PROTECTION OF PERSONAL DATA
COMMITMENT OF CONFIDENTIALITY
1. HOTEL ORIZONT LTD COMPANY is the holder of the “RAMADA” license for the operation of RAMADA IASI CITY CENTER
HOTEL ORIZONT LTD, with premises in Iasi, Grigore Ureche street, is the owner of the website www.ramadaiasi.ro (further “Hotel Ramada Iași”)
As part of our commitment to your data security and security rights, we use security methods and technologies along with employee policies and work procedures, including controls, to protect personal data collected in accordance with the law in force
We take all necessary steps to process your personal data in accordance with the principles established by the applicable data protection legislation in Romania, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals, as regards the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (“GDPR”).
Processing of personal data by Hotel Ramada Iași means any operation or set of operations that is performed on personal data by automatic or non-automatic means such as the collection, recording, organization, storage, adaptation or modification, extraction, consultation, use, disclosure to third parties by transmission, dissemination or in any other way, joining or combining, blocking, deleting or destroying.
Hotel Ramada Iasi uses various technical and organizational measures to ensure the security of your personal data against accidental or intentional manipulation, loss, destruction or unauthorized access by unauthorized persons.
We make reasonable, commercially justified efforts to protect your collected personal data, analyze new technologies in the field, and apply them where necessary to upgrade security systems. The hardware and software infrastructure used is periodically analyzed from a security point of view.
2. PROTECTION POLICY OF PERSONAL DATA DESCRIBES:
- The categories of personal data that we collect and process;
- How we collect personal data;
- The purposes and basis of processing your personal data;
- To whom can we transmit this data.
- The storage period for processing;
- Your rights and how you can exercise them;
2.1. Categories of targeted personal data
“Personal Data” means any information about an identified or identifiable natural person; an identifiable individual is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific elements, of his physical, physiological, genetic, psychic, economic, cultural or social identity.
Personal data, The personal data provided by HOTEL RAMADA IAŞI represent any information regarding the visitors and guests of Hotel Ramada Iasi, whose data are provided by them for reservation and accommodation within the hotel, in order to book the spaces for the organization of events (conferences, trainings, family events, etc.) that are present on the documents provided by guests and visitors as well as the data of any user of the www.ramadaiasi.ro website who understands to send us this data and includes:
- Contact details (name, surname, email address, phone number, postal address);
- Demographics (date and place of birth, gender, postal address, anniversaries and special occasions, language preference, nationality);
- Account login data (username and password);
- Financial data and information: Credit and debit card number or other payment data
- Financial information in limited circumstances
- Customer service information (requests, petitions,);
- Posting information (comments, questions, reviews);
- Technical information (IP address, the device used to visit the site);
- Information resulting from the audio recording of telephone conversations (content and metadata);
- Video images as a result of visiting our headquarters;
- Data about online behavior and your preferences: your IP address of your mobile device and / or your computer, the pages you visit on our site;
- Data about your interests and needs: for example, when you fill out an opinion poll or call our customer service center, hobbies, choices and services for food and beverages, the services and facilities you are advising or learning about during your visit;
- Sensitive data. The term “sensitive data” refers to racial or ethnic origin, political opinions, religious confession or philosophical beliefs or membership of trade unions and the processing of genetic data, biometric data, data on health or data on sexual life or sexual orientation.
Generally, we do not collect sensitive information unless you want to give us. We can use the health data provided by you to provide better services and meet your special needs (eg preparing food excluding foods to which you are allergic and / or providing access for disabled people).
- Other data: serial number and identity card number, visa or other identification data issued by the authorities; Membership or loyalty program data (including co-branded cards, affiliation to travel partner program – if applicable); Employer details; Travel itinerary, tour group or Prior guest stays or interactions, goods and services purchased, special service and amenity requests; geolocation information; Social media account ID, profile photo and other data publicly available, or data made available by linking your social media and loyalty accounts
- Personal data of minors. We protect the confidentiality of data from children under 16. If you are under the age of 16, you must obtain the consent or authorization of the parent or guardian responsible for any provision of personal data
If you send any personal data about others to us or our service providers (for example, if you make a reservation for another person), you declare that you have the authority to do so and that you allow us to use the data in accordance with this Statement of confidentiality.
