CONFIDENTIALITY AND PROTECTION POLICY OF PERSONAL DATA
Sustainable Journeys Concept SRL (the “Company”) tries to protect the privacy of the site users of https://www.romanian-journeys.com in order to provide them with a safe online experience.
In carrying out its activity, Sustainable Journeys Concept SRL complies with all the conditions and requirements stipulated by the current legislation of Romania, European legislation, including but not limited to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as GDPR).
This policy applies to all employees of Sustainable Journeys Concept SRL, contractors, stakeholders and all other subjects directly or indirectly involved in the processing of personal data, including subjects who visit the Sustainable Journeys Concept SRL website – https: // www .romanian-journeys.com (hereinafter referred to as “users”) within the Company’s activities.
SUSTAINABLE JOURNEYS CONCEPT S.R.L., legal entity with registered office in Bucharest, 83 Uverturii Boulevard, bl. O15, ScA, et 4, ap 14, Sector 6, registered at the Trade Register under no. J40 / 13466/2017, having CUI 38026474, shall undertake to comply with all relevant European Union and Romanian laws in regards to personal data and to protect the “rights and freedoms” of individuals while collecting and processing personal data in accordance with GDPR.
The privacy and data protection policy sets out how the company uses, processes and stores the recipient’s personal information. The company can obtain this information from you or your partners in order to fulfill their contractual obligations. In other cases, the Company will receive this information from you with your permission and consent, or it will receive personal information from third parties to whom you have given consent to the transmission of such information.
You have the right to notify the Company or Authorities responsible for data protection in case of personal data breaches if you know about this fact before the Company.
While we collect and process personal data, we comply with the principles provided by GDPR. Company policies and procedures are designed to ensure compliance with the principles.
COLLECTION AND PROCESSING OF PERSONAL DATA
Throughout carrying out our business, we will collect and process your personal data that may include:
Data provided by us (collected when you create an account on our site, sign a contract with us, etc.) such as: postal address, e-mail address, first name, surname, date of birth, gender, country, postal code, password, PayPal, bank details, telephone (fixed and / or mobile), age.
Data we collect automatically (when you visit the site, when you create an account on our site, when you purchase one of our services or subscribe to our Newsletter) including but not limited to: activity on page https://www.romanian-journeys.com, session duration, including page response times, download errors, duration of visits to specific pages, page interaction information and methods used to navigate the page, IP address, as defined on the https://www.romanian-journeys.com site, according to the technical specifications of the device used (such as the hardware model, operating system version), connection information such as the type and browser version, time zone setting, types and versions of the browser, search history on https://www.romanian-journeys.com, location data about interaction with networks or external social platforms us, registration and notification information at https://www.romanian-journeys.com.
We do not collect more personal data than is necessary for processing as provided in this document.
While collecting and processing personal data, Sustainable Journeys Concept SRL acts as an operator, so it will have the rights and responsibilities of the GDPR Operators.
The company collects and / or processes the following sensitive data in its activities: such as the sex of the recipients.
The processing of a child’s personal data is legal if he / she is at least 16 years of age. If the child is under 16, such processing is legal only if and to the extent that the consent is granted or authorized by the holders of parental responsibility over the child.
We collect personal data on the basis of consent obtained from individuals (subjects) who have reached the age of 16 years.
By registering on the site and giving your consent, you acknowledge that you have reached the age of 16 years and you have all the rights to provide us the consent of processing of your personal data. Therefore, we will not be liable for any consequences if it becomes clear that you have not reached the age of 16 years at the time the consent was given.
PURPOSE OF PROCESSING
Sustainable Journeys Concept SRL uses your stored personal information – the details provided on registration and the activity you have carried out on our site – in particular to facilitate your access to the site, to improve our products and services, and to provide you with information on the latest news, products and services that you are interested in.
We may contact you by email, post, telephone or text message, depending on the method you mentioned in the contact information you have previously shared with us regarding the services you have purchased from us.
