Privacy and GDPR Policy

In accordance with the principles outlined in Regulation 679EU, Law 190/2018, and subsequent legislation, Zen Apartments Brasov has adopted this Privacy Policy to inform you of the specifics of the processing operations of Personal Data and to guarantee the confidentiality of the processing of this information. It is important for us to provide you with information related to the processing of your personal data in a comprehensive and integrated manner. The operator ensures the protection of the Personal Data of all customers and/or visitors to the website through the adoption of technical and organizational measures.

Personal data are defined as alludes to data that permits the ID of people, private or expert, for example, complete name, postal location, postal code, contact telephone number, email, and so on ;

Processing: represents any automatic or manual operation or set of operations performed on the data, such as: collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, transmission, dissemination, alignment or combination, restriction, block, deletion, or destruction

Operator: regular or lawful individual, public power, office or whatever other body that, by itself or together with others, decides the reasons and method for individual information handling. Authorized Individual: a natural or legal person, public authority, agency, or other entity that handles personal data on behalf of an Operator.

Processing of personal data across borders: processing of personal data in the context of the activities of the operator’s or authorized person’s headquarters in multiple EU Member States when the operator or authorized person is established in multiple EU Member States; or the processing of personal data that occurs at a single operator or authorized person’s seat in the Union but has a significant impact on or may have a significant impact on individuals in multiple Member States; Authority to supervise: the National Supervisory Authority for Personal Data Processing.

When and from whom personal data is collected

The categories of individuals (targets) whose data is processed by the Operator are natural persons who are customers of Zen Apartments Brasov (current, former, or potential), visitors, the general public, and their representatives/proxies, legal or conventional, collected directly at the Hotel reception or via the website or indirectly through specialized agencies and websites.

For the purpose of ensuring that the website at functions properly, cookie programs will automatically collect some technical information from anonymous visitors who access the site.

The data gathered in this manner remain anonymous.

The following personal information will be requested of you via an online form if you wish to make an online reservation on the website

  1. mandatory: date of arrival, date of departure, type of room, name, surname, telephone number, email address, country of residence, and date of birth;
  2. electronic installment handling: card type, number, name of cardholder, expiration date, and security code;

Depending on the service requested, it may be necessary to collect additional personal information, particularly if related services are also provided (e.g.: trips on your own, transfers, etc.)

As the data subject, you are responsible for ensuring that the information provided to the Operator for processing is accurate, up-to-date, and complete.

The purposes for which the data is processed are as follows: Zen Apartments Brasov processes Personal Data only to the extent necessary to carry out the following:

– control over the reservation that was made via the website;

– carrying out a variety of contracted services;

– meeting legal requirements (invoicing, service collection, customer data registration);

– advertising and promotion, including the sending of general or individualized commercial offers;

– auditing, developing, and enhancing the services provided;

– directing interactions with clients;

– achieving incidental legitimate goals;

– digital payment processing through financial institutions that are partners;

It is essential to be aware that the Operator may not be able to provide the products or services requested if access to these Personal Data is denied.

Without your explicit and prior consent, Zen Brasov will treat all personal information to which it has access as confidential and will not disclose it to any third parties other than those listed in this document.

The legal basis for processing personal data Personal data are collected by Zen Brasov and will only be processed in accordance with the terms of Art. Regulation 679/2016EU, paragraph 1:

(a) The data subject has consented to the processing of his or her personal information for one or more specific purposes;

(b) The processing is required to carry out a contract to which the data subject is a party.

party or to comply with the data subject’s request before entering into a contract;

(c) The processing is necessary for the operator to fulfill a legal obligation;

(f) unless the interests or fundamental rights and freedoms of the data subject prevail, which necessitate the protection of personal data, the processing is necessary for the purposes of the operator’s or a third party’s legitimate interests.

Beneficiaries of Personal Data The following parties may receive Personal Data processed by the Operator:

– Zen Brasov through authorized company personnel;

– the companies that are associated with the Operator and/or Associated Operators and collectively process your data as part of a contract’s execution;

– payment processors (for processing online payments via electronic means);

– Zen Brasov’s authorized partners, such as administrator of the website, accountant, etc.);

– depending on the situation, central and local public authorities, judicial authorities, the police, and the prosecutor’s office (within the parameters of the law and/or in response to explicitly stated requests);

Personal Data Retention Timeframe Zen Brasov will only keep your personal data for as long as it is necessary to accomplish the aforementioned goals, up to a maximum of ten years, with the exception of any legal requirements regarding the archiving of particular kinds of documents. In accordance with the management-approved internal procedures, personal data will be destroyed following the completion of the processing operations for the purposes for which they were collected.

The people concerned can pull out their assent, in regards to information handling, whenever and without showing an explanation, by forming a composed solicitation that can be sent via mail to the email address: zenapartments.brasov@gmail.  If the consent withdrawal request is granted, any information contained (for example: preferences, accommodation history, etc.) will be deleted, and the individual concerned will no longer receive commercial information about Zen Brasov’s products and services.

Protecting Personal Data’s Confidentiality Zen Brasov has integrated cutting-edge security technologies with appropriate system policies and procedures to guarantee system integrity, security, and protection against unauthorized use and potential abuses.

However, it should be known that data transmissions over public Internet networks can never be completely protected. The data that are sent to the website at are protected in every way possible by Zen Brasov. However, the individuals involved run the risk of any data transmission.

Information Assurance Privileges of Information Subjects

As indicated by the GDPR, information subjects have: the rights to access, rectification, deletion, restriction of processing, data portability, and opposition to the use of automated personal data processing processes are all protected rights.

The data subject has the right to file a complaint with the A.N.S.P.D.C.P. if there are any suspicions that the aforementioned rights are not being respected. If the individuals in question, either directly or through a representative, exercise the aforementioned rights in a manner that is clearly unfounded, unjustified, or excessive, especially because it is repetitive, Zen Brasov has the ability to:

– either charge a fair fee based on administrative costs for providing the information or communication or carrying out the requested action;

– or to say no to the request and not comply.

You can use the email address to exercise these rights: Final provisions By reading this document, you agree that Zen Brasov’s processing of your personal data is a factor in your ability to use the company’s services and/or enter into commercial or contractual transactions.

There may be occasional updates or modifications to these provisions. We suggest that you check these arrangements each time you utilize the site, to constantly be educated about them.

By getting to the site, after the changes, these new arrangements will be viewed as acknowledged.

Recent Comments

    Recent Posts

    Brasov, a storyteller

    March 23, 2019

    Bran Castle

    September 22, 2018

    Black Church Brasov

    September 21, 2018