Privacy Policy
SAMOS TOURISM SRL
PRIVACY POLICY
This Privacy Policy defines how we, SAMOS TURISM SRL, collect, store and use your personal data when you access or interact with our website https://www.sammos.ro/, and where we obtain or collect the data. you.
This Privacy Policy is applicable from 25.05.2018.
Content
1. Summary
2. Details about our company
3. What information do we collect when you visit our website
4. What information do we collect when you contact us
5. What information do we collect when you interact with our website
6. How we collect information about you from third parties
7. Disclosure and additional use of your data
8. How long to store your data
9. Securing your information
10. Transfer of your data outside the European Economic Area
11. Your rights to personal data
12. Your right to object to the processing of data for certain purposes
13. Sensitive personal data
14. Changes to our privacy policy
15. Juvenile privacy
1. Summary
This section summarizes how we obtain, store, and use your data. This summary is intended only to provide an overview of our privacy policy. This section is not a complete description and it is necessary to read the additional chapters in this document for additions.
Data operator: SAMOS TURISM SRL
How we collect or obtain information about you:
When you provide that data (eg by contacting us)
When you access our site, some data is collected through cookies and other similar technologies
The following personal data is collected on our site: name, e-mail address, telephone number, IP number, information in cookies, information about the device used (for example the type of device and web browser), information about how you use our website (what pages you accessed), the date / time you accessed our website and what you clicked on, the geographical location from which you accessed our website (based on IP address).
How we use your data: for business and administrative purposes (especially to contact you), to improve our business and website, to fulfill our contractual obligations, to promote our goods and services, to analyze your use of our site, and in connection with our legal rights and obligations.
Disclosure of user data to third parties: the minimum necessary for the operation of the business, suppliers, compliance with legal obligations and compliance with any contractual obligation to you.
Is user data sold to third parties? (in cases other than the sale or purchase of the business / company): No.
How long your information is stored: no longer than necessary, depending on our legal obligations (eg to maintain accounting records), or any other legal basis for the use of the information (eg consent, contractual obligations, legitimate interests) and certain additional factors described in the main section entitled Duration of your data storage.
How your data is secured: by using technical and organizational solutions such as: storing information on secure servers and allowing access to your personal data only when necessary.
Use of cookies and similar technologies: We use cookies and similar information collection technologies, including essential, functional, analytical and targeting cookies.
Transfer of your personal data outside the European Economic Area: in certain circumstances we transfer your information outside the European Economic Area. When we do this, we will make sure that there are adequate protection measures in place.
Use of automatic decision-making and profiling processes: we do not use automatic decision-making or profiling processes.
Your rights in connection with your personal data
you have the right to access your data and receive information about its use
you have the right to request the correction and / or completion of the information
you have the right to request the deletion of data
you have the right to restrict the use of data
you have the right to receive the data in a portable format
you have the right to object to the processing of your data.
you have the right to withdraw your consent for the processing of your data.
you have the right not to be subject to a significant decision about you solely on the basis of automatic processing of your data, including profiling
you have the right to appeal to the supervisory authority (www.dataprotection.ro)
Sensitive personal information: We do not intend to collect what is commonly referred to as “sensitive personal data”. Please do not send sensitive personal information about yourself. For more information, see the main section entitled “Sensitive Personal Information”.
2. Our details
The data operator regarding our website is: SAMOS TURISM SRL, Nr. Reg. Com. J13 / 1324/2013, C.U.I. 31753025, headquartered in Str. Salciei, Nr.6, Room 1, Navodari County: Constanta, Romania.
You can contact the data operator by writing to the address of the headquarters or by e-mail to recepie@sammos.ro.
If you have any questions about this privacy policy, please contact your data controller.
3. What information do we collect when you visit our website
We collect and use information from website visitors in accordance with this section and the section entitled Disclosure and Additional Uses of Your Data.
Web server log information
We use a third party server to host our website called mxhost.ro. Our website server automatically records the IP address you use to access our website, as well as other information about your visit, such as accessed pages, requested information, date and time of request, source of access to the website. our (for example, the website or URL (link) that referred you to our site) and the browser and operating system version.
