Privacy Policy

Respect for the right to protection of personal data as well as the right to privacy is one of the fundamental missions of BIT SOFT SRL (“BITSOFT”).

We therefore take all necessary steps to process your personal data in accordance with the principles established by the applicable data protection legislation in Romania, including Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC ( "GDPR").

Personal data, within the meaning of this Privacy Policy and as defined by GDPR, is any information relating to an identified or identifiable natural person ( "data subject"); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity.

The processing of personal data is done by: Bit Soft SRL based in Bucharest, 7 Dr. Radovici Ion Street, registered at the Trade Register under number J40 / 21722/1994, UIC RO 6520428.

Click on one of the links below to go to a specific section:
• Principles of processing personal data
• What kind of personal data do we process?
• Personal data of minors
• Special categories of Personal Data
• For what purpose and on what basis do we process your personal data?
• To whom do we transfer your personal data?
• Do we collect personal data from third parties?
• Do we transfer your data outside the EU / EEA?
• Providing the personal data of other individuals by you

• How long do we keep your personal data?
• What are your rights?
• Are your data safe?
• Links to other websites

• Questions or complaints

• Changes in policy


PRINCIPLES ON WHICH DATA PROCESSING IS BASED WITHIN BITSOFT

• The processing of personal data is carried out lawfully, fairly, and in a transparent manner;
• The collection of personal data is carried out only for specified, explicit and legitimate purposes, and the data is not further processed in a manner incompatible with those purposes;
• The collection of personal data is appropriate, relevant and limited to the information required for the purpose of processing;

• Personal data will be accurate and, where necessary, updated;

• All necessary measures shall be taken to ensure that incorrect data is deleted or corrected without delay;

• All personal data is processed and stored in a manner that ensures its confidentiality and security;

• Personal data are not shared with third parties unless necessary for the purpose of providing services under agreements or for the purpose of fulfilling legal requirements.

 

WHAT KIND OF PERSONAL DATA DO WE PROCESS?

If you are a representative or contact person of our current or potential clients, as well as a representative or contact person of our suppliers or business partners

We collect the surname, given name(s), phone number, e-mail address, position, as well as any other data provided by you or the company represented by you.

You can choose anytime which personal data you want to provide. However, if you choose not to provide certain personal data, if the basis of our request is the compliance with a legal requirement, contractual obligations or obligations required to conclude a contract, we will not be able to provide you certain services; e.g. if you do not want to communicate us your surname, given name(s), e-mail address and position when you call the technical support service offered by BITSOFT, we will not be able to provide you the required technical assistance.

If you are a current or potential client of our clients and/or business partners

During the performance of the concluded contracts and in order to fulfil the undertaken obligations, we may access certain categories of personal data belonging to individuals who are clients and potential clients of the hotels and restaurants we work with.

It is also possible, at the request of our clients, to provide hosting services for certain databases containing the personal data of individuals who are clients and potential clients of the hotels / restaurants we work with.


The categories of data we may process to fulfil our contractual obligations are:

a) Data required for making reservations (for example: surname, given name(s), e-mail address, phone number);

b) The data included in the arrival-departure record, required under the national law (e.g. nationality, address, date of birth);

c) Banking card details (card type, credit/debit card number, holder's name, expiration date, and security code);

d) Information on client’s stay, including the dates of arrival and departure, special requirements, preferences;

e) Information you provide about your marketing preferences;

f) Personal data you provide to register and subscribe to the newsletter;

g) Information about the vehicles that you might bring on the property of the hotel / restaurant (e.g. registration number);

h) Data collected from the access cards (entry and exit time);

i) Information collected by various contractual partners (travel agencies, event organizers) and sent to the hotel / restaurant (rooming list, event guest list);

j) Data necessary to provide additional services, as appropriate;

k) Reviews and opinions about the hotel / restaurant services;

l) Any other information you choose to provide us or our clients with.

If you are a potential employee

We collect information from your resume, as well as any other information submitted with your resume and / or communicated at the interviews.

If you are a visitor to our location

The surveillance cameras can capture or record visitors’ images in public places (such as the entrances inside the BITSOFT premises).

If you are a user of www.bit-soft.hu

No personal data is required to read the information on the website. However, for the technical operation of the portal, we collect the time and date of accessing the Internet website and the IP address from which our website was accessed.

Some personal data are required to use certain services (e.g. online bookings, job vacancies). For details, please refer to the appropriate section for the operation used on the website.

If you are an employee

Please read the Employee Privacy Policy brought to your attention at the time of employment and available at any time at the Human Resources Department.

 

SPECIAL CATEGORIES OF PERSONAL DATA

The term “special categories of personal data” refers to racial or ethnic origin, political opinions, religious confession, philosophical beliefs or membership of trade unions, as well as the processing of genetic data, biometric data or data on health, sex life or sexual orientation.

