify you directly (for example your name) or indirectly (for example, through pseudonymous data, such as a unique identification number).

This means that personal data includes things such as address, first and last name, sex, date and place of birth, civil status data, telephone / fax, address (home / residence), e-mail, profession, job, training. professional, family situation, economic-financial situation, data on the assets held, habits / preferences / behavior, image, voice, personal preferences and shopping habits, user generated content, financial information and financial status information.

This could also include unique numeric identifiers, such as the IP address of your computer or the MAC address of your mobile device, as well as cookies.
WHAT IS PERSONAL DATA PROCESSING?

"Processing" means any operation or set of operations performed on personal data or on personal data sets, with or without the use of automated means, such as the collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, transmission by transmission, dissemination or making available in any other way, alignment or combination, restriction, deletion or destruction.

THEME AND PURPOSES OF PERSONAL DATA PROCESSING
• In order to conclude and execute contracts - According to art. 6 paragraph 1 bed b) from the GDPR, personal data may be processed for the purpose of concluding or executing the contract. In order to be able to offer you our services, we need to process personal data that belongs to you.

In order to fulfill some legal obligations - According to art. 6 paragraph 1 bed c) from the GDPR, personal data may be processed for the purpose of fulfilling some legal obligations. We request a series of personal data, including, in certain situations, the personal numeric code, in order to fulfill the obligations imposed by the tax authorities in relation to billing and reporting to the tax authorities.
For marketing purposes - According to art. 6 paragraph 1 bed a) from the GDPR, personal data may be processed if the data subject has given his consent for the processing of his personal data for one or more specific purposes.
PRINCIPLES REGARDING DATA PROCESSING
Hotel Subcarpati undertakes to respect the principles of personal data protection (hereinafter referred to as "the Principles") provided by the GDPR, to ensure that all data are:

Properly, legally and transparently processed;
2. Collected for specified, explicit and legitimate purposes;
3. Appropriate, relevant and limited in relation to the purposes for which they are processed;
4. Correct and updated;
5. Retained in a form that does not allow the identification of the data subjects more time than is necessary in relation to the purpose of processing;
6. Processed in accordance with the rights of the data subject, in a manner that ensures adequate processing security, so that the data is complete, confidential and available.
WHAT TYPE OF PERSONAL DATA WE COLLECT

Personal data means any information about you that allows us to identify you, such as your name, contact details, reservation reference number, payment details and information about your access to our sites.

We may collect personal data from you when you use the website www.hotelsubcarpati.ro and other websites accessible through the website, when you participate in a survey or contest or when you contact us.

Specifically, we can collect the following categories of information:

Name, home address, e-mail address, telephone number, locality;
2. Detailed information about participants, including name, date of birth, gender, identity card number;
3. Information about your service purchases;
4. Information about your use of our website;
5. The communications you make with us or that you direct to us through letters, emails, chat services, calls and social networks.
6. The location, including the real-time geographic location of your computer or device via GPS and your IP address, along with Wi-Fi hotspot and gsm locations, if you use location-based features and enable Location Settings Services on your device and on your computer.

Personal details about physical or mental health are considered "sensitive" personal data in accordance with the applicable data protection laws. We will only process such data if you have given your explicit or necessary consent (for example, if you request special assistance) or have made such data public.
WHAT DATA WE NEVER STORE

The data of the payment card of the Customer / User / Buyer will not be accessible and will not be stored by the Hotel Subcarpati, but only by the institution of authorization of the Transaction or another entity authorized to provide data storage services, identifying the card, about which entity the Client / User / Buyer will be informed, prior to entering the data.

3D Secure means a new global approach to authenticating buyers and sales in secure transactions on the Internet. This security measure involves the redirection of the user when making the payment on a secure page, where the registration of each card holder is made by assigning an authorization code for each online transaction. Cards accepted for payment are those issued under the VISA (Classic and Electron) and MASTERCARD (including Maestro, if they have CVV / CV2 codes).
WHAT WE USE YOUR DATA PERSONAL, WHY AND FOR TIME
Your data may be used for the following purposes:

To provide the services you request: we use the information you provide to us to perform the services you have requested in connection with your participation, including the requested course changes;
2. To contact you in case of a change of schedule or cancellations: we send you information regarding the services you have requested and any changes to these services. The information is not for commercial purposes and you cannot unsubscribe from it;
3. We use your payment information for accounting, billing and auditing purposes and to detect and / or prevent any fraudulent activity;
4. For administrative or legal purposes: we use your data for statistical and marketing analysis, system testing, customer satisfaction studies, maintenance and development, or to resolve a dispute or claim.
Please note that we may perform data profiling, based on the data we collect from you, for statistical analysis and marketing purposes. Any profiling activity will be performed only with your prior consent and making every effort to ensure that all data on which it is based is accurate.
By providing any personal data you expressly agree that we may use it to carry out profiling activities in accordance with this Privacy Policy;
5. Security, health, administration, crime prevention / detection: we may forward your information to government authorities or law enforcement agencies to comply with legal requirements;
6. For Customer Service Communications: We use your data to manage our relationship with you as a customer and to improve our services and your experience with us;
7. To provide personalized services: we use your data to provide information that we believe is of interest to you before, during and after your participation and to personalize the services we provide;
We will only process your personal data if we have a legal basis to do so. The legal basis will depend on the reasons we collected and why we must use your personal data.

