PRIVACY POLICY
 
Respecting the right to protection of personal data, as well as the right to privacy is one of the missions fully and consciously assumed by the staff and management of the Zenith Hotel – Top Country Line – Conference & Spa. The hotel is run by the company Mamaia Resort Hotels SRL, with its registered office in the hotel building, Mamaia resort, Jud. Constanta, registered at the Trade Register under no. J13 / 2955 / 18.08.2008, unique registration code RO 6312370 as operator.
Thus, we take all necessary steps to process your personal data in accordance with the principles established by the data protection legislation applicable in Romania, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with as regards the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (“GDPR”).
Personal data means any information concerning an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data, an online identifier, or one or more many specific elements, specific to his physical, physiological, genetic, mental, economic, cultural or social identity.
Click on one of the links below to go to a specific section:
• What kind of personal data do we process?
• Personal data of minors
• Sensitive data
• For what purpose and on what basis do we process your personal data?
• To whom do we transmit your personal data?
• Do we collect personal data from third parties?
• Do we transfer your data outside the EU / EEA?
• Providing you with personal data of other individuals • How long do we keep your personal data?
• What are your rights?
• Is your data safe?
• Links to other websites
• Questions or complaints • Policy changes
 
”PROCESSING YOUR DATA IN THE CONTEXT OF THE COVID-19 PANDEMIC
 
INFORMATION NOTE REGARDING THE OBLIGATION TO CARRY OUT THE EPIDEMIOLOGICAL TRIAGE AT THE ENTRANCE TO THE ZENITH HOTEL
 
Upon entering the Zenith Hotel, we need to measure your body temperature. If it exceeds 37.3 ° C, your access will be denied.
 
This measure is mandatory according to Art. 13 of Law 55/2020, Art. 9 of Annex 3 of Decision 394/2020 and Section II of the Annex to Order 874/81/2020, thus having the obligation to perform epidemiological triage by checking the temperature of all persons inside Our hotel.
 
The result of the verification will not be noted and / or kept. If you refuse to measure your temperature, we will not be able to allow you access to the Hotel. Thank you for understanding.
 
INFORMATION NOTE REGARDING THE PROCESSING OF YOUR DATA IN THE CONTEXT OF MAKING A RESERVATION FOR OUR RESTAURANT
 
Starting with 01.06.2020, we have to draw up a register of customer reservations. This obligation is established for the operators by the content of Art. 4 paragraph (1) letter. l) of the Norms of Order 966/1809/105/2020, so that the basis of this processing is the fulfillment of a legal obligation, the purpose being to facilitate the performance of epidemiological investigations.
 
Thus, in order to make a reservation for our Restaurant after 01.06.2020, we will ask you for your name, surname, telephone number or e-mail address and the number of people for whom you make the reservation. We will note these data in the register of reservations, the storage time of these data being 16 days. The data may be transmitted to the competent Public Authorities and Institutions in accordance with the legislation in force. You can find your rights under GDPR in the dedicated section below. ”
 