Our server is located in Romania.
Use of information from website server logs for IT security purposes
We and our provider collect and store server logs to ensure the security of the IT network. This includes analyzing log files to help identify and prevent unauthorized access to our network, distributing malicious code, predicting DDOS and other cyber attacks by detecting unusual or suspicious activity.
We do not and do not allow our provider to make any attempt to identify you based on the information collected through the server logs.
Legal basis for processing: compliance with the legal obligations to which we are subject (Article 6 (1) (c) of the General Data Protection Regulation).
Legal obligation: Registering access to our website using server log files is a technical measure to ensure an adequate level of security to protect the information collected from our website in accordance with Article 32 (1). of the General Data Protection Regulation.
Use the information in the website server history to analyze the use of the site and to improve our website
We use the information collected from our server log to analyze how users of our site interact with our website and its features. For example, we analyze the number of unique visits and visitors we receive, the time and date of the visit, the location of the visit, and the operating system and browser used.
We use the information collected from the analysis of this data to improve our website. For example, we use the information we collect to change the information, content and structure of our website and individual pages, depending on what attracts most users and the length of time spent on certain pages on our site.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: improving our site for our site users and knowing the preferences of site users so that our site can better meet their needs and desires.
Cookies and similar technologies
Cookies are data files that are sent from a website to a browser to record information about users for various purposes.
We use cookies and similar technologies on our website, including essential, functional, analytical and targeting cookies and web beacons.
You can reject some or all of the cookies we use on our website by changing your browser settings, but by rejecting them you can affect the operation of the website or some features of the website. For more information about cookies, including changing your browser settings, visit www.allaboutcookies.org.
4. The information we collect when you contact us
We collect and use information from people who contact us in accordance with this section and the section entitled Disclosure and Additional Uses of Your Information.
When you send a message to the email address displayed on our site, we collect your email address and any other information you provide in that email (such as your name, your email number). phone and the information contained in any signature block in the email).
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to answer the questions and messages we receive and to keep track of correspondence.
Legal basis for the processing: it is necessary to perform a contract or to start the process of hiring a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to perform a contract: if your message is about providing goods or services or taking action at your request before providing you with our goods and services (for example, providing information about such goods and services); we will process your information to do so)
Transferring and storing your information
We use a third-party email provider to store the emails you send us. Our email provider is Yahoo mail. The emails you send us will be stored on Yahoo servers.
Contact form
When you contact us using the contact form, we collect your first and last name, email address and phone number.
If you do not provide the required information required by the contact form, you will not be able to submit the contact form and we will not receive your request.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to answer the questions and messages we receive and to keep track of correspondence.
Legal basis for the processing: it is necessary to perform a contract or to start the process of contracting at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to perform a contract: if your message is about providing goods or services or taking action at your request before providing you with our goods and services (for example, providing information about such goods or services). goods and services); we will process your information to do so).
Phone
When you contact us by phone, we collect your phone number and any information you provide to us during the conversation with us. We do not record phone calls.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)
Legitimate interest: to answer the questions and messages we receive and to keep track of correspondence.
Legal basis for the processing: it is necessary to perform a contract or to start the process of hiring a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to perform a contract: if your message is about providing goods or services or taking action at your request before providing you with our goods and services (for example, providing information about such goods or services). goods and services); we will process your information to do so).
Transfer and store your information
Your call information, such as your phone number, date and time of your call, is processed by our telephone service provider. Your call information will be stored by our telephone service provider in the European Economic Area.
Post
If you contact us by mail, we will collect all information you provide to us in any postal communications you send us.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)
Legitimate interest: to answer the questions and messages we receive and to keep track of correspondence.
Legal basis for the processing: it is necessary to perform a contract or to start the process of hiring a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to perform a contract: if your message is about providing goods or services or taking action at your request before providing you with our goods and services (for example, providing information about such goods or services). goods and services); we will process your information to do so).
5. The information we collect when you interact with our site
We collect and use data from people who interact with certain features of our website, in accordance with the section entitled Disclosure and Additional Uses of Your Information.