We may also process your personal data in one or more of the following cases:
• To comply with a legal obligation (for example, accounting requirements);
• You have given us consent to use your personal data (for example, for use for commercial purposes);
• To protect your vital interests or those of another person (for example, in the event of a medical emergency);
• It is part of our legitimate interests to operate as a marketing agency (for administrative purposes, for example).

Only children at least 16 years of age can consent. For children under this age, the consent of the parents or legal guardians of the children is required.

We will not keep your data longer than necessary to fulfill the purpose for which they are processed. In order to determine the appropriate retention period, we consider the quantity, nature and sensitivity of personal data, the purposes for which we process them and whether we can achieve these goals by other means.

We also need to consider the periods for which it may be necessary to keep personal data in order to fulfill our legal obligations or to deal with complaints, questions and to protect our legal rights in the event of a claim.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider whether and how we can minimize the amount of personal data we use over time and whether we can ensure the anonymity of your Personal Data, so that it will no longer be associated with you or identify you, just in case that we may use that information without further notice to you.
DATA STORAGE PERIOD
Hotel Subcarpati can keep the data processed for different periods of time, considered reasonable, in accordance with the purposes indicated above. We keep your data only for the period necessary to achieve the purpose, for which we hold the data, to meet your needs or to fulfill the obligations required by law.

To know how long your data can be stored, we use the following criteria:
1. When you purchase products and services, we keep your personal data for the duration of our contractual relationship;
2. If you participate in a promotional offer, we keep your personal data during the promotional offer;
3. If you contact us for a question, we will keep your personal data for the duration of your questions, but not more than 5 years from the last correspondence sent;
4. If you have given your consent for marketing, we will keep your personal data until you unsubscribe or request to delete it or after a period of inactivity (without an active interaction with our brands), defined in accordance with the regulations and guidelines local. In this regard, we mention that the data stored in our databases for the purpose of direct marketing communications are deleted from the records of these databases 5 years after the last interaction with you;
5. If cookies are stored on your computer, we will keep them for as long as necessary for them to reach their goals and for a defined period in accordance with local regulations and guidelines.

In this regard, we mention that the data processed by the cookies modules used to provide online behavioral advertising, to personalize our services for you and to allow the distribution of our content on social sites (distribution buttons for displaying the site), they will be kept for a maximum period of 5 years from their collection, based on your consent.
PROCESSING SECURITY

Hotel Subcarpati has adopted technical data processing measures, updated in accordance with GDPR requirements, in order to protect your personal data against any actions of unauthorized access, improper use or transmission, unauthorized modification, destruction or accidental loss.

All members and collaborators of Hotel Subcarpatu, as well as any third parties acting on behalf and on behalf of Hotel Subcarpati, are obliged to respect the confidentiality of your information and the requirements of the GDPR, in accordance with the provisions of this Policy.

SECURITY OF YOUR DATA PERSONAL

We follow strict security procedures in storing and disclosing your personal data and to protect them against accidental loss, destruction or damage. The data you provide to us is protected using Secure Socket Layer (SSL) technology. SSL is the standard method in the industry for encrypting personal information and data, so that it can be securely transferred over the Internet.

All registration details are transmitted over an SSL connection and are stored in accordance with Data Security Standards.

We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We ask all third parties to have adequate technical and operational security measures in place to protect your personal data, in accordance with Irish and EU data protection rules.
PROCESSING OF CONTACT OR REGISTRATION FORMS

Hotel Subcarpati will use the information you provide in the corresponding contact section, existing on the site, exclusively for the purpose of processing your request.

By providing any personal data through the Hotel Subcarpati website, you understand and agree that your data will be processed in accordance with the provisions of Hotel Subcarpati's Personal Data Protection Policy.

Please keep in mind that in order to process your requests submitted in the registration section, it may be possible, under certain circumstances, to submit your data to the partners with whom Hotel Subcarpati collaborates and / or to other third party providers. services of Hotel Subcarpati.

However, Hotel Subcarpati has adopted appropriate technical measures to ensure the security of the data transfer, as well as the processing according to the GDPR requirements of your data, by the aforementioned entities.

Hotel Subcarpati undertakes not to process the personal data provided for any other purpose than the one for which they were transmitted, unless your express consent is for use for other purposes.
RELATIONS WITH OTHER OPERATORS
Depending on the context, we may find ourselves in the situation of the absolute necessity of providing information at a higher level, both global and internal or external, to our partners and to those with whom we transfer data in compliance with the above Regulation mentioned, by virtue of ensuring the most professional services possible. The information controlled by Hotel Subcarpati could be transferred, transmitted or stored and processed in the EU or in countries other than the country in which you live, for the purposes described in this policy. These data transfers are necessary to be able to provide services at the highest level, as well as continue to provide you with our materials at the best professional level.