WHAT KIND OF PERSONAL DATA DO WE PROCESS?
If you have been / are a hotel guest or a potential future guest according to your reservation
We collect personal data as a result of most interactions with you, as well as in other aspects of our business. The categories of personal data we collect are:
a) name and surname, e-mail address, serial number and identity card number, telephone number and address;
b) bank card data (card type, credit / debit card number, cardholder’s name, expiration date);
c) information about the client’s stay, including arrival and departure date, special requirements, special preferences;
d) the information you may provide about your consumer preferences, while participating in contests, raffles or certain promotional offers;
e) the personal data provided by you in order to enroll in our loyalty program;
f) photos / videos taken on different occasions within the property: hotel / restaurants / bars / spa / conference center / beach managed by the hotel;
g) information about the vehicles that it is possible to park inside our property;
h) reviews and opinions regarding the services you received at the hotel;
i) any other types of information you choose to provide us.
Also, video surveillance cameras and other legal security measures located on the perimeter and inside our property can capture or record generic images of the spaces where they will be seen as a consequence and images of guests in different public areas, such as: the entire perimeter of the property, car accesses, hotel entrances, restaurants, bars, SPA center, event spaces, halls, reception area, swimming pool, beach and parking, records kept for the period required by law providing chronological information to locate your presence in different spaces. By using the access cards in the room provided by the hotel reception, the system records each time you use the key, but the information can be accessed only if needed, such as an investigation in case of disappearance of a good in the room, electromagnetic lock being scanned to find out which cards were used.
You can always choose what personal data you want to provide us. However, if you choose not to provide certain personal data, if the basis of our request is compliance with a legal obligation, contractual obligation or obligations required to conclude a contract we may be unable to offer you certain services, for example: (i) if you do not wish to give us your name, surname, e-mail address or telephone number, if you wish to make a reservation, we will not be able to make the reservation; or (ii) given that in the form to announce the arrival and departure that you have a legal obligation to fill in when you stay at our hotel you will have to enter certain personal data required by law, and if you do not want to fill in those required fields , we will not be able to accommodate you in the hotel.
If you are a potential employee
We collect the information from the CV you sent as well as any other information submitted with the CV and / or in the interviews you presented.
If you are a visitor to our hotel
For the safety and comfort of all guests, the visit of a person not accommodated in the hotel can be made only if there is personal confirmation and acceptance of the accommodated guest. Only after confirmation of the accommodated guest can the visitor find out the room number and access is allowed, but collecting the name, surname, full address, series and number from the bulletin according to the information required and provided by law in the arrival announcement, if the visit is extended after at 18:00.
The procedure does not apply to visitors or customers in public areas of the hotel, but video surveillance cameras and other legal security measures located on the perimeter and inside our property may capture or record generic images of the spaces in which they will be seen as a consequence and images of any person from different public areas, such as: the entire perimeter of the property, car accesses, hotel entrances, restaurants, bars, SPA center, event spaces, lobbies, reception area, swimming pool, beach and parking
If you are a user of our website (www.zenithhotel.eu)
Simply accessing our site will not lead to the collection of your personal data unless you voluntarily enter certain data (eg online bookings, job applications, certain requests / requests, etc.).
However, as with any computer equipment, the time and date of access to the website and the IP address from which our website was accessed are collected.
If you are a representative or contact person of our suppliers or business partners
Within the ongoing contracts and current procedures we collect the name, surname, position, telephone number, e-mail address, as well as any other data provided by you or the company you represent in order to fulfill the contractual obligations assumed and for communications. required.
If you are employed
Please read the employee privacy policy, made known at the time of employment and available at any time to the Human Resources Department.
PERSONAL DATA OF MINORS
We do not request or take over directly to children under 18 personal information, but only to parents. Only in extreme situations, when a child has lost his parents, we try to find out the full name, in order to identify the parents and inform them. We protect the confidentiality of all data obtained from children under 18 years of age, or from the parents of these children. If you are under the age of 18, you cannot book or use accommodation without the presence of an adult. In order to benefit from services that involve the provision of personal information, children under the age of 18 must obtain the consent or authorization of the parents or guardian responsible for any provision of personal data.
 
SENSITIVE DATA
The term “sensitive data” refers to racial or ethnic origin, political opinions, religious beliefs or philosophical beliefs or trade union membership and the processing of genetic data, biometric data, health data or data on sexual life or sexual orientation.
We do not collect sensitive information unless you wish to provide it to us. We may use the health data you provide to provide better services and meet your special requirements (for example, preparing a menu to avoid certain allergens, or providing access for people with disabilities, or providing an anti-allergic pillow).
Instead, access to the spa facilities is based on your own statement regarding your good health. If there is a medical aspect that you want to inform us about, you will give us the opportunity to guide you for those activities that will help you. protect and not affect your health.
 