6. Information collected or obtained from third parties
This section sets out how we obtain or collect information about you through third parties.
Information received from third parties
We do not receive information about you from third parties.
If we receive information about you by mistake
If we mistakenly receive information about you from a third party and / or do not have a legal basis for the processing of this information, we will delete your information.
Information obtained by us from third parties
In certain circumstances (for example, to verify the information we hold about you or to obtain the missing information we need to provide you with a service), we will obtain data about you from certain publicly available sources, both from EU and non-EU, such as online databases, media publications, social media, and websites (including your website, if you have one).
Legal basis for the processing: it is necessary to perform a contract or take action at your request to conclude a contract (Article 6 (1) (b) of the General Data Protection Regulation).
Why it is required to enter into a contract: If you have entered into a contract or have requested to enter into a contract with you in certain circumstances, we will obtain information about you from public sources to enable us to understand your business and provide services to a standard sufficient for you
For example, we will obtain and / or verify your email address from your website if you ask us to send you email information and we do not have or need confirmation of your email address.
Legal basis for processing: our legitimate interests (Article 6 (1) (b) of the General Data Protection Regulation).
Legitimate interests: In certain circumstances, we will have a legitimate interest in obtaining information about you from public and private sources. For example, if you have violated or suspect that you have violated any of our legal rights, we will have a legitimate interest in obtaining and processing information about you from these sources to investigate and prosecute any suspected or potential violations.
7. Disclosure and additional use of your data
This section sets out the circumstances in which we will disclose your data to third parties and any other additional purposes for which we use your data.
Disclosing your information to service providers
We use a number of third parties to provide us with services that are necessary to run our business or to help us run our business and that process your information for us on our behalf. These include the following:
IT MANAGER: EAGENCY DESIGN SRL, headquartered in Str. Avram Iancu, Nr.12, Bl.23, Sc.D, Et.P, Ap.63, Targoviste, Jud. Dambovita.
SERVER SERVICES: mxhost.ro
SOCIAL MEDIA PLATFORMS: FACEBOOK, INSTAGRAM
COMMUNICATE: FACEBOOK MESSENGER, GOOGLE
STATISTICS AND ANALYTICAL SERVICES: GOOGLE ANALITICS, FACEBOOK PIXEL
MAIL SERVICES: G-MAIL
BOOKING SERVICES: BOOKING
Your information will be shared with these service providers, where necessary to provide you with the service you have requested, whether this request is for accessing our site or ordering goods and services from us.
Legal basis for processing: legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest based on: if we share your information with these third parties in a context other than if it is necessary to perform a contract (or following your request to do so), we will share it with you. information with such third parties to enable us to conduct and effectively manage our business.
Legal basis for the processing: it is necessary to perform a contract or take action at your request to conclude a contract (Article 6 (1) (b) of the General Data Protection Regulation).
Reason needed to perform a contract: We may share information with our service providers to enable us to fulfill our obligations under that contract or to take the steps you requested before entering into a contract with us. you.
Disclosure of your information to third parties
We disclose your information to third parties under certain circumstances, as shown below.
Providing information to third parties, such as Google Inc. and Facebook Pixel. Google collects information through our use of Google Analytics on our website. Google uses this information, including IP addresses and cookie information, for various purposes, such as improving Google Analytics. The information is shared with Google on an aggregated and anonymous basis. To learn more about what information Google collects, how it uses that information, and how to control the information sent to Google, visit https://www.google.com/policies/privacy/partners/].
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interests: fulfilling contractual obligations to Google under the Google Analytics Terms and Conditions (https://www.google.com/analytics/terms/us.html)
You can opt out of Google Analytics by installing the browser plugin here: https://tools.google.com/dlpage/gaoptout
Sharing your information with third parties, which are either related to or associated with the operation of our business, if necessary for us. These third parties include accountants, advisers, affiliates, business partners, independent contractors and insurers. Further information on each of these third parties is set out below.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: the efficient operation and management of our business.
