Personal data, or personal information, means any information regarding an individual which can lead to his or her identification.
In order to provide the services, we may collect, use, store and transfer different kinds of personal data about you, as follows:
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel your access on the Website or Platform, but we will notify you if this is the case at the time.
We collect, use, transfer and store your personal data in accordance with the applicable laws and this Policy.
Most frequently, we will use your personal data (i) where we need to perform the contract we are about to enter into or have entered into with you, (ii) where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests and (iii) where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us at firstname.lastname@example.org.
We will not sell your data to third parties, including third party advertisers. There are, however, certain circumstances in which we may disclose, transfer or share your Personal Data with certain third parties without further notice to you, as set forth below:
▪ marketing service providers;
▪ database service providers;
▪ hosting service providers;
▪ email service providers;
▪ data aggregators.
We may store personal data or such information may be stored by third parties to whom we have transferred it in accordance with this Policy. We have taken reasonable steps to protect the personal data collected by providing the services from loss, misuse, unauthorized use, access, inadvertent disclosure, alteration and destruction.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
However, please note that no network, server, database or Internet or e-mail transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us electronically. Please keep this in mind when disclosing any personal data.
In accordance with Regulation no. 2016/679, under certain circumstances, you have the following rights in relation to your personal data:
▪ Access to information: You have the right to request a copy of the information Destination Iași holds about you.
▪ Ensuring accuracy of information: Destination Iași wants to make sure that your personal information is accurate and up-to-date. You may ask Destination Iași to correct or complete information that is inaccurate or incomplete.
▪ Right to erasure: You may have a right to erasure, which is more commonly known as the ‘right to be forgotten’. This means that in certain circumstances you can require Destination Iași to delete personal information held about you.
▪ Ability to restrict processing: You may also have the right to require Destination Iași to restrict Destination Iași use of your personal information in certain circumstances. This may apply, for example, where you have notified Destination Iași that the information Destination Iași holds about you is incorrect and you would like Destination Iași to stop using such information until Ukrainians in Iași has verified that it is accurate.
▪ Right to data portability: You may have the right to receive personal data Destination Iași holds about you in a format that enables you to transfer such information to another data controller (e.g. such as another service provider).
▪ Preventing direct marketing: Destination Iași does not sell your personal data. From time to time, Destination Iași may send emails containing information about new features and other news about us. This is considered direct marketing. Destination Iași will always inform you if Destination Iași intends to use your personal data or if Destination Iași intends to disclose your information to any third party for such purposes.
▪ Objecting to other uses of your information: You may also have the right to object to Destination Iași use of your information in other circumstances. In particular, where you have consented to Destination Iași use of your personal data, you have the right to withdraw such consent at any time.
▪ Review by an independent authority: You will always have the right to lodge a complaint with a supervisory body, including the National Supervisory Authority for Personal Data Processing (NSAPDP) at 28 – 30 Gheorghe Magheru Blvd., District 1, Bucharest (post code: 010336; phone no.: 0040 318.059.211).
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you want to exercise any of the rights listed above or if you would like further information on how you can exercise these rights, please email us at email@example.com.