This privacy statement explains how Thingstodoinbucharest.ro (we, us, our) collects, uses, and shares your personal data when you visit our website or use our services. We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and any other applicable data protection laws.

What personal data do we collect and why?

We collect personal data that you provide to us when you contact us, subscribe to our newsletter, register for an account, make a booking, or leave a review. This may include your name, email address, phone number, payment details, and any other information you choose to share with us.

We use this personal data to:

  • Provide you with our services and respond to your inquiries
  • Send you marketing communications about our offers and promotions, if you have given us your consent
  • Manage your account and bookings
  • Solicit your feedback and improve our services
  • Comply with our legal obligations and protect our rights and interests

We also collect some personal data automatically when you visit our website, such as your IP address, browser type, device type, operating system, pages viewed, links clicked, and cookies. We use this personal data to:

  • Analyze how you use our website and optimize its performance
  • Deliver personalized content and advertisements to you
  • Prevent fraud and enhance security

How do we share your personal data?

We do not sell or rent your personal data to third parties. We only share your personal data with:

  • Our service providers who help us operate our website and provide our services, such as hosting providers, payment processors, email service providers, analytics providers, and advertising partners. They only access your personal data on our behalf and under our instructions.
  • Other users of our website who may see your reviews or ratings if you choose to post them publicly.
  • Law enforcement authorities or other parties if we are required to do so by law or if we believe it is necessary to protect our rights and interests or those of others.

How do we protect your personal data?

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, firewalls, access control, backups, and regular audits. However, no method of transmission or storage is completely secure and we cannot guarantee the absolute security of your personal data.

How long do we keep your personal data?

We only keep your personal data for as long as necessary for the purposes for which we collected it or as required by law. We will delete or anonymize your personal data when it is no longer needed.

What are your rights regarding your personal data?

You have the following rights regarding your personal data under the GDPR:

  • The right to access: You can request a copy of the personal data we hold about you.
  • The right to rectification: You can request us to correct any inaccurate or incomplete personal data we hold about you.
  • The right to erasure: You can request us to delete your personal data if there is no valid reason for us to keep it.
  • The right to restriction: You can request us to limit how we use your personal data if you have a legitimate reason.
  • The right to data portability: You can request us to transfer your personal data to another organization or to you in a structured, commonly used, and machine-readable format.
  • The right to object: You can object to us processing your personal data for direct marketing purposes or for other reasons based on your specific situation.
  • The right to withdraw consent: You can withdraw your consent to us processing your personal data at any time if you have given us consent previously.
  • The right to lodge a complaint: You can lodge a complaint with the relevant supervisory authority if you believe we have violated your rights or the GDPR.

To exercise any of these rights, please contact us using the details below. We may ask you to verify your identity before fulfilling your request.

How do we use cookies?

Cookies are small text files that are stored on your device when you visit our website. They help us remember your preferences, improve your user experience, and deliver relevant ads to you.

We use two types of cookies on our website:

  • Essential cookies: These cookies are necessary for the proper functioning of our website and cannot be switched off. They enable basic features such as navigation, security, and accessibility.
  • Non-essential cookies: These cookies are optional and help us analyze how you use our website and optimize its performance. They also help us deliver personalized content and ads to you based on your interests.

You can manage your cookie preferences at any time by clicking on the cookie settings button on our website. You can also disable cookies in your browser settings, but this may affect the functionality of our website.

How do we update this privacy statement?

We may update this privacy statement from time to time to reflect changes in our practices or the law. We will notify you of any material changes by posting a notice on our website or by email if you have subscribed to our newsletter. The date at the top of this privacy statement indicates when it was last updated. We encourage you to review this privacy statement periodically to stay informed about how we collect, use, and share your personal data.

How do we contact us?

If you have any questions or comments about this privacy statement or how we handle your personal data, please contact us via e-mail, at:

thingstodoinbucharest@gmail.com or contact@thingstodoinbucharest.ro