Last Updated April 17, 2019
The reservation services, accommodation and related services, the services on this web site offered to Clients and / or Visitors of Services will be called SERVICES
COMPANY is defined as HYDRO POWER INVESTMENT SRL, Limited Liability Company with Unique Identification Code 29005405, having Romanian private capital.
VISITORS are all persons accessing the Company Services
CLIENTS are all persons who benefit from the Services paid to the Company
These Services collect some Personal Data of Visitors and / or Customers
Owner and Data Control
The Services Owner is the Company
Owner’s email address: email@example.com
Email Address for Information and Requests Data Protection: firstname.lastname@example.org
Among the types of personal data that these Services collect, either by themselves or through third parties, are: name, surname, address, country, e-mail address, city, phone number, details of booking and stay hotel, client ID cookies and usage data and other data collected in this document.
Personal data may be provided free of charge by the User or, in the case of Usage Data, automatically collected when using these Services.
Unless otherwise specified, all data required by these Services are mandatory and failure to communicate these data may make it impossible for the Service to function properly. In cases where these Services specify that certain data are not mandatory, users are free not to disclose such data, without consequences on the availability or operation of the Service.
Visitors who do not know what data are required may contact the Company.
Visitors and / or Customers are solely responsible for the data they have obtained from third parties sent to the Company and hereby confirm that they have the consent of third parties to transmit to the Company such Personal Data
The Company takes all necessary security measures against unauthorized access, disclosure, modification or destruction of the Data.
Data processing is done using personal computers (PCs), servers and / or other IT (Information Technology) tools that fully comply with the procedures for the stated reasons. Additionally, in required cases Data may be disclosed to the various administrative personnel of the Company (Department of Administration, Sales, Marketing, Legal) and Extremely Extremely, when required by Third Party Companies (hosting services, IT services, Internet Service Providers) called if it is not required as Data Processors by the Company. The updated list of these third parties may be requested by Visitors / Clients at any time.
The Company may process Visitor and / or Customers Personal Data under the following conditions:
In any case, the Company will be happy to clarify the legal basis for processing, and in particular whether the provision of Personal Data is a legal or contractual requirement or is a requirement for the conclusion of a contract.
Personal Data is processed in the Company’s offices, servers, or other locations where the parties agree that processing takes place.
Depending on the location of the Visitors and / or Customers, the transfer of Personal Data may take place in countries other than the one in which they are located. To learn more about transferring Personal Data, Visitors and / or Customers can check the details of processing Personal Data.
Visitors and / or Customers are also encouraged to learn the legal bases of Data Transfers in countries outside the European Union or to any international organization governed by international laws or agreements between two or more countries such as the United Nations and the measures taken by the Company to secure the Data.
If such Data Transfer occurs, Visitors and / or Customers can check the relevant sections of this document or contact the Company for information using the data in the contact box above.
Personal Data must be processed and stored for as long as it requires the purpose for which it was collected.
The Company may be allowed to retain the Personal Data for a longer period than the Visitors and / or Customers have provided for as long as they have not withdrawn their consent. Furthermore, the Company may be legally obliged to withhold Personal Data for a longer period of time by applicable law or by a public authority.
After the retention period expires, Personal Data must be deleted. Therefore, the right of access, the right to request removal, the right of rectification or porting of data can not be enforced after the retention period has expired.
Visitor and / or Customer data may be collected to allow the Company to provide the Services, but also to contact the Visitor and / or the Customer, or for the Analyzes.
Visitors and / or Customers can find detailed information on these processing grounds and how Personal Information is used for each objective in the sections of this document.
Personal Data is collected for the following purposes and services:
Visitors and / or Customers may exercise certain rights with respect to Personal Data processed by the Company.
In particular, Visitors and / or Customers have the following rights:
Visitors and / or Customers have the right to withdraw their consent to the processing of Personal Data provided to the Company.
If Personal Data are processed in the public interest, in the exercise of a public authority invested by the Company or for a Company’s legitimate interest, Visitors and / or Customers may oppose such processing by providing a reason related to their particular circumstances and to justify the objection.
Visitors and / or Customers must know that their Personal Data may be used in marketing activities directly by the Company without any justification. To learn more about how Personal Data can be used in this case, read this document carefully.
Any claim regarding the rights may be addressed directly to the company using the contact details in this document. These rights may be exercised free of charge and will be addressed to the Company as soon as possible and within a maximum of one month.
Visitor and / or Customer Personal Data may be used by the Company in legal actions in Justice or in the stages leading to possible actions in JUSTICE resulting from improper use of this document or other services during the visit to the site or the services provided .
The Visitor and / or Customer is aware that public authorities may require the Company to disclose Personal Data without any notice to the Visitor and / or Customer
For reasons of operation and maintenance, the Company Services and other third parties may collect information about the interaction with the Services (System Logs) containing personal data (such as IP address, date, time of access, operating system / navigator web).
Whenever you have questions about collecting and processing your Personal Information, you may request information from the Company. Please see the contact details at the beginning of this document.
The services presented do not support “Do not watch” requests Even if Visitors do not allow cookies, they will have personal data logged in the System logs. This is absolutely necessary for Server Security reasons: it records and removes cyber attacks, checks and locates people trying to illegally access data. Moreover, even if you use proxy services, our servers will identify the real IP address for the above mentioned reasons. The log system automatically archives and destroys after a legal period.
In order to determine whether third parties bear and how to handle “Do not Track” requests, please visit their privacy policies.
In the event that a Security breach and certain Personal Data in the possession of the Company are disclosed unauthorized, the following will be done:
A maximum of 7 days is required to fix any bugs, especially zero days, to minimize impact.
In addition to the above, the following are included:
If the changes substantially affect the basic activity of collecting Personal Data, the Company will be required to seek a new consent.
Any information that directly, indirectly or in connection with other information – including a unique personal identification number) – identifies or identifies an individual.
Information collected automatically through Company Services and through third parties may include: IP addresses, addresses or computer names, Uniform Resource Identifier (URI) addresses, time of request, server errors and requests, home country,, name, surname, birth date , birthday, hometown, operating system, web browser, computer type, mobile phone, tablet, or other information during booking
This Privacy Statement was drafted on the basis of several laws, including Art 13/14 of GDPR (General Regulation on Data Protection) REGULATION (EU) 579 of 2016.
Last Updated April 17, 2019