Sepcari Street no. 12-14, Old Center, Sector 3, Bucharest
Last updated April 17, 2019 *
The reservation services, accommodation plus related services, the services on this web page offered to the Clients and / or Visitors of the Services will be called SERVICES
THE COMPANY is defined to be HYDRO POWER INVESTMENT SRL, Limited Liability Company with Unique Identification Code 29005405, having Romanian private capital.
VISITORS are all persons who access the Company’s Services
CUSTOMERS are all persons who benefit from the Services paid to the Company
These Services collect some Personal Data of Visitors and / or Customers
Owner and Data Control
The Owner of the Services is the Company
Email address of the owner: email@example.com
Email address for information and requests Data Protection: firstname.lastname@example.org
Types of data collected
Among the types of personal data that these Services collect, by themselves or by third parties, there are: name, surname, address, country, e-mail address, city, telephone number, booking details and stay in hotel, customer ID cookies and usage data and other data collected in this document.
Personal data may be provided free of charge by the User or, in the case of Usage Data, collected automatically when using these Services.
Unless otherwise specified, all data requested by these Services is mandatory and failure to provide such data may make it impossible for the Service to function properly. In cases where these Services specify that certain data is not mandatory, users are free not to communicate this data, without affecting the availability or operation of the Service.
Visitors who do not know what data is required can contact the Company.
Visitors and / or Customers are solely responsible for the data obtained by them from third parties sent to the Company and hereby confirm that they have the consent of third parties to transmit this Personal Data to the Company.
Data Processing Modes and Locations
The Company takes all necessary Security measures against access, disclosure, modification or unauthorized destruction of the Data.
Data processing is done using personal computers (PCs), servers and / or other IT (Information Technology) tools that fully comply with the procedures for the reasons indicated. In addition, in necessary cases, the Data may be disclosed to the various administrative persons of the Company (administration, sales, marketing, legal) and extraordinarily, strictly when necessary to third party Companies (hosting services, IT services, Internet service providers). called if necessary as Data Processors by the Company. The updated list of these third parties may be requested by Visitors / Customers at any time.
Legal basis for processing
The Company may process the Personal Data of Visitors and / or Customers under the following conditions:
In any case, the Company will be happy to clarify the legal basis for which the processing is performed, and especially if the provision of Personal Data is a legal or contractual requirement, or is a necessary requirement for concluding a contract.
Personal data is processed in the offices, servers of the Company or in other places where the parties agree for the processing to take place.
Depending on the location of the Visitors and / or Clients, the transfer of Personal Data may be made in other states than the one in which it is located. To find out more about the transfer of Personal Data, Visitors and / or Customers can check the details contained about the processing of Personal Data.
Visitors and / or Customers are also encouraged to learn the legal basis for Data transfers to countries outside the European Union or to any international organization governed by international law or agreements between two or more countries, such as the United Nations, and on measures. taken by the Company to secure the Data.
If such a data transfer takes place, Visitors and / or Customers may check the relevant sections of this document or contact the Company for information using the data in the contact section above.
Data retention period
Personal data must be processed and stored for as long as required for the purpose for which they were collected.
The Company may be allowed to retain Personal Data for a longer period than the Visitors and / or Customers have given their consent as long as they have not withdrawn their consent. Moreover, the Company may be legally obliged to retain Personal Data for a longer period by applicable law or by a public authority.
After the retention period expires, Personal Data must be deleted. Therefore, the right of access, the right to request the deletion, the right to rectify or to carry the data cannot be enforced after the retention period has expired.
Purpose of processing
Data on the Visitor and / or the Client may be collected to allow the Company to provide the Services, but also to contact the Visitor and / or the Client, or for Analysis.
Visitors and / or Customers can find detailed information on these reasons for processing and on how Personal Data is used for each purpose, in the sections of this document.
