This privacy notice gives you details on how we collect and process your personal data by using our website www.stavroshotel.ro.
By providing your data, you guarantee that you are over 13 years old.
SC STAVROS GRUP SRL (hereinafter “we”, “us” or “our” in this privacy notice) is the data administrator and we are responsible for your personal data.
Our complete details are:
Full Name of the legal entity: SC STAVROS GRUP SRL
Email address: firstname.lastname@example.org
Postal address: 8 Vilcelelor Street, Medgidia.
It is very important that the information we hold is accurate and up to date. If your personal information changes, please communicate the changes by sending an email at email@example.com.
- WHAT DATA WE COLLECT ABOUT YOU, FOR WHAT PURPOSE AND REASON FOR IT PROCESSING OF SUCH DATA
Personal data means any information capable of identifying a person. Anonymous data are not included.
We can process the following categories of personal data about you:
COMMUNICATION DATA including any communication you send to us, either by the contact form on our website, by email, text, social media messages, social posts, or any other communication you send to us. We process this data to communicate with you for keeping records and for establishing, pursuing or defending legal claims. Our legitimate reason for this processing is our legitimate interest, such as replying to communications, keeping records and establishing, pursuing or defending legal claims.
CUSTOMER DATA – these include data on any purchase of goods and/or services such as name, position, invoicing address, email address, delivery address, telephone number, contact details, purchase details and card details. We process these data to provide the goods and/or services you have purchased and to keep records of these transactions. Our legal reason for this processing is to make a contract between you and us and/or to take measures upon your request to enter into such a contract.
USER DATA -refers to the data on how you use our website and any online services, along with any data you post for publication on our website or other online services. We process these data for the operation of our website and to ensure that you are provided with relevant content, to ensure the security of our website, to keep backups of the website and/or database, and to allow publishing and administration of our website, other services and online businesses. Our legal reason for this processing is our legitimate interest, which in this case is allowing us to properly manage our website and our business.
TECHNICAL DATA – these data include information about your use of our website and online services such as your IP address, your login details, details about your browser, the duration of your visit to our website, the pages viewed and navigation paths, the details about the number of uses of our website, time zone settings, and other technologies on the devices you use to access our website. The source of these data is from our analysis tracking system. We process this data to analyze your use of our website and other online services, to manage and protect the business and website, to provide you with content and advertisement relevant to the website and to understand the effectiveness of our advertising. Our legitimate reason for this processing is our legitimate interest, which in this case is allowing us to properly manage our website and our business, and to develop our business and set our marketing strategy.
MARKETING DATA -include data about your preferences with respect to marketing acceptance from us and our third parties and your communication preferences. We process this data to allow you to participate in our promotions, such as free contests and offers, to provide you with content and advertisement relevant to the website and to measure or understand the effectiveness of this advertising. The legitimate reason for this processing is our legitimate interest, which in this case is to study how customers use our products/services to develop them, develop their business, and establish marketing strategy.
We may use COMMUNICATION DATA, CUSTOMER DATA, USER DATA, TECHNICAL DATA, MARKETING DATA to provide you with content and advertising relevant to our website (including Facebook ads or other ads displayed) and to measure or understand the effectiveness of our advertising. Our legitimate reason for this processing is our legitimate interest, developing our business. We may also use such data to send other marketing communications to you, our legitimate reason for such processing is either consent or legitimate interest (i.e. developing our business).
We do not collect sensitive data about you. Sensitive Data refer to data that include details about your race or ethnicity, religious or philosophical beliefs, sexual life, sexual orientation, political opinions, membership of trade unions, information about your health, and genetic and biometric data. We do not collect any information about criminal convictions and offenses.
If we are required to collect personal data by law or under the terms of the contract between us and you do not provide us with such data upon request, we may not be able to perform the contract (e.g. to deliver goods or services to you ). If you do not provide us with the requested data, we may have to cancel the delivery of a product or service that you have ordered, but if we do, we will notify you at that time.
We will only use your personal data for the purpose for which they were collected or, if necessary, for a reasonable compatible purpose. For more information, please send an email at firstname.lastname@example.org. If we need to use your details for a new unrelated purpose, we will inform you and explain the legitimate reasons for such processing.
We may take your personal data without your knowledge or consent only when required or permitted by law.
We do not make automated decisions or any automated profile.
- HOW WE COLLECT YOUR PERSONAL DATA
We may receive data from third parties such as analysis service providers such as Google based outside the EU, advertising networks such as Facebook outside the EU, search information providers such as Google based outside the EU, technical service providers such as data brokers or aggregators.
- MARKETING COMMUNICATIONS
The legal reason for processing your personal data to send you marketing communications is either your consent or our legitimate interests (i.e. increasing our activity).
In accordance with the privacy and electronic communication rules, we may send you marketing communications if you made a purchase or requested information from us about our goods or services, or you agreed to receive marketing communications, and in each case you have not opted out of such communications since then. Under these rules, if you are a limited liability company, we may send you marketing emails without your consent. However, you may opt out of receiving marketing emails from us at any time.
Before we share your personal data with any third party for own marketing purposes, we will obtain your express consent.