We will disclose your information to a potential or actual buyer or seller in the context of a business sale or acquisition, merger or similar, actual or potential event.
Legal basis for processing: legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: we allow access to information with a potential buyer, seller or similar person to allow such a transaction.
Disclosure and use of your information for legal reasons
Indication of possible criminal acts or threats to public safety to a competent authority
If we suspect that criminal or potential behavior has taken place, we will need, in certain circumstances, to contact a competent authority, such as the police. This could be the case, for example, if we suspect that a fraud or cybercrime has been committed or if we receive malicious threats or communications to us or to third parties.
In general, we will only need to process your information for this purpose, if you have been involved or affected by such an incident in one way or another.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: prevention of crime or suspected criminal activity (such as fraud).
In connection with the application or potential application of our legal rights
We will use your information in connection with the implementation or potential enforcement of our legal rights, including, for example, the exchange of information with debt collection agencies, if you do not pay the amounts due when you are contractually obliged to do so. . Our legal rights may be contractual (if we have entered into a contract with you) or non-contractual (such as the legal rights we have under copyright or tort law).
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to impose our legal rights and take measures to ensure our legal rights.
In connection with a legal or potential legal dispute or procedure
We may need to use your information if we are involved in a dispute with you or a third party, for example, either to resolve the dispute or as part of mediation, arbitration or a court decision or similar process.
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: settlement of disputes and possible disputes.
For continuous compliance with laws, regulations and other legal requirements
We will use and process your information to comply with our legal obligations. For example, we may need to disclose your information based on a judgment or subpoena if we receive one.
Legal basis for processing: compliance with a legal obligation (Article 6 (1) (c) of the General Data Protection Regulation.
Legal obligation: legal obligations to disclose information that is part of Romanian law or if it has been integrated into Romania’s legal framework (for example in the form of an international agreement that Romania has signed).
Legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: if the legal obligations are part of the laws of another country and have not been integrated into the legal framework of Romania, we have a legitimate interest in complying with these obligations.
8. How long to store your data
This section sets how long we keep our data collected. We have set specific retention periods where possible. If this was not possible, we established the criteria we use to determine the retention period.
Retention periods
Correspondence: When you make a request or contact us for any reason, either by e-mail or through our contact form, or by telephone, we will retain your information for as long as we need to respond to resolve your request, after which we will delete your information
Criteria for establishing retention periods
In any other circumstances, we will keep your information only for as long as necessary, taking into account the following:
the purpose (s) and use of your information both now and in the future (for example, whether we need to continue to store that information in order to continue to fulfill our obligations under a contract with you or to contact you in the future) ;
if we have a legal obligation to continue processing your information (such as any obligations to keep records required by law or relevant regulations);
if we have any legal basis to continue processing the information (such as your consent);
how valuable your information is (both now and in the future);
any agreed industrial practices regarding the retention of information;
the levels of risk, cost and liability involved in continuing to hold the information;
how difficult it is to make sure that the information can be up-to-date and accurate; and
any relevant surrounding circumstances (such as the nature and status of our relationship with you)
9. Securing your information
We take appropriate technical and organizational measures to secure your information and to protect it against unauthorized or illegal use and accidental loss or destruction, including:
sharing and providing access to your data to the minimum necessary, subject to confidentiality restrictions, where appropriate and anonymously, whenever possible;
use of secure servers for storing information;
verifying the identity of any person requesting access to information before granting them access to information;
use the Secure Sockets Layer (SSL) standard to encrypt any information you send us through any forms on our website)
Sending information to us by e-mail
The transmission of information on the Internet is not entirely secure and if you send us information via the Internet (by e-mail, through our website or by any other means), you do so entirely at your own risk.
We cannot be liable for any expenses, loss of profits, damage to reputation, damages, debts or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.
10. Transfer of your data outside the European Economic Area
Your information may be transferred and stored outside the European Economic Area (EEA) under the conditions set out above. We will also transfer your information to you outside the EEA or to an international organization in order to comply with our legal obligations (for example, compliance with a court order). If we are obliged to do so, we will ensure that there are adequate protection measures in place and that protection is in place.
