The purpose of this information notice is to explain what data is processed, why it is processed, and what happens with it in the relationship between the client and our company, in our capacity as data controller.
We take privacy seriously and never sell mailing lists or email addresses. Being fully aware that personal information belongs to our clients, we do our best to store it securely and process it with care.
2. Who Are Our Clients?
Under applicable legislation, a client who is a natural person, or the representative/contact person of a legal entity that is a client of our company, is a "data subject" — meaning an identified or identifiable natural person.
3. Our Commitment
We are committed to complying with European and national legislation on the protection of personal data, in particular Regulation (EU) 679/2016 (GDPR) and the following principles:
Lawfulness, fairness and transparency — We process client data lawfully, fairly and transparently
Clients are in control — We provide the ability to review, modify and delete personal data
Data integrity and purpose limitation — We use data only for the purposes described at the time of collection
Security — We have implemented reasonable security and encryption measures
4. What Data Do We Collect?
We collect the following categories of personal data:
First and last name
Address, citizenship
Personal identification number (CNP), ID card/passport series and number
Date of birth, age
Email address, phone number
Credit/debit card details (processed securely)
Authentication data (username, password)
IBAN (for refunds)
Company name (for legal entities)
5. Why Do We Collect This Information?
For concluding or performing an accommodation contract
To respond to inquiries and requests
To provide and improve our services
To comply with applicable legislation
For establishing or claiming a right in court
For maintaining the business relationship
6. Legal Basis for Processing
Contract performance — processing necessary for concluding/performing the accommodation contract
Legitimate interests — improving services and communicating with clients
Legal obligation — retention of financial documents (10 years under fiscal legislation)
Vital interests — in emergency situations
7. How Long Do We Retain Data?
We store data for the period necessary to fulfil the purposes, but no longer than 5 years from the end of the contract or the last interaction. Accounting documents are retained for 10 years under fiscal legislation.
8. Who Do We Share Data With?
We may disclose data to business partners or other third parties, strictly for the purposes mentioned:
IT and telecommunications providers
Accounting firms
Legal services
Public authorities (prosecution, police, courts)
We ensure that data does not leave the European Economic Area without an adequate legal basis.
9. Cookies
Our website uses cookies for functionality and analytics:
Essential cookies — necessary for website operation (session, preferences)
Analytical cookies — Google Analytics / GTM for anonymised traffic statistics
Marketing cookies — only with explicit consent, for remarketing
You can manage your cookie preferences in your browser settings or through the cookie banner displayed on your first visit.
10. Your Rights (GDPR)
You have the following rights under Regulation (EU) 679/2016:
Right to withdraw consent
Right to be informed regarding data processing
Right of access to personal data (Art. 15 GDPR)
Right to rectification of inaccurate or incomplete data
Right to erasure ("right to be forgotten") (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability — transfer of data to another controller (Art. 20 GDPR)
Right to object to data processing (Art. 21 GDPR)
Right not to be subject to a decision based solely on automated processing
Right to seek judicial remedy
Right to lodge a complaint with ANSPDCP (Romanian National Supervisory Authority)
11. Exercising Your Rights
To exercise any right, send a written, signed and dated request to:
Response time: 30 days (may be extended in complex cases).
12. Changes
We may modify this policy at any time. Updates take effect immediately upon publication. The date of the last update is displayed at the top of this page.