Although we do not collect special categories of personal data, it is possible that, during the performance of a contract concluded with a BITSOFT client and at his/her request, to have to access his/her computer systems (e.g. hotel management software) to fulfil the contractual obligations. During this visit, we may have contact with such personal data categories, but they will not be retrieved or processed for any purpose other than the performance of the contract concluded with a BITSOFT client.


 

FOR WHAT PURPOSE AND ON WHAT BASIS DO WE PROCESS YOUR PERSONAL DATA?

If you are a representative of the current or potential clients of BITSOFT

a) Communication with you in case of inquiries sent by you regarding certain services and products offered by BITSOFT.

Purpose: We process your personal data to respond to your inquiries.

Legal basis: Conclusion of a contract

b) Resolving support vouchers following your requests.
Purpose: We process your personal data to respond to your requests.
Legal basis: Performance of a contract

c) Keeping the history of interactions between you and BITSOFT

Purpose: In order to provide good quality services, the history of your interactions with BITSOFT is stored at least during the performance of the contract, so that, when you come back with a new request, we will be able to adapt our work procedures to effectively solve your situation.

Legal basis: Performance of a contract

d) Feedback

Purpose: We process your personal data to make sure you have had a satisfactory experience following the interaction with BITSOFT.

Legal basis: Our legitimate interest in continuously improve our services and provide services that best match our clients’ standards.

e) Marketing

Purpose: We process your personal data for marketing purposes, such as commercial newsletters and marketing communications on new products and services or other offers that we think might be of interest to you.

Legal basis: We rely on the legitimate interest in promoting our services by submitting the offers we consider to be of interest to you (please see “The right to oppose” in “Your Rights” section)

If necessary, in accordance with the applicable law, we will obtain your consent before processing your personal data for direct marketing purposes. In this case, we hereby notify you that you will be able to withdraw your marketing consent at any time, in which case you will not receive any more marketing communications from us.

We will include a unsubscribe link that you can use if you do not want to receive any further messages from us.

f) Other communications: by e-mail, mail, phone or SMS.

Purpose: These communications will be made for a specific reason, such as: (i) to respond to your inquiries, (ii) if you have not completed an inquiry/contract, we may send you an email to remind you to complete the procedure in question, (iii) to inform you of the manner in which the complaints and/or incidents occurred during the performance of the contract have been settled.

Legal basis: Our legitimate interest in providing services at the desired standards by resolving any claims / complaints and ensuring you of our full availability.

g) Analysis, improvement and research

Purpose: To constantly ensure the qualitative evolution of our services, we take care to analyse all your complaints / suggestions, in order to draw up statistical reports to identify the problems and find the best solutions to remedy them.

Legal basis: We rely on our legitimate interest in providing services compliant with your standards and BITSOFT’s.

If you are a visitor in our location

Purpose: We process your personal data to protect the assets and persons within the BITSOFT’s premises.

Legal basis: Our legitimate interest in ensuring either the protection of property or the protection of people within our premises.

If you are a user of www.bit-soft.hu

Purpose: Traffic monitoring to identify errors and/or any other website malfunctions.

Legal basis: We base our data processing activity on our legitimate interest, i.e. to provide you with a fully operational website by repairing any error, as well as by continuously improving it.

If you are a representative or contact person of our suppliers or business partners

Purpose: Developing contractual relationships with our suppliers or our business partners.

Legal basis: Performance of a contract.

If you are a potential employee

Purpose: Evaluation of your job application.

Legal basis: Conclusion of a contract.

If you are an employee

Please read the Employee Privacy Policy brought to your attention at the time of hiring, which is available at any time at the Human Resources Department.


Legal basis: Performance of a contract

c) Keeping the history of interactions between you and BITSOFT

Purpose: In order to provide good quality services, the history of your interactions with BITSOFT is stored at least during the performance of the contract, so that, when you come back with a new request, we will be able to adapt our work procedures to effectively solve your situation.

Legal basis: Performance of a contract

d) Feedback

Purpose: We process your personal data to make sure you have had a satisfactory experience following the interaction with BITSOFT.

Legal basis: Our legitimate interest in continuously improve our services and provide services that best match our clients’ standards.

e) Marketing

Purpose: We process your personal data for marketing purposes, such as commercial newsletters and marketing communications on new products and services or other offers that we think might be of interest to you.

Legal basis: We rely on the legitimate interest in promoting our services by submitting the offers we consider to be of interest to you (please see “The right to oppose” in “Your Rights” section)

If necessary, in accordance with the applicable law, we will obtain your consent before processing your personal data for direct marketing purposes. In this case, we hereby notify you that you will be able to withdraw your marketing consent at any time, in which case you will not receive any more marketing communications from us.