FOR WHAT PURPOSE AND WHAT DO WE PROCESS YOUR PERSONAL DATA?
If you are a customer
a) Reservations for hotel / restaurants / bars / spa or in case of requests for offers sent by you for certain events or groups of guests organized or that can be organized
Purpose: we process your personal data (i) in order to reserve the requested service in the hotel / restaurants / bars / spa and (ii) to respond to requests for offers sent by you.
Rationale: concluding a contract for the provision of hotel services or completing a reservation
b) Accommodation services
Purpose: we process your personal data to ensure accommodation in our hotel.
Rationale: at the time of accommodation, according to the legal provisions in force (link) you are obliged to complete the arrival and departure announcement form which contains a minimum of data necessary to ensure your accommodation and to issue an invoice containing the data required by law
c) Relationship with guests / services provided to guests on the property (cleaning service, breakfast, prepaid lunch, access to the spa, beach, parking, etc.) Purpose: we process your personal data to give you an experience more pleasant and in accordance with your hotel standards and expectations. Grounds: execution of the hotel service contract.
d) Profiling
Purpose: in order to provide personalized services, certain special preferences of yours (for example: if you prefer the rooms on the upper or lower floors, what package of products and / or services you usually consume, your favorite preparation or wine, the type of massage requested especially) are stored so that when you return, we will already know what you like about the Theme: consent
e) Opinions about the visit to our hotel
Purpose: we process your personal data to ensure that you have had a pleasant experience in our hotel
Rationale: our legitimate interest in constantly improving the services we provide to our customers
f) Marketing
Purpose: We process your personal data for marketing purposes, such as regular pricing information or special offers for the next period, marketing communications about new products and services that we initiate, or tariff reductions that may be of interest to you.
Rationale: we rely on the legitimate interest in promoting our services by submitting offers that we consider to be of interest to you, insofar as you are already a loyal guest or have opted for our property and we have found that you have been satisfied with the services. which you have benefited from (see “Right to Opposition” in the “Your Rights” Section).
If necessary, in accordance with applicable law, we will obtain your consent before processing your personal data for direct marketing purposes. In this case, we inform you that you will be able to withdraw your consent for processing for marketing purposes at any time, in which case you will not receive any marketing communication from us.
We’ll include a unsubscribe link that you can use if you don’t want us to send you any more messages.
We’ll include a unsubscribe link that you can use if you don’t want us to send you any more messages.
Also, on the occasion of organizing certain events within the hotel / restaurants / bars / SPA center / event center / beach managed by our hotel, it is possible to take generic photos of the atmosphere, and some of these could be distributed in the online environment to show other customers the ambiance and level of our events. In any case, because we take into account your right to privacy, we make sure that the photos do not feature people in the foreground, doing everything possible to keep guests informed whenever we intend to take photos (for objections). for our photos, see “Right to Opposition” in the “Your Rights” Section).
g) Other communications: by e-mail, mail, online applications, telephone or SMS
Purpose: These communications will be made for a specific reason such as: (i) to respond to your requests, (ii) if you have not completed an online booking or a request for an offer, we may send you an email to remind you to complete the reservation, (iii) to inform you of how the complaints and / or incidents that occurred during your stay have been resolved.
Legal basis: our legitimate interest in providing services to the assumed standards, including by prompt and maximum availability of any requests or dissatisfaction.
h) Analysis, improvement and research:
Purpose: to ensure a constant quality level of our services, we take care to analyze every suggestion or complaint from you, so we prepare statistical reports to identify problems, the degree of repetitiveness and to find the best solutions to remedy them.
Rationale: we rely on our legitimate interest to provide services that meet your hotel standards and expectations.
If you are a visitor to our hotel
Purpose: after 18:00 we process your personal data according to the legal provisions in order to ensure the necessary information to the bodies that verify the observance of the general rules for the protection of persons and property within the hotel.
Rationale: our legitimate interest in limiting the access of unknown persons inside the property, in order to ensure the protection of persons and property of customers / hotel / staff within the hotel.
If you are a user of our website (www.zenithhotel.eu)
Purpose: traffic monitoring in order to identify errors and / or any other malfunction of the site
Rationale: we base this data processing activity on our legitimate interest, which is to provide you with a fully functional site by repairing any errors, as well as by continuously improving it.
If you are a representative or contact person of our suppliers or business partners
Purpose: to develop contractual relations with our suppliers or business partners.
Theme: execution of a contract.
If you are a potential employee
Purpose: to evaluate your employment application.
Rationale: concluding a contract
If you are employed
Please see the employee privacy policy, made known at the time of employment and available at any time to the Human Resources Department.
For all categories of people above, we may also process your data in the context of the following activities:
a) Internal restructuring or reorganization or sale of assets or shares / shares: Purpose: we process your data to carry out the operations mentioned above. lack of processing of your data
However, we assure you that this possible processing will be carried out in accordance with the legal provisions and by implementing a measure to ensure the confidentiality of your data.
b) Security:
Purpose: we process personal data in order to fulfill the legal obligations regarding the protection of property and the integrity of persons.
Rationale: we rely on our legitimate interest to ensure the protection of your property and the hotel, as well as the protection of persons within the perimeter of our hotel. c) Legal reasons:
Purpose: in certain cases, we must process the information provided, which may include personal data, to resolve legal disputes or complaints, to investigate and comply with applicable legal regulations, to implement an agreement or to comply with requests from the part of the public bodies insofar as these requests meet the conditions imposed by law.
Rationale: the reasons for processing may be the legal obligation (if we have the legal obligation to disclose certain personal data to public authorities) or our legitimate interest in resolving any disputes and / or complaints to ensure that each once we provide the highest quality services.
 
