Privacy policy – GDPR

The purpose of these terms and conditions is to explain to you what data we process, why we process it and what we do with it. We take privacy seriously and never sell lists or email addresses. We are aware that personal data belong to you, that’s why we make every effort to store it safely and process it carefully. We do not provide personal data to third parties without informing you.

All the pages of the Site are the property of S.C. CODRISOR TURISM S.R.L., with registered office in Bistrita, str. Codrisor no. 28, registered at the Trade Registry Office under no. J06/219/2020, tax registration code RO 42358145. In order for your data to be processed safely, we have made every effort to implement appropriate measures to protect the personal data that you transmit to us. We undertake to process your personal data in a responsible, transparent, secure manner, for legitimate purposes, to be mentioned in the content of this information, and to comply with the legislation on the protection of personal data in force. USAGE CONDITIONS
All users of the Website undertake to comply with these conditions for the use of the Website. By using, viewing, transmitting, retaining, storing and/or using the information and materials of the Site, the services or functions offered in or by the Website or the content of the Site, in any way, you agree to each of the terms and the conditions presented below.

SC CODRISOR TOURISM S.R.L. reserves the right to modify unilaterally and without any prior notification: the content, form of presentation and/or structure of the Site at any time, the changes made being considered to be accepted by you if you continue to use the Site after displaying the Terms and Conditions on the Site, after prior notification, visibly, regarding the fact that these Terms and Conditions have been updated.

You and S.C. CODRISOR TOURISM S.R.L. are independent contractors and no agency, partnership, employee-employer relationship is pursued and will not be created by using the Site. We, S.C CODRISOR TURISM S.R.L. undertake to process your personal data in a responsible, transparent, secure manner, for legitimate purposes, to be mentioned in the content of this information and to comply with the legislation regarding the protection of personal data in force.
The content of the privacy policy has been made in accordance with the legislation in force, has an informative role and does not affect your rights. Through this document we want to give you a clear image of how we process your personal data, and clear image of your rights.
To make our privacy policy easier to understand, you find below the most relevant terms, definitions according to EU Regulation 679/2016:

“Personal data” means any information about an identified or identifiable person (“data subject”);
An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identification element, such as a name, identification number, location data, an online identifier, or any other identification element specific to its physical, physiological, genetic, psychological, economic, cultural or social identity;
“Special categories of personal data” (sensitive data) are those data that reveal racial or ethnic origin, political opinions, religious confession or philosophical beliefs or membership in unions and the processing of genetic data, barometric data for the unique identification of a person physical data, health data or data on the sexual life or sexual orientation of a person;

“Processing” means any operation or set of operations performed on personal data or on personal data sets, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction;
“Consent” of the data subject means any manifestation of free, specific, informed and unambiguous will of the data subject by which it accepts, by a unequivocal statement or action, that his personal data should be processed;
“The supervisor institute for the processing of personal data” is an independent public authority which, according to the law, has duties regarding to the supervision of compliance with the legislation of the protection of personal data. In Romania, this supervisory authority for the processing of personal data is the National Supervisory Authority for the Processing of Personal Data (ANSPDCP).

The personal data we process through our website www.arthotel.ro, are those obtained through the contact form: Name, telephone number, e-mail address, and the message transmitted to us. Messages received from our guests will be stored for approximately 5-10 years, after which they will be deleted.

Personal data security: The processing of your personal data in a responsible and safe manner is our priority. For this reason, we have implemented technical and organizational measures to ensure the security of personal data, including: Limited access to our employees and staff for accesing personal data, implementing dedicated technical policies and measures, back-ups and audits, periodic security scans, encryption and anonymization. Although we take all reasonable steps to ensure the security of the personal data, we cannot guarantee the absence of any security breach or the impossibility of penetrating the security systems.
If an unfortunate event happens, we will follow the legal procedures for limiting the effects and informing our clients within maximum 48 hours from the moment of the incident, if any eventual breach can harm them.
As regards the processing of the personal data of the children, they must be at least 16 years old in order to give their consent, in the case of children under 16 years, the consent of the holder of the parental responsibility is required.
You have no obligation to provide us your personal data that we have mentioned in this document. However, if you do not give us the mentioned data, or you give us incorrect data, then it will be impossible for us to respond to your messages.