We may only use your personal data for the following purposes:
– Execution of the services according to the Agreements concluded between you and us; for example, we need to process your personal data to deliver a product or service that you have purchased from the site;
– Improving customer service (allows a more efficient response to customer requests);
– Personalize your experience on our website https://www.romanian-journeys.com;
– Keeping in touch with you by passing on marketing or promotional materials and other information that includes our news, service information.
– Making statistical surveys and other types of analysis based on anonymous data;
– Offering certain personalized services;
– Your participation in various projects implemented by us through the site, answering your questions addressed to us through the site, research, account maintenance, registration and promoting services.
– We collect, process and disclose your personal data only for specific and limited purposes; for example, to process your payments, evaluate and manage any complaints, develop and improve our site’s products, services, methods, and functionality to provide customized products, communications and targeted advertising, as well as product recommendations.
– To share information and to manage your site registration and / or subscribing to our electronic bulletin (Newsletter) or other communications;
– To authenticate the identity of people who contact us by phone, electronic means or other methods;
– We allow you to create a user account on our website and use the information you provide us to manage this account; through this account, we allow you to purchase our services and register your business on the site, manage your wishlist and settings of your account.
– You need to be at least 16 years old to create a user account on our site.
HOW IS PERSONAL DATA COLLECTED
We can collect personal data from a variety of sources such as:
– accessing the site https://www.romanian-journeys.com;
– subscribing to our newsletter;
– creating a user account on the site;
– registering a business on the site;
– making a direct contract with us;
– if you contact us by phone, email or face to face.
LEGAL GROUNDS FOR LAWFUL PROCESSING OF PERSONAL DATA
Sustainable Journeys Concept SRL will inform you before processing your personal data for purposes other than those for which they have been disclosed to us.
As our customer and / or user of www.romanian-journeys.com, based on your agreement or terms and conditions accepted by you, we will process your personal data that you have provided to us, such as and any other data necessary for us to be able to provide you with our services, in accordance with the contractual and legal provisions of Romania.
The execution of the contract concluded with you is the legal basis for the processing of your personal data for the following purposes: providing our services, communicating with you, and dealing with customer service.
We may use your data for our legitimate interests in order to provide you with the best and appropriate content of our website, emails and newsletters, to improve and promote our services and the content of our website and for legal purposes.
If you have purchased a service from https://www.romanian-journeys.com, we will subscribe to our newsletter for related services, as per Romanian law. You can always change your option to receive these newsletters either when you purchase the service or by clicking on the “unsubscribe” button at the end of each newsletter or by sending us an email with the text “Unsubscribe” to the firstname.lastname@example.org.
We use your personal information based on your specific consent to subscribe to our newsletter on our site and services. You can withdraw your consent at any time by clicking the unsubscribe button at the end of each newsletter received by email or by sending an email with the text “Unsubscribe” to email@example.com.
We also rely on your consent when creating your user account on our site. You may withdraw this consent by deleting your account at any time.
DISTRIBUTION OF PERSONAL DATA
The Company will not provide (by selling or renting) personal data to users of other legal entities, individuals or third parties.
However, there is the possibility to pass some of your information to third parties when this is necessary for the purposes of data processing, such as the following:
-the providers of payment service for the services purchased from our site, necessary for providing such services. These personal data would be your name and email address, home address, payment details, and other relevant information. These will be strictly used to provide this service, as established by business partners.
– authorized data processors and service providers for the purpose of providing us with data processing services (acting as authorized data processors). Examples of authorized data processors could include billing and implementation partners, data analysis providers who process information on our behalf for the purposes described above. For example, we may use third-party services to personalize content, send mail and email, provide marketing assistance, process credit card payments, Services. Our service providers must process data only in accordance with our instructions, in accordance with this policy and are subject to the appropriate confidentiality and security obligations.
-It is possible that we might disclose personal data to law enforcement institutions, to the extent that this is required by law or is strictly necessary for the prevention, detection or prosecution of criminal offenses and fraud or if we are otherwise required by law to do that. We may have to disclose personal data to the Competent Authorities in order to protect us and defend our rights or property or the rights and assets of our business partners.
In certain specific situations, it is possible to ask for your consent to transmit to third parties your personal data. In this case you will be informed and the data transmission will not be made by us onlu after we obtain your consent.