TO WHOM PERSONS WE TRANSMIT YOUR DATA PERSONAL?
In order to provide you with high quality services, we may pass on your personal information to our service providers and other third parties, as detailed below:
a) Suppliers: in order to provide the requested services, in some cases, we will have to transmit some of your personal data to the suppliers, and they have the power of attorney and process the data on behalf of, on behalf of and in accordance with our instructions (such as software providers, IT, accounting services, medical services).
b) Group events or meetings: if you visit the Zenith Hotel – Top Country Line – Conference & Spa Hotel in a group or conference, the information required for meeting and event planning can be shared with the organizers of these meetings and events and, if where applicable, with guests attending the meeting or event.
c) Business partners: in some cases, we partner with other companies to provide you with products, services or offers. For example, we can arrange for you to rent a car or purchase sightseeing tours.
d) Co-sponsors of promotions: in certain cases, we co-sponsor promotions, raffles, competitions or contests with other companies or we can provide prizes for lotteries and contests sponsored by other companies. If you participate in these raffles or contests, we may transmit your personal data to the collaborating sponsor or a third party sponsor.
e) Public authorities and / or institutions for: (i) compliance with legal provisions, (ii) responding to their requests, (iii) for reasons of public interest (eg national security). For example, according to the regulations set out in the Section “FOR WHAT PURPOSE AND FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA” letter b), any hotel unit is obliged to send daily to the territorial police bodies the arrival and departure announcement forms for each guest who arrived on that day.
The confidentiality of your data is important to us, which is why, where possible, the transmission of personal data in accordance with the above is done only on the basis of a confidentiality commitment from the recipients, which guarantees that this data is kept safe and that the provision of this information is in accordance with applicable law and applicable policies. In any case, each time we will send to the recipients only the information strictly necessary to achieve that goal.
 
DO WE COLLECT PERSONAL DATA FROM THIRD PARTIES?
In order to provide you with services within our assumed standards, we may collect information about you from our business partners and other third parties, as detailed below:
a) Business partners: such as the travel agencies you use for your stay in our hotel, card partner companies, social networking services that are in line with your settings for these services or other third party sources that are authorized by law to transmit your data to us.
b) Co-sponsors of promotions: in some cases, we co-sponsor promotions, raffles, competitions or contests with other companies or we can provide prizes for raffles and contests sponsored by other companies. If you participate in these raffles or contests, we may collect your personal data from the collaborating sponsor or a third party sponsor.
In any case, we assure you that your data collected from third parties will be processed under the same conditions as if they were collected directly from you, respecting the legal procedures in force. We will also collect only what is necessary to achieve our goals. (see Section “FOR WHAT PURPOSE AND FOR WHAT IS YOUR PERSONAL DATA PROCESSED?”).
In addition, when we contact you for the first time, we will inform you, first of all, of the source from which we obtained your personal data.
DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE THE EU / EEA?
No, we do not transfer your personal data outside the EU / EEA.
 
SUPPLY BY YOU OF THE PERSONAL DATA OF OTHER INDIVIDUALS
If you provide us with the personal data of other individuals, please obtain their consent before providing us with their personal data and communicate to them how they are to be processed, as described in this privacy policy (Ex: reservation accommodation with half board for several people and details on the culinary consumption habits of some of them and locomotor problems of another).
 
