PRIVACY POLICY


The privacy and security of your information as well as the right to your private life are very important to of Compania Hoteliera Intercontinental Romania SA, owner of InterContinental Hotel Bucharest, and to  HH Hotels (Romania) SRL, the managing company InterContinental Bucharest.


Thus, we are taking all  necessary steps to process your personal data in accordance to the principles established by the Romanian legislation regarding data protection , including the General Data Protection Regulation 2016/679 issued on April 27th, 2016  by the European Parliament and the European Council   regarding the protection of the natural persons ,personal data processing ,the free circulation of these data, and the abrogation of the Directive 95/46/CE ("GDPR").  

 

Personal data means any information concerning an identified or an identifiable - person („target person”); an identifiable person is a person that can be identified, directly or indirectly, especially by referring to an identification element, such as name, identification number, location data, an online identifier, or by referring to  one or several specific elements, inherent to his physical, physiological, genetic, mental, economic, cultural or social identity.


Personal data processing is conducted by the two associated operators: Compania Hoteliera Intercontinental Romania SA, with its registered office in Bd. Nicolae Bălcescu no. 4, Bucharest, registered under the no. J40/10364/1996 at the Trade Register, CUI 9019856 and HH Hotels (Romania) SRL with its registered office in Str. Buzești no. 50-52, Module 83, 11th floor, Bucharest, registered under the no. J40/4422/1998 at the Trade Register, CUI 10881811.


Click on one of the links below to move to a certain section:


  • Categories of processed personal data

  • Personal data of minor persons

  • Sensitive data

  • Purpose and legal grounds of  personal data processing

  • Recipients of  personal data

  • Collecting personal data from third parties

  • International transfers of personal data

  • If you provide us personal data of other individuals

  • Data storage period

  • Your rights

  • Personal data security

  • Links to other websites

  • Questions or complaints

  • Policy modifications

____________________________________________________________________________________________________________

CATEGORIES OF PROCESSED PERSONAL DATA

If you are a customer or a potential customer

We collect personal data following most of our interactions with you, as well as in connection to other aspects of our activity. Among the types of personal information we collect are the following:

  1. Name and surname, e-mail address, identity document series and number, your phone number and your address;

  2. Credit card data (type of card, credit card number, owner’s name, expiry date and security code);

  3. Information about  your stay at the hotel, including  check-in and check-out date, special requirements, special preferences;

  4. Information provided by you regarding your marketing preferences or when participating  to contests, raffles or certain promotional offers;

  5. Personal data supplied by you in order to subscribe to  a program dedicated to our members and/or to a loyalty program;

  6. pozele realizate în cadrul hotelului/restaurantelor/barurilor noastre cu ocazia anumitor evenimente; pictures taken inside our hotel/restaurants/bars when participating in certain events;  

  7. Information regarding the vehicles that you might bring on our property;

  8. Reviews and opinions regarding hotel services;

  9. Any other type of information you choose to supply us with.

Likewise, the surveillance cameras and other security measures located on our properties may capture or record images of the guests in public areas (i.e. hotel entrances, hotel lobby, elevators, restaurants, meeting rooms, health club, guest floor corridors, back of the house areas), as well as information about your location (through the images captured by the surveillance cameras, the access cards and other technologies).  

You may choose at any given moment what kind of data you wish to supply us with. Nevertheless, i should you choose not to provide certain personal data, in case the purpose of our request is to fulfill a legally binding contractual obligation or the necessary requirements to conclude a contract, it is possible that we will not be able to provide  you certain services, such as: (i) should you do not agree to give us your name, surname, e-mail address or telephone number, in case you wish to make a reservation, we will not able to make the reservation, or (ii) considering that in the registration form you must fill in at the check-in you have to enter certain personal data mandatory by the law, should you  not agree to fill in those mandatory fields, we will not be able to accommodate you in the hotel.

If you are a potential employee

We collect the information from the CV sent by you, as well as any other information transmitted along with the CV and/or collected during the interviewing

If you are a visitor of our hotel

We collect the name, surname, the series and number of your identity card (in this case, the law requires this data to be collected)

Likewise, the surveillance cameras may capture or record images of the visitors in public areas (i.e. hotel entrances, restaurants, meeting rooms, health club or lobby).

If you are a user of our site (www.eventsinbucharest.ro)

We collect the date and time when the site was accessed as well as the IP address from which it was accessed.

If you are a representative or a contact person of our suppliers or business partners

We collect the name, surname, position and any other data supplied by you or by the company you represent.

If you are an employee

Please read the privacy policy regarding employees, which was brought to your attention at the moment of your employment and is available for you, at any moment, at the Human Resources Department.

____________________________________________________________________________________________________________

PERSONAL DATA OF MINOR PERSONS

We protect the privacy of data obtained from children under 16. In case you are under 16, in order to provide any personal data you must get the consent or authorization of the parents or of the legal guardian.

____________________________________________________________________________________________________________

SENSITIVE DATA

The term „sensitive data“ refers to racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union affiliation and the processing of genetic data, biometric data, data regarding health condition,  sexual life or sexual orientation.

Generally, we do not collect sensitive information unless you wish to provide it to us. We may use the data supplied by you concerning your health condition in order to provide  better services and fulfill your special needs (for example, prepare your food excluding products you are allergic to, and/or ensure access to persons with disabilities).