You may ask us or third parties to stop sending you marketing messages at any time by following the links to opt out of any marketing message sent to you OR by sending us an email at email@example.com at any time.
If you opt out of receiving marketing communications, this opt-out option does not apply to personal data provided as a result of other transactions, such as purchases, warranty records, etc.
- DISCLOSING PERSONAL DATA
We request all third parties to whom we transfer the data to respect the security of your personal data and treat them in accordance with the law. We allow these third parties to process your personal data only for specified purposes and in accordance with our instructions.
We may share your personal details with the parties listed below:
- Service providers providing IT and system administration services.
- Professional advisors, including lawyers, bankers, auditors and insurers.
- Government bodies that require us to report processing activities.
- Third parties to whom we sell, transfer or merge parts of our business or our assets.
SC STAVROS GRUP SRL may provide the personal data of the Buyer to other companies with which it has partnered up, but only on the basis of a privacy commitment from them to ensure that such data are kept secure and that such personal information is provided under the applicable law, as follows: providers of marketing, courier, payment/banking services, telemarketing or other services provided by companies with whom we may develop joint programs for the marketing of Products and/or Services, insurers.
- INTERNATIONAL TRANSFERS
Countries outside the European Economic Area (EEA) do not always offer the same levels of protection for your personal data, therefore, European law has banned transfers of personal data outside the EEA, unless the transfer meets certain criteria.
Many of our third-party service providers are outside the European Economic Area (EEA), so processing your personal data will involve a data transfer outside the EEA.
Every time we transfer your personal data from the EEA, we make every effort to ensure a similar degree of data security by ensuring that there is at least one of the following safeguards:
We transfer your personal data only to countries that the European Commission has approved as providing an adequate level of protection of personal data; or
When using certain service providers, we can use specific contracts or codes of conduct or certification mechanisms approved by the European Commission that offer personal data with the same protection as in Europe; or if we use US providers that are part of the EU-US privacy protection, we may transfer data because they have equivalent safeguards.
If none of the above safeguards is available, we may request your explicit consent for the transfer. You will have the right to withdraw such consent at any time.
The Purchaser’s personal information may also be provided to the General Prosecutor’s Office, the Police, the courts and other competent authorities of the State, based on and within the limits of the legal provisions and as a result of express requests.
- DATA SECURITY
We have introduced security measures to prevent the loss, use, alteration, disclosure or accidental access of your personal data without authorization. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will process only your personal information based on our instructions and must keep privacy thereof.
We have procedures in place to deal with a suspected violation of personal data, and we will inform you and any applicable regulatory authority of a violation if we are legally required to do so.
- DATA RETENTION
We will retain your personal data for as long as it is necessary to meet the purposes for which we have collected them, including for the purposes of complying with any legal, accounting or reporting requirements.
When we decide what is the right time to retain the data we consider the amount, nature and sensitivity of the data, the potential risk of harm caused by unauthorized use or disclosure, the purposes of processing if these can be achieved by other legal means and requirements.
From a tax point of view, the law requires that we keep basic information about our customers (including contact details, identity, financial and transaction data) for six years after they cease to be customers.
Under certain circumstances, we may anonymize your personal data for research purposes or for statistical purposes, in which case we may use this information for an unlimited period without prior notice to you.
- YOUR LEGAL RIGHTS
According to data protection laws, you have rights relating to your personal data including the right to request access, correction, deletion, restriction, transfer, object of processing, data transferability and (if the legal reason for processing is consent) to withdraw consent.
You can see more about these rights by following this link:
If you wish to exercise any of the above rights, please send an email at firstname.lastname@example.org.
You will not have to pay any fee to access your personal data (or to exercise any of your other rights).
We may be required to request specific information from you to help you confirm your identity and to ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who is not entitled to receive it. We can also contact you to request additional information about your request to speed up our response.
We try to respond to all legitimate requests within 30 days. Occasionally, it may take more than a month if your request is particularly complex or if you have made several requests. In this case, we will notify you.
If you are not satisfied with any aspect of the way we collect and use your data, you have the right to file a complaint with the Office of the Commissariat for Information (ICO), the national personal data supervisory authority, in which case we would be grateful if you contacted us first when you have a complaint, so we can attempt a quick and amicable settlement.
- LINKS TO THIRD PARTIES
This website may include links to sites, plug-ins, and third-party applications. If you click on those links or activate these connections, third parties may allow the collection or sharing of your data. We do not control these third-party sites and we are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy statement of each website you visit.
- DATA COLLECTION PURPOSE
The purpose of data collection is:
– informing Customers/Buyers about the situation of their Account, including validating, sending and invoicing the Orders, handling cancellations or any issues of any kind related to an Order, the goods and/or services purchased;
– sending regular Newsletters and/or alerts by using the electronic mail (email, SMS);
– conducting market research, tracking and monitoring sales and Customer/Buyer behavior.
By filling in the data in the Account Creation and/or Order Form, the Buyer declares and accepts unconditionally that his/her personal data be included in the mizuumi.ro database and expressly and unequivocally agrees that all such personal data be stored, used and processed for the purpose above.