We will include a unsubscribe link that you can use if you do not want to receive any further messages from us.

f) Other communications: by e-mail, mail, phone or SMS.

Purpose: These communications will be made for a specific reason, such as: (i) to respond to your inquiries, (ii) if you have not completed an inquiry/contract, we may send you an email to remind you to complete the procedure in question, (iii) to inform you of the manner in which the complaints and/or incidents occurred during the performance of the contract have been settled.

Legal basis: Our legitimate interest in providing services at the desired standards by resolving any claims / complaints and ensuring you of our full availability.

g) Analysis, improvement and research

Purpose: To constantly ensure the qualitative evolution of our services, we take care to analyse all your complaints / suggestions, in order to draw up statistical reports to identify the problems and find the best solutions to remedy them.

Legal basis: We rely on our legitimate interest in providing services compliant with your standards and BITSOFT’s.

If you are a visitor in our location

Purpose: We process your personal data to protect the assets and persons within the BITSOFT’s premises.

Legal basis: Our legitimate interest in ensuring either the protection of property or the protection of people within our premises.

If you are a user of www.bit-soft.hu

Purpose: Traffic monitoring to identify errors and/or any other website malfunctions.

Legal basis: We base our data processing activity on our legitimate interest, i.e. to provide you with a fully operational website by repairing any error, as well as by continuously improving it.

If you are a representative or contact person of our suppliers or business partners

Purpose: Developing contractual relationships with our suppliers or our business partners.

Legal basis: Performance of a contract.

If you are a potential employee

Purpose: Evaluation of your job application.

Legal basis: Conclusion of a contract.

If you are an employee

Please read the Employee Privacy Policy brought to your attention at the time of hiring, which is available at any time at the Human Resources Department.

For all the above categories of people, we may process your data in the context of the following activities:

a) Restructuring, internal reorganization or sale of assets or shares

Purpose: We process your data to perform the above-mentioned operations.

Legal basis: Our legitimate interest in performing the operations, especially if they would be impossible to be performed without the processing of your data.

However, we assure you that this possible processing will be carried out in accordance with this policy and by implementing a measure able to ensure the confidentiality of your data.

b) Security

Purpose: We process personal data for the security of goods and the physical integrity of the individuals.
Legal basis: We rely on our legitimate interest in securing the protection of your property and the hotel’s, as well as the protection of people within our premises.

c) Legal grounds:

Purpose: In some cases, we need to process the provided information which may include personal data, in order to resolve legal disputes or complaints, for investigations and compliance with applicable legal regulations, to implement an agreement or to comply with the public authorities’ requests, to the extent that these requests meet the requirements of the law.

Legal basis: The reasons for processing may be a legal requirement (if we have the legal obligation to disclose certain personal data to the public authorities) or our legitimate interest in resolving any disputes and / or complaints.


 

TO WHICH PEOPLE DO WE CONVEY YOUR PERSONAL DATA?

To provide you the expected hospitality and high-quality services, your data may be sent to our service providers and other third parties, as detailed below:

a) Suppliers: In order to provide the requested services, in some cases we will need to convey some of your personal data to the providers, and they will be empowered to process the data on our behalf and in accordance with our guidelines (e.g. suppliers of software, IT, accounting services, medical services).

b) Business partners and collaborators: In some cases, we associate with other companies to provide you the products, services or offers you have requested. For example, we can conclude a contract with a third-party providing hosting services.

c) Public authorities and / or institutions: (i) to comply with legal provisions; (ii) to respond to their requests; (iii) for reasons of public interest (e.g. national security).

The privacy of your data is important to us, so that, wherever possible, the communication of personal data in accordance with the above is done only on the basis of a confidentiality commitment signed by the recipients, guaranteeing that the data is kept safe and that this information is provided in accordance with applicable laws and policies. In any case, we will always send to the recipients only the information strictly necessary for the purpose in question.

 

DO WE COLLECT PERSONAL DATA FROM THIRD PARTIES?

To provide you the expected hospitality and the best level of services, we may collect information about you from our business partners and other third parties, as detailed below:

a) Business partners: such as card partners, social networking services that are consistent with your own settings for these services, partner recruitment websites for employment.

In any case, we ensure that your data collected from third parties will be processed under the same conditions as if they were collected directly from you. Similarly, we will collect only what is necessary for our purposes (please see the Section “FOR WHAT PURPOSE AND ON WHAT BASIS DO WE PROCESS YOUR PERSONAL DATA?”).

Moreover, when we contact you for the first time, we will let you know, first of all, the source from which we obtained your personal data.

 

DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE THE EU / EEA?

