Privacy policy

Content

1. When does it apply?
2. What is the purpose of this policy?
3. What is personal data?
4. For what purpose do we collect them?

CONTRACTUAL PURPOSES
FUNCTIONAL purposes
MARKETING purposes
5. How do we collect them?
6. What rights do you have?

The right of access
The right to modify and delete
The right to restrict processing
The right to data portability (export)
The right not to be subject to an automatic action
The right to file a complaint
7. To whom do we disclose the data?
8. How do we ensure data security?
9. What are the storage periods?
10. How do we handle juvenile requests?
11. What do we do in case of security incidents?
12. What records do we keep?

1. When does it apply?
The privacy policy applies to the personal data of those who wish to become, are or have been customers of BUCHAREST BOUTIQUE ACCOMMODATION, including data collected, used or disclosed while using our company’s website, available at www.bucharest-boutique-accommodation .ro.
You can manage your consent for the purposes for which the personal data will be used by sending an e-mail to bucharestboutiqueaccommodation@gmail.com, you can write to us at Strada Vitejescu, no. 37, sector 4, code 040334, Bucharest.
This policy is valid starting with 25.05.2018

2. What is the purpose?
When you use our site, you entrust us with some of your personal data. We understand this and appreciate it. Through everything we do we strive to protect them and give you the best possible control over them.

The privacy policy helps you understand what personal data we collect about you, how we use your personal data and what options you have for using it.

We are committed to maintaining the accuracy, confidentiality and security of your personal data. In order to be in accordance with the legislative changes and / or with the practical realities they face, we reserve the right to adjust this policy at any time, the changes becoming mandatory from the moment of their publication on the site.

3. What is personal data?
We want you to understand as clearly as possible what “personal data” represents.

Personal data is information about an identified or identifiable person. Examples of such data: name, surname, address, telephone number, email, cookie, computer IP address, mobile device IDs, information in your web browser (such as browser type and browser language), actions on which you do on our website etc.

4. For what purpose do we collect them?
Personal data is collected for the effective conduct of business relationships, to provide you with the best possible services, to permanently improve the functionality of our site or to bring to your attention advertisements and promotions relevant to you.

We limit the personal data we collect to what is relevant for their particular processing. We do not process your personal data in ways that are incompatible with the purposes for which the information was collected or subsequently authorized by you.

CONTRACTUAL data (mandatory) – for starting the process of hiring a contract and for the effective development of the commercial relationship

We can collect data (name, surname, phone, email, etc.) in order to answer your questions about our products and services, in order to organize the effective processing of your orders. These data are collected through dedicated forms on the site such as: contact, online booking, etc. These data are generically referred to as “contractual data”. Without them, your order cannot be taken (for example: we do not know how to answer your questions), it cannot be processed. You will not be able to benefit from our services using our site without providing this data.
Customers may not opt out of receiving emails related to the processing, booking (or other processes associated with this purpose).
The legal basis for the processing of this data is our legitimate interests (Article 6 paragraph 1 lif (f) of the General Data Protection Regulation).

FUNCTIONAL data – for a better experience in using the site

You can collect direct data (name, surname, phone, email, etc.) to ensure a better experience in using the site. The data is collected through the forms on the site
This data is generically referred to as “functional data”.
You can collect indirect data that can be used to create a better structured website (eg Google Analytics reports, etc.). This data helps us to see the navigation flow of visitors to the site, the navigation volume and other useful information relevant to improving the site, to provide you with a better browsing experience.
All these functionalities are designed to offer you the best information and acquisition options.
If you do not agree to the use of data for this purpose, you cannot benefit from these features.
The legal basis for the collection of this data is the consent (Article 6 (1) (a) of the General Data Protection Regulation).

MARKETING data – for a better structured site, relevant advertising and information on social media
We collect personal data, such as direct data (name, surname, phone, email, etc.) or indirect data (cookies, computer IP address, location, mobile device IDs, etc.).
Direct data is collected for newsletter subscriptions (sending newsletters, commercial offers, etc.). If you no longer wish to receive such materials, you can access and send an e-mail to bucharestboutiqueaccommodation@gmail.com.
Cookies are data files that are sent from a website to a browser to record information about users for various purposes. We use cookies and similar technologies. For additional information, see the page on our website that contains the cookie policy.
The data can also be used to display ads adapted to your wishes (eg: Google Remarketing, Facebook Pixel, etc.). You may be presented with advertisements for the products you were interested in or viewed.

We generically call this data “marketing data.”

The legal basis for the collection of this data is the consent (Article 6 (1) (a) of the General Data Protection Regulation).

5. How do we collect them and how do you manage your consent?
When you interact with our site, we offer you the opportunity to give and withdraw your consent at any time for the use of your data.
We offer site visitors and customers who provide personal data the means to choose how we use this data. Consent regarding the processing of personal data may be requested at the launch of a form, as well as for any other purpose involving the consent, by accessing a general control panel (cumulative or individual, on each category of data or individual purpose) or by another technical manner, created for this purpose.

You will have the opportunity to give your explicit consent to the purposes for which the personal data will be used and to manage it later, in accordance with the regulations in force.