PERSONS EMPOWERED TO PROCESS PERSONAL DATA
For personal data processing, we can use personally empowered personal data processors, such as IT vendors required for business management, including accounting solutions, and contract management solution providers. We will conclude agreements for the processing of personal data with all persons empowered to process personal data that will include appropriate clauses to ensure that they assume the obligation to process personal data (including the obligation to delete them) in full agreement with the applicable laws, and provide adequate protection for your personal data.
DURATION OF STORAGE
Technical and organizational measures have been implemented to organize the process and the criteria presented for deleting your personal data.
Your personal data will be kept in a form that permits identification for a period that is sufficient for the purposes for which the personal data are processed; personal data may be stored for longer periods to the extent that it will be processed solely for purposes of archiving in the public interest for scientific or historical research or statistical purposes in accordance with the GDPR law, subject to the implementation of the techniques and measures required by this Regulation to protect your rights and freedoms.
Your personal data will be deleted when they are no longer reasonably required for the authorized purposes or when you withdraw your consent (where applicable) and it is no longer legally necessary for us to still store this data.
However, we will retain your personal data where necessary for us to support you or to defend you against any legal claims by the end of the relevant period of storage or until the claims in question were solved.
We will actively review the personal data that we own and we will safely delete them, or in some cases we will anonymize them, when no legal necessity, business or consumer is needed.
SECURITY OF PERSONAL DATA
Sustainable Journeys Concept Ltd. takes the security of your personal data seriously and we make every effort to secure them against threats. For this we have ensured that they are protected by an adequate IT infrastructure and security measures.
If we find any violation of personal data, we will inform the National Supervisory Authority for Personal Data Processing.
You have the following rights regarding the processing of your personal data under the conditions provided the law:
1. The right to be informed. You have the right to be informed of the data collected, how it is used, how long it will be stored and whether it will be communicated to other third parties.
2. The right to rectification. You have the right to ask us to rectify your personal data. If you would like to do so, please contact us.
3. The right to delete data (the “right to be forgotten”). You have the right to ask us to delete your personal data. For this, please contact us to take reasonable steps to respond to your request in accordance with legal requirements. If the personal data we collect is no longer required for any purpose and we do not need to keep it, we will do our best to erase, destroy or definitively disable it.
4. Right to restrict processing. In certain situations, you have the right to request that you restrict the processing of your personal data.
5. The right to data portability. You have the right to receive the personal data which regards you and which you have provided us, in a structured, commonly used and readable form, and you are entitled to transmit this data to another operator without any obstacles on our part, where: (a) the processing is based on consent; (b) processing is carried out by automatic means.
6. The right to withdraw your consent. You have the right to withdraw your consent at any time regarding the processing of your personal data by us. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. We will stop processing the data unless there are legitimate and compelling reasons that justify processing and that prevail over the person’s interests, rights and freedoms, or that the purpose is to establish, exercise or defend a right in court.
7. Individual automated decision-making process, including profile creation. With a few exceptions, you have the right not to be the subject of a decision based solely on automatic processing, including the creation of profiles, which produce legal effects concerning or affecting you in a similar way to a significant extent. You are entitled to have your personal data processed with human involvement. If you wish to exercise any of the rights mentioned above, please contact us at firstname.lastname@example.org
We will review each request and you will be informed of the action taken in the shortest time possible, within one month. If we will need more information from you or if we encounter difficulties in solving your request, you will be informed that we need more time to conduct a proper analysis of your application.
If you believe that we have not been able to resolve all your claims or if you are not satisfied with our responses, you may file a petition with the National Supervisory Authority for Personal Data Processing. You can also appeal to the courts.
AMENDMENTS TO THE PERSONAL DATA PROTECTION POLICY
We will review this policy from time to time to provide better protection for your personal rights and data, and we will publish the new version here, of course, replacing the current version.
By continuing to access or use our site, https://www.romanian-journeys.com, after these changes become effective, you are agreeing to the revised policy.
If you have questions about your personal data and their processing please do not hesitate to contact us.