We may trasfer your data to some suppliers located in countries other than the one you are located in and, in some cases, in non-EU / EEA countries.

Although data protection laws in these countries may differ from those applicable in your country, we will take the necessary measures to ensure that your personal data is processed in accordance with this policy and applicable law.

 

PROVIDING THE PERSONAL DATA OF OTHER INDIVIDUALS BY YOU

If you provide us the personal data of other individuals, please previously inform them about this disclosure and how their personal data are going to be processed, as described in this privacy policy.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

Your personal data is retained throughout the purposes detailed in this policy if a longer period of retention is not required or permitted by the applicable law.

We constantly review the need for your personal data to be retained, and to the extent that the processing is no longer required and there is no obligation to retain your personal data, we will delete / destroy your personal information as soon as possible and in a way that it can no longer be recovered or reconstituted (for example, we will delete / destroy all data of people who have not been hired after the interviews, unless there is a serious prospect of future employment).

If personal information is printed on paper, it will be destroyed in a way that eliminates it completely, and if it is stored on electronic storage media, it will be deleted by technical means to ensure that the information can no longer be recovered or reconstituted at a later date.

 

WHAT ARE YOUR RIGHTS?

As being the data subject, you will benefit from the following rights provided by GDPR:

a) The right to access: you may request (i) a confirmation that your personal data are processed or not, and, if so, the access to, and information about these data, and (ii) a copy of your personal data we hold (Article 15 of GDPR);

b) The right to rectification: you may inform us about any changes in your personal data or you may ask us to correct the personal data we hold about you (Article 16 of GDPR);

c) The right to deletion (“the right to be forgotten”): in certain circumstances (such as (i) the data was collected illegally, (ii) the data storage limit has expired, (iii) you have exercised the right to oppose, or (iv) the processing of the data was done on the basis of consent and you have withdrawn your consent), you may ask us to delete the personal data we hold about you (Article 17 of GDPR);

d) The right to restrict processing: in certain circumstances (such as when you dispute the accuracy of such data or the lawfulness of the processing), you may ask us to restrict your data processing for a certain period (Article 18 of GDPR);

e) The right to data portability: you may ask us to send your personal data to a third party or directly to you (Article 20 of GDPR);

f) The right to opposition: in certain circumstances (such as the processing whose legal ground is the legitimate interest), you may ask us to no longer process your data (Article 21 of GDPR).

g) If we use your personal data based on your consent, you have the right to withdraw this consent.

If we use your personal data based on your consent, you may withdraw this consent at any time. In this situation, your data will no longer be processed by us, unless a legal provision compels us to keep and archive it. In any case, we will let you know if there is such a legal provision and we will indicate it expressly.

 

IS YOUR DATA SAFE?

We take care of your personal security seriously, so we take important security measures necessary to protect against unauthorized access to data or unauthorized modification, disclosure or destruction of data. This requires internal revisions of the security measures and data collection, storage and processing practices, as well as physical security measures to protect against unauthorized access to the systems where we store personal data.

We also require our service providers and business partners to take all necessary measures to protect against unauthorized access to data or unauthorized modification, disclosure or destruction of data.

 

LINKS TO OTHER WEBSITES

Our website contains links to third-party websites. Please note that we do not assume any responsibility for the collection, use, storage, sharing or disclosure of data or information by such third parties. If you use or provide information on third-party websites, the terms and privacy policy of those websites apply. We encourage you to read the privacy policy of the websites you visit, before providing personal data.

The use of BITSOFT’s internet services within our premises is subject to the terms of use and privacy of Internet providers. You can access these terms and policies by using the links found on that service’s login page or by visiting the Internet provider’s website.

 

QUESTIONS OR COMPLAINTS

If you have any questions or concerns regarding the processing of your personal data, or if you wish to exercise any of the above rights, you are welcome to contact us using our Contact Form available on the website or by sending an email to the following address: privacy@bit-soft.ro, and we will respond to you within 30 days of receipt of your request.

Also, insofar as you do not have electronic means or do not wish to use them, you may submit a written request to the address of our registered office in Bucharest, 7 Dr. Radovici Ion Street, Sector 5.

To the extent that you are not satisfied with the manner in which your application has been resolved, you may file a complaint with the National Supervisory Authority for Personal Data Processing.

 

POLICY CHANGES

This privacy policy may change from time to time in accordance with the changes to data policy laws or on the basis of changes to our services or organizational arrangements. If we make any material changes, we will publish a link to the revised policy on our homepage.

If we make significant changes that will impact your rights and freedoms (for example, when we start processing your personal data for purposes other than those specified above), we will contact you before starting this processing.

To help you tracking the most important changes, we will include a change history below, in order to recognize the changes made to this policy.


Last updated: 12th December 2018