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Your personal data is retained for the entire purpose of achieving the purposes detailed in this policy, unless a longer retention period is required or permitted by applicable law (for example, surveillance camera records will not be retained for more than 30 days). .
We constantly review the need to retain your personal data, and to the extent that processing is no longer necessary and there is no statutory obligation to retain data, we will destroy your personal information as soon as possible and in a manner that does not it can also be recovered or reconstituted (for example, we will delete / destroy all data of people who were not hired after the interviews).
If personal information is printed on paper, it will be securely destroyed using a paper shredder, and if it is saved on electronic media, it will be erased by technical means to ensure that the information can no longer be deleted. be recovered or reconstituted later.
 
WHAT ARE YOUR RIGHTS?
As a data subject, you have the following rights under the GDPR:
 
a) Right of access: you can ask us for (i) a confirmation of whether or not personal data are processed and, if so, access to and information on those data, and (ii) a copy of your personal data that we hold
(art. 15 of the GDPR);
b) The right to rectification: you can inform us about any change in your personal data or you can ask us to correct the personal data we hold about you (art. 16 of the GDPR);
c) Right of deletion (“right to be forgotten”): in certain situations (such as (i) where the data were collected illegally, (ii) the deadline for storing the data has expired, (iii) v- you have exercised your right to object or (iv) the processing of data is done on the basis of consent and you have withdrawn your consent, you can ask us to delete the personal data we hold about you (art. 17 of the GDPR);
d) The right to restrict the processing: in certain situations (such as the case where the accuracy of these data or the legality of the processing is contested), you may ask us to restrict the processing of your data for a certain period (art. 18 of the GDPR);
e) The right to data portability: to ask us to send your personal data to a third party or directly to you (art. 20 of the GDPR);
f) The right to object: in certain situations (such as processing that has a legitimate interest as a legal basis), you can ask us not to process your data (art. 21 of the GDPR);
If we use your personal data on the basis of your consent, you have the right to withdraw this consent at any time. In this case, your data will no longer be processed by us, unless a legal provision obliges us to keep and archive them. In any case, we will inform you if there is such a legal provision and we will expressly indicate it.
 
THIS IS YOUR DATA. IN SAFETY?
We take your personal security seriously, which is why we take important security measures to protect against unauthorized access to data or unauthorized modification, disclosure or destruction of data. This involves internal reviews of data collection, storage and processing practices and security measures, as well as physical security measures to protect against unauthorized access to the systems where we store personal data.
We also ask our service providers as well as business partners to take all necessary measures to protect against unauthorized access to data or unauthorized modification, disclosure or destruction of data.
LINKS TO OTHER WEBSITES
Our site contains links to third party sites. Please note that we do not assume any responsibility for the collection, use, storage, sharing or disclosure of data or information by such third parties. If you use or provide information on third party sites, the terms and privacy policy of those sites apply. We encourage you to read the privacy policy of the sites you visit before submitting personal data.
The use of the internet services offered by Zenith – Top Country Line – Conference & Spa Hotel falls under the terms of use and the privacy policy of internet providers. You can access those terms and policies by using the links on that service’s login page or by visiting your ISP’s website.
 
QUESTIONS OR COMPLAINTS
If you have any questions or concerns regarding the processing of your personal data or if you wish to exercise any of the rights mentioned above, you are welcome to contact our Personal Data Protection Officer using this Contact Form or by sending an e-mail. mail to the following address: privacy@zenithhotel.eu and we will reply you within 30 days of receiving your request.
Also, if you do not have electronic means or do not want to use them, you can make a written request to the address Hotel Zenith, Mamaia Resort, Constanta County, postal code 900001. For any additional information, we you can call 0241 609 609.
To the extent that you are not satisfied with the way in which your request has been resolved, you can submit a complaint to the National Authority for the Supervision of Personal Data Processing.
 
POLICY CHANGES
This privacy policy is subject to change in accordance with changes in data policy legislation or changes to our services or organization. If we make material changes to this, we will post a link to the revised policy on the home page of our site. If we make significant changes that will affect your rights and freedoms (for example, when we begin processing your personal data for purposes other than those specified above), we will contact you before we begin such processing.
To help you keep track of the most important changes, we’ll include a change history below to acknowledge changes to this policy.

Politica de Confidentialitate Versiunea din 23 Mai 2018