6. What rights do you have?
We make every effort to guarantee your rights, in accordance with applicable law.
You have the right to access your personal data. Consequently, if necessary, we offer you access to the personal data we keep about you. We also offer you the opportunity to choose if you want to receive offers and promotions from us, but also to correct, modify or delete your information.

We may limit or deny access to personal data if the efforts or costs of providing access are disproportionate to the risks to your privacy, or if the rights of others other than yourself are violated. Other reasons for refusing or restricting access may include restrictions imposed by applicable law or other similar, justified issues.

You have the right to modify and delete your personal data, especially incomplete or inaccurate data, for example, if some of the personal data you have provided (phone number, e-mail address, authorized person, etc. .) are no longer current.

We take reasonable steps to ensure that the personal data we process is viable for the desired use and accurate, complete and current. In this regard, we rely on you to update and correct personal data to the extent necessary for the purposes for which they were collected or subsequently authorized by you.

Requests for access, modification or deletion of information will be processed within 30 days.

You have the right to restrict the processing, to oppose the processing of personal data concerning you and to request the rectification, updating or deletion of data in accordance with the law. This right can be exercised at any time, free of charge and without justification, except for those data for which the processing is a legal obligation.

You have the right to request the portability (export) of personal data. We may limit or refuse the portability of personal data, if the efforts or costs of providing access would be disproportionate to the benefits in that case.

You have the right not to be subject to an individual automatic decision.

You have the right to file a complaint to the National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.), as well as to go to court, in accordance with the legal provisions in force.

7. To whom do we disclose your data and where do we transfer it?
We collaborate with companies in the internet field: Google, Facebook, etc. – however, for a better experience with our site.

We may share your personal data with contracted service providers in order to improve the experience of using the site (eg Google Analytics, etc.) or providing services in the field of marketing, advertising and publicity (Google, Facebook, Mailchimp, etc.), as well as for other purposes: accounting services, law, consulting, affiliates, business partners, etc. The disclosure of data is made on the grounds that the services necessary for the conduct of our business cannot be provided by us. We make every effort to have a confidentiality commitment from them, which guarantees that this data is kept secure and that the provision of this personal information is made in accordance with applicable law. If our hosting service providers, newsletters or other similar services are transferred outside the European Economic Area (EEA), efforts are made to ensure adequate protection measures.

We may disclose your personal data, either through legal requirements, legal process, litigation and / or requests from public and governmental authorities in or outside your country of residence. We may also disclose personal information about you if we determine that disclosure is reasonably necessary to ensure that we comply with our terms and conditions or to protect our operations or users. Relevant information can also be found in the announcements regarding the specific data processing activities.

We may also transfer personal data in the event of an audit, or in the event of the sale or total or partial transfer of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).

8. How do we ensure data security?
The security of your data is important to us. We make every effort to do so.
We take reasonable and appropriate measures to protect personal data from loss, misuse and unauthorized access, disclosure, modification and destruction, taking into account their nature. We take all internal measures to identify and ensure the security of information, the measures being checked regularly and adapted to the state of the art. Our company uses related service providers with market notoriety (eg hosting services, software development services, marketing solutions, etc.) to achieve this goal.

9. What is the storage period?
We keep the information according to legal specifications and as long as you agree.
The storage of personal data is done for the periods of time specified by the legislation in force, in order to maintain records related to the activities carried out, to protect the rights in court and exercise other rights according to law and concluded contracts, fulfilling any archiving requirements, in accordance with legal provisions. The personal data necessary for the beneficiaries of the functionalities of our site and of the promotional activities are stored for an indefinite period of time, until the deletion of your account.

10. How do we handle juvenile requests?
We do NOT provide services and we do NOT deliver goods to minors except in the express cases provided by law.

Our company does NOT pursue in its data processing activities, the processing of personal data of minors under 16 years of age. We do not carry out promotional marketing activities directly to minors.

Any person who provides us with personal data guarantees that he is of age, respectively he has full capacity to exercise. If, however, there is a processing of personal data for a person who is not an adult, we will stop processing this data once you become aware of this fact.

Any processing of personal data of minors is carried out in accordance with legal requirements and in strictly determined cases. Minors who have reached the age of 14 can purchase services, request and receive communications from our company only if they have the consent of their legal representative or guardian, according to the law.

11. What do we do in case of security incidents?
Informing you and the authorities is the first step. Remedying the situation is our priority.
In case of a personal data breach, we will notify the competent authorities for data protection within 72 hours, depending on the degree of risk for the customer or for the site visitor. Affected customers or site visitors will also be notified of the violation.
We will take all necessary measures to remedy the situations that have arisen, in order to protect your rights.

12. What records are kept?
We keep records to demonstrate compliance with the requirements of this policy.

We will keep relevant records about:
a. the purpose of processing personal data;
b. the categories of data subjects and of personal data processed;
c. where possible, the expected retention periods for different categories of personal data;
d. a general description of the security measures used to protect personal data;
e. exercising the rights you have.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmc	session	The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmt	10 minutes	The cookie is set by Google Analytics and is used to throttle request rate.
__utmz	6 months	This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site.
_gat	1 minute	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
TADCID	10 years	The domain of this cookie is owned by Tripadvisor. The cookie stores Unique ID for the tripadvisor user. The cookie helps in viewing embedded content from Tripadvisor.

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	No description
CONSENT	16 years 10 months 10 days 13 hours	No description