The processing of personal data belonging to the clients is done in accordance with the provisions of the Regulation no. 679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), and the clients benefit from the rights provided for in Chapter III: The rights of the data subject, namely: access to his / her personal data, rectification or erasure thereof, restriction of the processing or the right to oppose processing, as well as the right to portability of the data, subject to the provisions that constitute the legal basis for the processing data.
In case the client considers that his rights provided in Regulation no. 679/2015 has been violated, he has the right to file a complaint with the National Authority for the Supervision of Personal Data (www.dataprotection.ro).
The Personal Data Processing Policy describes the categories of personal data we process, the ways and purposes for which we collect, the circumstances in which we transfer personal data, and your rights and options to that effect.
The operator in relation to your personal data is Hotel Rogge, based in I.L. Caragiale nr. 12 RO Resita, 320068, Romania.
Any processing of your personal data will be processed on the basis of one of the legal bases below:
We may use your personal data for the following purposes:
We may disclose your personal data to other service providers with which we work together to provide services (in case of overbooking we have the obligation to resolve your accommodation in another accommodation structure), collaborators (accountant, lawyer, IT ), as well as other public authorities, entities designated by you (which may be our client or a third party involved), or other entities with which Rogge collaborates (such as: the insurer in case of damage / damage caused by fault you, etc.).
Hotel Rogge processes the following personal data belonging to clients:
|No crt||Category of people||The purpose of processing||Legal subject||Entities to which they may be sent in accordance with legal requirements||Maximum storage period|
|1||Personal details: name, address, personal email, phone, birth date, arrival and departure check-lists, check-in lists||Client administration||Compliance with legal obligations, performance of contract||Police||5 years|
|2||Identity card details: IC, passport, arrival and departure checklist, accommodation lists||Client administration||Compliance with legal obligations, performance of contract||Police||5 years|
|3||Financial details: bank account, card-database number||Client administration||Contract execution||–||5 years|
|4||Personal details: name, address, personal email, phone, birth-contract date||Client administration||Contract execution||–||5 years|
|5||Identity card details: ID, passport, civil status documents – Contract||Client administration||Contract execution||–||5 years|
|6||Financial details: bank account, card-contract number||Client administration||Contract execution||–||5 years|
|7||Video images provided by the video surveillance system||CCTV monitoring||The legitimate interest of the operator (ensuring physical security), Law 333/2003||Police||30 days|
|8||Personal details: name, address, personal email, phone, date of birth: questionnaire||Client administration||The legitimate interest of the operator (marketing)||–||5 years|