You can always choose which personal data you want to provide us. However, if you choose not to provide certain personal data, if the basis of our request is compliance with a legal obligation, contractual obligations or obligations to conclude a contract, we may be unable to provide you certain services, for example :
(i) if you do not want to give us your name, surname, email address or phone number, if you wish to make a reservation, we will not be able to make the reservation or
(ii) given that in the arrival and departure notice that you will fill in when you arrive at our hotel you will need to enter certain statutory personal data and if you do not want to fill in those mandatory fields, we will not be able to visit you at the hotel.
2.2. How we collect personal data
We collect Personal Data in a variety of ways::
- Through online services. We collect Personal Data when you make a reservation, purchase goods and services from our Websites or Apps, communicate with us, or otherwise connect with us or post to social media pages, or sign up for a newsletter or participate in a survey, contest or promotional offer.
- Property Visits and Offline Interactions. We collect Personal Data when you visit our properties or use on-property services and outlets, such as restaurants, concierge services, health clubs, child care services, and spas. We also collect Personal Data when you attend promotional events that we host or in which we participate, or when you provide your Personal Data to facilitate an event.
- Customer care centers. We collect Personal Data when you make a reservation over the phone, communicate with us by email, fax or via online chat services or contact customer service. These communications may be recorded for purposes of quality assurance and training.
- Owners and Franchisees. We collect Personal Data from Owners of Ramada branded properties that we manage or in relation to those for which they were collected
- Internet-Connected Devices. We collect Personal Data from internet-connected devices available in our properties. Simply accessing our site / network will not lead to the collection of your personal data unless you voluntarily enter certain data (for example, online reservations, vacancies, certain requests / requests, etc.). However, we collect the time and date of accessing the Internet site and the IP address from which our website was accessed.
- Business Partners: such as travel agencies, partner card issuers, social networking services that are consistent with your own settings for these services, or other third-party sources that are legally authorized to send us your data.
Co-sponsors of the promotions: in some cases, we co-sponsor promotions, lotteries, raffles, competitions or contests with other companies, or we can provide prizes for lotteries and competitions sponsored by other companies. If you participate in these lotteries or contests, we may collect your personal data from the collaborating sponsor or from a third party sponsor.
In any case, we ensure that your data collected from third parties will be processed under the same conditions as if it were collected directly from you. We will also collect only what is necessary for our purposes. (see section “The purpose of collecting personal data by HOTEL RAMADA IAŞI.”).
Additionally, when we first contact you, we will let you know, first of all, the source from which we obtained your personal data.
2.3 The purpose and basis of the processing of personal data by HOTEL RAMADA IAŞI
We use Personal Data and Other Data to provide you with Services, to develop new offerings and to protect the Ramada Hotel and our guests as detailed below. In some instances, we will request that you provide Personal Data or Other Data to us directly. If you do not provide the data that we request, or prohibit us from collecting such data, we may not be able to provide the requested Services.
2.3.1 We use Personal Data and Other Data for our legitimate business interests, including the following:
- Provide the Services you request. We use Personal Data and Other Data to provide Services you request, including::
- To facilitate reservations, payment, send administrative information, confirmations or pre-arrival messages, to assist you with meetings and events and to provide you with other information about the area and the property at which you are scheduled to visit
- To complete your reservation and stay, for example, to process your payment, ensure that your room is available and provide you with related customer service
- To support our electronic receipt program. When you provide an email address in making a reservation, we use that email address to send you a copy of your bill. If you make a reservation for another person using your email address, that person’s bill will be emailed to you, as well. You can opt out of receiving your bill via email and instead receive a paper copy by contacting the front desk.
- We will use Personal Data and Other Data to manage our contractual relationship with you, because we have a legitimate interest to do so and/or to comply with a legal obligation.