Detailed information about the processing of Personal Data
Personal data is collected for the following purposes and services:
o Invoicing service, Contract. For invoicing, the Customer discloses personal data such as name, surname, address, but also email address and / or Facebook profile or other data necessary for the transmission of the fiscal document
The Rights of Visitors and / or Customers
Visitors and / or Customers may exercise certain rights regarding the Personal Data processed by the Company.
In particular, Visitors and / or Customers have the following rights:
Withdrawal of consent at any time.
Visitors and / or Customers have the right to withdraw their consent for the processing of Personal Data provided to the Company.
o Access to their Personal Data. Visitors and / or Customers have the right to know if their Personal Data is processed by the Company, to disclose certain aspects of the processing and to obtain a copy of their Personal Data that is being processed.
Details regarding the objections to the processing
If the Personal Data are processed in the public interest, in the exercise of a public authority invested by the Company or for a legitimate interest of the Company, Visitors and / or Customers may oppose such processing by providing a reason related to their particular situation and to justify the objection.
Visitors and / or Customers should be aware that their Personal Data may be used in direct marketing activities by the Company without any justification. To learn more about how Personal Data can be used in this case, read this document carefully.
How to use these rights
Any request regarding the stipulated rights can be addressed directly to the company using the contact details in this document. These rights can be exercised free of charge and will be addressed to the Company as soon as possible and within a maximum of one month.
Additional information regarding the collection and processing of Personal Data
The Personal Data of Visitors and / or Clients may be used by the Company in legal actions in Justice or in the stages that lead to possible actions in JUSTICE resulting from improper use of this document or other services during the visit to the site or the services offered. .
The Visitor and / or the Client acknowledges that the public authorities may request the Company to disclose the Personal Data without any notification to the Visitor and / or the Client.
Additional information about the Personal Data of Visitors and / or Clients
System logs and maintenance
For reasons of operation and maintenance, the Company’s Services and other third parties may collect in files information about the interaction with the Services (System Logs) containing personal data (such as IP address, date, time of access, operating system / browser web).
Whenever you have questions about the collection or processing of Personal Data you can request information from the Company. Please review the contact details at the beginning of this document.
How “Do Not Track” requests are handled
The services presented do not support requests such as “Do Not Track” Even if Visitors do not allow cookies, they will have personal data registered in the System Logs. This is absolutely necessary for server security reasons: cyber attacks are recorded and removed, people who try to access data illegally are checked and located. Moreover, even if you use proxy services, our servers will identify the real IP address for the reasons mentioned above. The log system is automatically archived and destroyed after a legal period.
To determine if third parties support and how they support “Do Not Track” requests, visit their privacy policies.
SECURITY BREAK / PERSONAL DATA THEFT
In case a Security breach and certain Personal Data in the possession of the Company are disclosed without authorization, the following will be done:
The maximum time of 7 days is necessary to fix any bugs, especially the zero day ones, so as to minimize the impact.
Alienation of Personal Data
In addition to the above provisions, the following are included:
Changes to these Privacy Policies
The Company reserves the right to make changes to these Privacy Policies at any time by notifying Visitors and / or Customers on this page and if legally and technically feasible to contact each Visitor and Customer using any form of contact regarding the changes. It is recommended that you check this page as often as possible and look at the date of the last change, the date at the beginning and end of this document,
If the changes substantially affect the basic activity of the collection of Personal Data, the Company will be obliged to request a new consent.
Definitions and legal information (other than at the beginning of the document)
Personal Data (or Data)
Any information that directly, indirectly or in connection with other information – including a unique personal identification number) – identifies or makes identifiable a natural person.
Use of Data
Information collected automatically through the Company’s Services or through third parties may include: IP addresses, addresses or computer names, URIs (Uniform Resource Identifier), time of request, errors and requests on the server, country of origin,, name, surname, date of birth , time of birth, hometown, operating system, web browser, computer type, mobile phone, tablet or other information during reservations
This privacy statement has been prepared on the basis of several pieces of legislation, including Article 13/14 of REGULATION (EU) 579 of 2016 GDPR (General Regulation on Data Protection).
Last updated April 17, 2019
Do you need more travel information?