11. Your rights to personal data
Subject to certain restrictions on certain rights, you have the following rights in connection with your data which you may exercise by sending us an e-mail:
request access to your information and information regarding the use and processing of your information;
request correction or deletion of your data;
request a limitation on the use of your data;
receive the information you have provided to us in a structured, commonly used and readable format by a device (for example, a CSV file) and the right to transfer that information to another data controller (including a third party data controller);
object to the processing of your data for certain purposes (for more information, see the section below entitled “Your right to object to the processing of data for certain purposes”); and
withdraw your consent to the use of your data at any time we rely on your consent to use or process this information. Please note that if you withdraw your consent, this will not affect the legality of the use and processing of your data based on your consent before the time you withdraw your consent.
In accordance with Article 77 of the General Data Protection Regulation, you also have the right to lodge a complaint with a supervisory authority. For this purpose, in Romania, the supervisory authority is: www.dataprotection.ro.
Verify your identity if you request access to your information.
If you request access to your information, we are required by law to use all reasonable steps to verify your identity before doing so.
These measures are designed to protect your information and to reduce the risk of identity fraud, identity theft or unauthorized general access to your information.
How we verify your identity
If we have adequate information about you in the file, we will try to verify your identity using this information.
If we are unable to identify you based on this information, or if we do not have sufficient information about you, we may request copies or certificates of documents to verify your identity before we can give you access to your data.
We will be able to confirm the exact information we need to verify your identity in your specific circumstances if and when you make such a request.
12. Your right to object to the processing of data for certain purposes
You have the following rights regarding your data that you can exercise by sending an e-mail to recepie@sammos.ro:
object to our use or processing of information to perform a task in the public interest or in our legitimate interest, including “profiling” (analyzing or predicting your behavior based on your information); and
object to the use or processing of your data for direct marketing purposes (including any profile we involve in connection with this direct marketing).
You may also exercise your right to object to the use or processing of your data for direct marketing purposes:
by sending an e-mail to recepie@sammos.ro, asking us not to send marketing communications or by including the words “UNSUBSCRIBE”.
13. Sensitive personal data
“Sensitive personal data” means information about an individual that discloses racial or ethnic origin, political opinions, religious or philosophical beliefs or membership of a trade union, genetic information, biometric information for the purpose of uniquely identifying an individual, health information or information on the sexual life or sexual orientation of an individual.
We do not knowingly or intentionally collect sensitive personal information from individuals and you must not send us sensitive personal information.
However, if you inadvertently or intentionally provide us with sensitive personal information, you will be deemed to have given us explicit consent to the processing of sensitive personal information in accordance with Article 9 (2) (a) of the General Regulation on data protection. We will use and process your sensitive personal information for the purpose of deleting it.
14. Changes to our privacy policy
We regularly update and change our privacy policy.
Minor changes to our privacy policy
If we make minor changes to our privacy policy, we will update the Privacy Policy with a new effective date mentioned at the beginning. The processing of your information will be governed by the practices set out in the new version of the Privacy Policy from its effective date.
Major changes to our privacy policy or the purposes for which we process your information.
If we make major changes to our privacy policy or we intend to use your data for a new or different purpose from the purposes for which we originally collected it, we will notify you by posting an ad on our site. web.
We will provide you with information about the change in question and the purpose and any other relevant information before we use your information for the new purpose.
Whenever necessary, we will obtain your prior consent before using your information for any purpose other than for the purposes for which we originally collected it.
15. Juvenile privacy
Because we care about the safety and privacy of children online, we do not knowingly contact or collect information from people under the age of 18. The website is not intended to solicit information of any kind from persons under the age of 18.
We may receive information about persons under the age of 18 through fraud or deception by a third party. If we are notified of this, as soon as we verify the information, when required by law, we will immediately obtain the appropriate parental consent to use this information or, if we cannot obtain parental consent, we will delete the information from our servers. If you wish to notify us of the receipt of information about persons under the age of 18, please do so by sending an e-mail to recepie@sammos.ro.