2.3.2. Personalize the Services according to your Personal Preferences. We use Personal Data and Other Data to personalize the Services and improve your experiences, including when you contact our call center, visit one of our properties or use the Online Services, to customize your experience according to your Personal Preferences and to present offers tailored to your Personal Preferences
We will use Personal Data and Other Data to provide personalized Services according to your Personal Preferences either with your consent or because we have a legitimate interest to do so.
2.3.3. Communicate with you about goods and services according to your Personal Preferences. We use Personal Data and Other Data to send you marketing communications and promotional offers, as well as periodic customer satisfaction, market research or quality assurance surveys
We will use Personal Data and Other Data to communicate with you with your consent, to manage our contractual relationship with you and/or because we have a legitimate interest to do so. We will use Personal Data and Other Data to communicate with you with your consent, to manage our contractual relationship with you and/or because we have a legitimate interest to do so.
2.3.4. Loyalty Programs. We use Personal Data and Other Data to offer and manage your participation in our global loyalty programs, as well as others that are specific to certain properties or tailored to your interests and to send you offers, promotions and information about your account status and activities
We will use Personal Data and Other Data in this way with your consent, to manage our contractual relationship with you and/or because we have a legitimate interest to do so.
2.3.5. Activities, events and promotions. We use Personal Data and Other Data to allow you to participate in sweepstakes, contests and other promotions and to administer these activities. Some of these activities have additional rules and may contain additional information about how we use and disclose your Personal Data. We suggest that you read any such rules carefully
We use Personal Data and Other Data in this way with your consent, to manage our contractual relationship with you and/or because we have a legitimate interest to do so.
2.3.6. Business Purposes. We use Personal Data and Other Data for data analysis, audits, security and fraud monitoring and prevention (including with the use of closed circuit television, card keys, and other security systems), developing new goods and services, enhancing, improving or modifying our Services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
We use Personal Data and Other Data in this way to manage our contractual relationship with you, comply with a legal obligation and/or because we have a legitimate interest to do so
2.4 Recipients of processed personal data
In order to provide you with high quality services, we may transmit your personal information to our service providers and other third parties, as detailed below:
2.4.1. Suppliers: In order to provide the requested services, in some cases we will have to pass some of your personal data to the providers, and they will be empowered and process the data on our behalf and in accordance with our instructions (such as software vendors, IT, accounting services, medical services).
2.4.2. Ramada members: for similar purposes or in connection with those for which they were collected.
2.4.3. Group Events or Meetings: if you visit the Ramada Iasi Hotel as part of a group or conference, the information required for meeting and event planning can be shared with the organizers of these meetings and events and, if applicable, with the guests who are organizing or attending the meeting or event.
2.4.4. Business partners: in some cases, we associate with other companies to provide you with products, services or offers. For example, we can arrange for you to rent a car or purchase tours.
2.4.5. Co-sponsors of the promotions: in some cases, we sponsor promotions, lotteries, raffles, competitions or contests with other companies, or we can provide prizes for lotteries and competitions sponsored by other companies. If you participate in these lotteries or contests, we may transmit your personal data to the sponsor sponsor or a third party sponsor.
2.4.6. Public authorities and / or institutions for:
(i) compliance with legal provisions,
(ii) to respond to their requests,
(iii) for reasons of public interest (eg national security). For example, according to the regulation, every hotel unit is obliged to send daily the arrival and departure notification sheets for each client.
a) Privacy of your data is important to us and therefore, wherever possible, the transmission of personal data in accordance with the foregoing is done only on the basis of a confidentiality commitment on the part of the recipients, guaranteeing that the data is retained in and that this information is provided in accordance with applicable law and applicable policies. In any case, we will always send to the recipients only the information strictly necessary to achieve that purpose.
2.5. Length of data processing
Your personal data is retained throughout the period of achievement of the purposes detailed in this policy if a longer period of retention is not required or permitted by applicable law (for example, surveillance camera records will not be stored for more than 30 days).