AUTOMATIC DATA PROCESSING. COOKIE
The Hotel Subcarpati website uses Cookie IDs. In this regard you can consult our Cookie Policy below and you can exercise the right to disable Cookies.
RIGHTS OF THE PERSONS VISITED

According to the GDPR, you have a series of rights regarding the personal data that Hotel Subcarpatu processes:
1. Right of access to data processing - You have the right to access the personal data we hold.
2. The right to rectify data - You have the right to request that your Data be rectified if they are inaccurate or outdated and / or to complete them if they are incomplete.
3. Right to Delete Data (“Right to Forget”) - In some cases, you have the right to obtain the deletion or destruction of your Data. This is not an absolute right, because sometimes we may be forced to keep your Data for legal or legal reasons.
4. Right to restriction of processing - You have the right to request the restriction of the processing of your Data. This means that the processing of your Data is limited, so that we may keep the Data, but not use or process it. This right applies in the specific circumstances provided for in the General Data Protection Regulation, namely:
- the accuracy of the Data is challenged by the data subject (ie you), for a period that allows the operator (ie Hotel Subcarpati) to verify the correctness of the Data;
- the processing is illegal and the data subject (ie you) opposes the deletion of the Data and requests the restriction of their use;
- the operator (for example, Hotel Subcarpati) no longer needs Data for processing, but these are requested by the data subject (ie you) for establishing, exercising or defending legal claims;
- the data subject (ie you) raised objections of the processing based on legitimate reasons from the operator (in this case Hotel Subcarpati), based on verifying that the legitimate reasons of the operator exceed those of the data subject (ie you).
5. Right to data portability - You have the right to move, copy or transfer the data that interests you from our database to another. This applies only to the data you have provided, when the processing is based on your consent or contract and is implemented by automatic means.
6. Right of opposition - You may at any time oppose the processing of your data when such processing is based on a legitimate interest.
7. The right to withdraw consent at any time - You may withdraw your consent to the processing of your data when such processing is based on consent. The withdrawal of the consent does not affect the legality of the processing on the basis of the consent before its withdrawal.
8. The right to lodge a complaint with the competent supervisory authority - You have the right to lodge a complaint with the data protection authority of your country of residence or domicile to challenge the data protection practices offered by Hotel Subcarpati.
9. The right to object to the processing of your data for direct marketing purposes - You may unsubscribe or opt out of our direct marketing communication at any time.
10. The right to object to the processing of your data by us when we carry out actions in the public interest or in the legitimate interests of your own or of a third party - You may at any time oppose the processing of your data when such processing is based on an interest legitimate.
11. Right to Disable Cookies - You have the right to disable cookies. Settings in Internet browsers are usually programmed by default to accept cookies, but you can easily adjust them by changing your browser settings.

You can exercise these rights, either individually or cumulated, very easily, by simply sending a request by E-mail to: info@hotelsubcarpati.ro.
LEGAL REQUESTS
We access, maintain and provide your information to regulatory authorities, law enforcement or other entities:
1. In response to a request of a legal nature, when we consider, in good faith, that the law requires us to do so. It is also possible to respond to requests of a legal nature when we consider, in good faith, that the response required by the laws of that jurisdiction affects users in that jurisdiction and is in line with internationally recognized standards.
2. When we consider, in good faith, that it is necessary to: detect, prevent and respond to acts of fraud, unauthorized use of any material belonging to us, violations of our conditions or policies or other harmful or illegal activities, to protect us (including our rights, property or materials), you and others, including in the investigations or investigations of regulatory authorities, or to prevent imminent death or personal injury. For example, if relevant, we provide information to and receive information from third parties about the reliability of your account, to prevent fraud, abuse and other harmful activities within and outside our materials.

The information we receive about you may be accessed and stored for a longer period of time when it is the subject of a legal request or legal obligation, a government inquiry, or investigation into possible violations of our conditions or policies, or in other cases to prevent injury.
EXEMPTION OF LIABILITY

The hotelsubcarpati.ro website may contain links to other websites and / or other websites that are not the property of Hotel Subcarpati. Arco Fine Food assumes no responsibility for the content of these websites and therefore will not be held responsible for the content, advertising, goods, services, software, information or other materials available on or through these websites.

Arco Fine Food will not be responsible for the loss of personal data, for any negative effects on the personal data of the visitors or for other moral and / or patrimonial damages caused by the access to the respective websites.
UPDATE POLICY OF PROTECTION AND PROCESSING OF PERSONAL DATA
Please keep in mind that this Policy may be subject to periodic changes in content, by updating the hotelsubcarpati.ro website. We will notify you before making any changes to this Policy and will give you the opportunity to review the revised content before choosing to continue using our materials.

Please do not continue to use the hotelsubcarpati.ro website if you do not agree to such changes. We also recommend that you check this page for any updates.

The terms of the Personal Data Processing Policy are interpreted in accordance with the applicable law.

CONTACT

If you have any questions or concerns about how we treat and use your personal data, or you wish to exercise any of your rights, please contact us at info@hotelsubcarpati.ro