1. CASTEL HOUSE SRL COMMITMENT TO PROTECTING PRIVACY
CASTEL HOUSE SRL is the owner of REGINETTA HOTEL and www.hotelreginetta.ro,
with registered office at 13 ST. SFÂNTUL ȘTEFAN, AP.1, SECOND DISTRICT,
We consider you an important customer and our first priority is to offer you exceptional stays
and experiences in our hotel.
Your complete satisfaction and confidence in REGINETTA HOTEL is absolutely
essential to us.
That's why, as part of our commitment to meeting your expectations, we have set up (and
formalizes our commitments to you and describes how REGINETTA HOTEL uses your
2. SCOPE OF APPLICATION
REGINETTA HOTEL will process your data to :
– manage its contractual relationship with you the customer ;
– invoicing and payment ;
– booking management ;
– to perform marketing activities ;
– to comply with its legal obligations ;
3. REGINETTA HOTEL PRINCIPLES REGARDING GDPR
In accordance with applicable regulations, in particular the G.D.P.R. ,REGULATION
(EU)N2016/679 and L 190/2018, we have instituted the following principles:
1. Lawfulness: We use personal data only if:
o we obtain the consent of the person, OR
o it is necessary to do so for the performance of a contract to which the
person is a party, OR
o it is necessary for compliance with a legal obligation, OR
o we have a legitimate interest in using personal data and our usage does
not adversely affect the persons’ rights
2. Fairness: We can explain why we need the personal data we collect.
o Purpose limitation and data minimisation: We only use personal data that
we really need. If the result can be achieved with less personal data, then we
make sure we use the minimum data required.
3. Transparency: We inform people about the way we use their personal data
4. We facilitate the exercise of the people’s rights: access to their personal data,
rectification and erasure of their personal data and the right to object to the use of
their personal data
5. Storage limitation: We retain personal data for a limited period
o We ensure the security of personal data, i.e. its integrity and
o If a third party uses personal data, we make sure it has the capacity to
protect that personal data.
6. If personal data is transferred outside Europe, we ensure this transfer is covered
by specific legal tools.
7. If personal data is compromised (lost, stolen, damaged, unavailable…), we notify
such breaches to the respective country’s responsible authority and to the person
concerned, if the breach is likely to cause a high-risk in respect of the rights and
freedoms of this person.
For any questions concerning the principles of REGINETA HOTEL data protection
policies, please contact the Data Protection Officer DPO at e-mail adress: adrian.magda
4. WHAT PERSONAL DATA IS COLLECTED?
At various times, we may collect information about you and/or the persons accompanying
you, including the following:
• Contact details (for example, last name, first name, telephone number, email)
• Personal information (for example, date of birth, nationality)
• Information relating to your children (for example, first name, date of birth, age)
• Your credit card number (for transaction and reservation purposes)
• Information contained on a form of identification (such as ID card, passport or driver
• Your arrival and departure dates
• Your preferences and interests (for example, smoking or non-smoking room,
preferred floor, type of bedding, etc.)
• Your questions/comments, during or following a stay in our hotel .
• Technical (IP address, browser type,…) and location data you generate as a result
of using our websites and applications.
The information collected in relation to persons under 16 years of age is limited to their
name, nationality and date of birth, which can only be supplied to us by an adult. We would
be grateful if you could ensure that your children do not send us any personal data without
your consent (particularly via the Internet). If such data is sent, you can contact our DPO to
arrange for this information to be deleted.
5.WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
1. Hotel activities:
o Booking a room
o Checking-in and paying
o Services provided during a stay
o Eating/drinking at the hotel bar or restaurant during a stay
o Requests, complaints and/or disputes.
2. Participation in marketing programs or events:
o Signing up for loyalty programs
o Participation in customer surveys (for example, the Guest Satisfaction
o Online games or competitions
o Subscription to newsletters, in order to receive offers and promotions via
3. Transmission of information from third parties:
o Tour operators, travel agencies (online or not), reservation systems and
4. Internet activities:
o Connection to REGINETTA HOTELS website (IP address, cookies in
accordance with our Policy about the use of tracers)
o Online forms (online reservation, questionnaires,our pages on social
networks, social networks login devices such as Facebook login,
conversations with chatbot, etc.).
6. CONDITIONS OF THIRD-PARTY ACCESS TO YOUR PERSONAL DATA
În some cases we have to share your personal data with internal and external recipients
subject to the following conditions:
1. We share your data with a number of authorised people and departments in
The following teams may have access to your data:
o Hotel staff
o Reservation staff using reservation tools
o IT departments
o Commercial partners and marketing services
o Legal services if applicable
o Generally, any appropriate person within REGINETTA HOTEL entities for
certain specific categories of personal data.
You may, at any time, object to the sharing of this data by contacting our DPO
whose details appear in the clause "Your rights".
With service providers and partners: your personal data may be sent to a third
party for the purposes of supplying you with services and improving your stay, for
o External service providers: IT sub-contractors, international call centers,
banks, credit card issuers, external lawyers, dispatchers.
o Social networking sites: In order to allow you to be identified on the
REGINETTA HOTEL website without the need to fill out a registration form. If
you log in using the social network login system, you explicitly authorize
REGINETTA HOTEL to access and store the public data on your social
network account (e.g. Facebook, LinkedIn, Google, Instagram…), as well as
other data stated during use of such social network login system.
REGINETTA HOTEL may also communicate your email address to social
networks in order to identify whether you are already a user of the concerned
social network and in order to post personalized, relevant adverts on your
social network account if appropriate.
2. With local authorities: We may be obliged to send your information to local
authorities if this is required by law or as part of an inquiry. We will ensure that any
such transfer is carried out in accordance with local regulations.
7. DATA SECURITY
REGINETTA HOTEL takes appropriate technical and organizational measures, in
accordance with applicable legal provisions (in particular: Art. 32 GDPR), to protect your
personal data against illicit or accidental destruction, alteration or loss misuse and
unauthorized access, modification or disclosure. To this end, we have taken technical
measures (such as firewalls) and organizational measures (such as a user ID/password
system, means of physical protection etc.) to ensure the ongoing confidentiality, integrity,
availability and resilience of processing systems and services. In relation to the submission
of credit card data when making a reservation, SSL (Secure Socket Layer) encryption
technology is used to guarantee a secure transaction. Organizational measures ensure the
security of the processing.
the way to configure them, please consult browsers helping tools.
9. YOUR RIGHTS
You have the right to obtain information about and access your personal data collected by
REGINETTA HOTEL, subject to applicable legal provisions. Also you have the right to
have your personal data rectified, erased or have the processing of it restricted.
Furthermore you have the right to data portability. You can also object to the processing of
your personal data.
In the event that you wish to exercise any of your above rights, please contact our DPO
directly by sending an email to : [email protected] , or by writing to the
REGINETTA HOTEL Data Privacy Officer,14, ST.VIITORULUI,BUCHAREST, ROMANIA
For the purposes of confidentiality and personal data protection, we will need to check
your identity in order to respond to your request. In case of reasonable doubts concerning
your identity you may be asked to include a copy of an official piece of identification, such
as an ID card or passport, along with your request. A black and white copy of the relevant
page of your identity document is sufficient.
All requests will receive a response as swiftly as possible, but no longer than 30 days.
You also have the right to lodge a complaint with A.N.S.P.D.C.P.
We may modify this charter from time to time. Consequently, we recommend that you
consult it regularly, particularly when making a reservation to our hotel.
11. QUESTIONS AND CONTACTS
For any questions concerning REGINETTA HOTEL personal data protection policy, please
contact our DPO