We constantly review the need to keep your personal data, and to the extent that processing is no longer required and there is no obligation to retain the data, we will destroy your personal information as soon as possible and in a way that it can not be recovered or reconstituted (for example, we will delete / destroy all data of people who have not been engaged in interviews unless there is a serious prospect of future employment).
If personal information is printed on paper, it will be destroyed in a safe way through a shredder, and if it is stored on electronic media, it will be erased by technical means to ensure that the information can no longer be recovered, or subsequently reconstituted.
You have options when it comes to the way we use your data and want to make sure you have the information you need to make the right choices for you.
If you no longer want to receive marketing emails, you can turn off by visiting our unsubscribe page at firstname.lastname@example.org or by following the instructions from any email you receive from us..
In addition, members of our loyalty programs may drop their marketing emails through their program account or by sending an email to email@example.com.
We will try to comply with your request as soon as possible. If you opt out of receiving marketing emails from us, we may still send you important administrative messages from which you can not give up.
2.6 Rights of the data subject regarding the processing of personal data
The processing of personal data is made by HOTEL RAMADA IASI in accordance with the applicable law, including the EU Regulation on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data (“EU Regulation 2016 / 679 “), as well as any norms, regulations, orders and standards as may be amended periodically.
a) The data access right – you have the right to be informed about the collection and use of their personal data and the right to access your personal data; you also have the right to get a copy of your personal data we have
b) The right to rectification you can ask to have inaccurate personal data rectified, or completed if it is incomplete
c) The right to erasure ( ‘the right to be forgotten’) – you when the data was collected illegally, the deadline for storing data expired, you exercised the right to object, or the data processing was done on the basis of consent and you withdrew your consent, you may ask us to delete the personal data we have about you
d) Right to restrict processing: you have the right to request the restriction or suppression of their personal data; this is not an absolute right and only applies in certain circumstances. When processing is restricted, your personal data can be store, but not used
e) Right to portability: you have the right to receive personal data in a structured way, commonly used in a readable format, as well as the right that these data be transmitted by HOTEL RAMADA IASI to another data operator, to the extent that the legal conditions are fulfilled ;
f) Right to object : In certain circumstances, you may request that we no longer process your data. If we use your personal data based on your consent, you may withdraw this consent at any time. In this situation, your data will no longer be processed by us, unless a legal provision obliges us to keep and archive it. In any case, we will let you know if there is such a legal provision and we will indicate it expressly.
g) Rights related to automated decision making including profiling- the right to request and obtain the withdrawal, cancellation or reassessment of any decision based solely on automated processing (including the creation of profiles) that produces legal effects or similarly affects the data subjects to a significant extent;
h) Right to address the justice or national supervisory authority in the processing of personal data – the right to complain to the National Supervisory Authority for Personal Data Processing or to address the courts for the protection of any rights guaranteed by the applicable law in the field of personal data protection that have been infringed.
For the exercise of these rights, the data subject may submit a written, dated and signed application, sent to the email address firstname.lastname@example.org Also, the client / user has the right to appeal to the competent courts.
Based on a written, dated, signed and dispatched application at: Iasi, Grigore Ureche Street, No.27, you can exercise the right of intervention on the data for, as the case may be:
- correcting, updating, blocking or deleting data whose processing is not in compliance with legal provisions, especially incomplete or inaccurate data;
- the transformation into anonymous data of data whose processing does not comply with the applicable legislation;
- notifying third parties to whom the data have been disclosed if such notification is not impossible or does not involve a disproportionate effort in relation to the legitimate interest which might be harmed.
3. SECURITY OF DATA.
We treat your personal security seriously, so we take important security measures necessary to protect against unauthorized access to data or unauthorized modification, disclosure or destruction. This requires internal review of data collection, storage and processing practices and security measures, as well as physical security measures to protect against unauthorized access to systems where we store personal data.
We also require our service providers and business partners to take all necessary measures to protect against unauthorized access to data or unauthorized modification, disclosure or destruction..
4. LINKS TO OTHER WEBSITES
5. CHANGES OF POLICY
To help you track the most important changes, we will include a change history below to recognize the changes made to this policy.
last update 25th of May, 2018