____________________________________________________________________________________________________________

PURPOSE AND LEGAL GROUNDS FOR PERSONAL DATA PROCESSING

If you are a customer

  1. Reservations for hotel, restaurants and/or health-club or, in case of requesting offers for particular events or accommodation of groups of guests.

Goal: we process your personal data (i) in order to book hotel rooms/event rooms/ restaurant seats/ health-club entries or subscriptions and (ii) in order to answer to your business enquiries.

Ground: to conclude a contract in order to supply hotel services or finalize a restaurant reservation


  1. Check-in

Goal: we process your personal data in order to register/accommodate you in our hotel.

Ground: at the check-in moment, according to the legal provisions in force (link) you have the obligation to fill in the registration form which contains minimum data necessary for your accommodation.


  1. Customer service (this service refers, among others, to:  transportation service from the airport to the hotel, concierge service, customer relation service, , housekeeping service, laundry service, etc.)

Goal: we process your personal data in order to offer a pleasant experience, according to your expectations and hotel quality standards.

Ground: execution of the hotel services, as per contract.


  1. Profiling

Goal: in order to provide customized services, some of your special preferences (for example: if you prefer a room on an upper or lower floor, if you like a certain type of wine, etc.) are stored so that, when you return, we will already know your preferences

Ground: consent


  1. Feedback:

Goal: we process your personal data in order to make sure that you had a pleasant experience with us.

Ground: our legitimate interest to constantly improve our   services, according to our brand standards and guests' expectations.


  1. Marketing:

Goal: we process your personal data for marketing purposes, such as commercial newsletters and marketing communications regarding new products and services or other offers that we think might be of interest to you.

Ground: we rely on the legitimate interest of promoting our services by transmitting offers we consider as being of interest to you (See “The veto right” from the Section “Your rights”).

If necessary, according to the applicable legislation, we will obtain your consent before processing your personal data for direct marketing purposes. In this case, you have the right to withdraw your marketing consent at any time, so that you will no longer receive any marketing communication from us.

We will include an Unsubscribe link for you to access should you not wish to receive our messages anymore.


  1. Other communications: by e-mail, post, phone or SMS

Goal: these communications will be made for a specific reason such as:  (i) in order to answer to your requests, (ii) if you have not finalized an online reservation or an offer request, it is possible that we will send you an e-mail to remind you to finalize the reservation, (iii) in order to inform you on how we have managed and solved your complaints and/or incidents that have come up during your stay.

Legal ground: our legitimate interest to offer services at the highest standards by answering/solving potential requests/complaints and to   ensure you of our full availability.


  1. Analysis, improvement and research:

Goal: in order to constantly improve our services, we carefully analyze each of your complaints/suggestions, by compiling reports, identifying problems, their frequency, and finding the best solutions to solve them.

Ground: we rely on the legitimate interest to supply services according to your expectations and hotel standards.

If you are a visitor of our hotel

Goal: we process your personal data in order to observe legal obligations, as well as to assure the protection of the assets and individuals within the hotel.

Ground: our legitimate interest to ensure both the protection of the individuals in the hotel, as well as all goods pertaining to the hotel or guests/employees of the hotel.

If you are a user of our website (www.eventsinbucharest.ro)

Goal: traffic monitoring in order to identify the errors and/or any other malfunction of the site

Ground: we base this data processing activity on our legitimate interest, namely making available for you a completely functional site by repairing any error, and by continuously improving it.

If you are a representative or a contact person of our suppliers or business partners

Goal: unfolding contractual relations with our suppliers or business partners.

Ground: execution of a contract.

If you are a potential employee

Goal: evaluation of your employment application.

Ground: conclusion of a contract

If you are an employee

Please read the privacy policy regarding the employees, brought to your knowledge at the time of your hiring and available, in any moment, at the Human Resources Department.

Please read the privacy policy regarding employees, which was brought to your attention at the moment of your employment and is available for you, at any moment, at the Human Resources Department.

For all the above categories of persons, we may process your data within the context of the following activities:

  1. Restructuring or internal reorganization or some assets or shares sale:

Goal: we process your data in order to make the above mentioned operations

Ground: the legitimate interest to make the operations, especially if they would be impossible to make if your personal data is missing.

Nevertheless, we assure you that this potential processing will be made according to the current policy and by implementing specific measures to ensure confidentiality of your data.


  1. Security:

Goal: we process personal data in order to ensure the security of the goods and physical integrity of the individuals.

Ground: we rely on our legitimate interest to ensure the protection of your goods and the hotel goods, as well as the protection of the individuals on the hotel premises


  1. Legal grounds:

Goal: in some cases, we must process the supplied information, which can include personal data, in order to solve legal disputes or claims, investigate and ensure legal provisions are observed, in order to enforce an agreement or to comply with the requests of public institutions, insofar as these requests meet the conditions imposed by the law.

Ground: the processing reasons may be the legally binding conditions (in case we obliged by the law to disclose specific personal data to authorities) or our legitimate interest to solve potential disputes and/or claims.

____________________________________________________________________________________________________________

RECIPIENTS OF PERSONAL DATA

In order to provide high quality services, it is possible for us to transmit your personal information to the members of the InterContinental Hotels Group brand portfolio, to our service suppliers and to other third parties, as detailed below:

  1. Suppliers: in order to supply the requested services, in some cases, we must transmit some of your personal data to our suppliers; they are authorized representatives and process your personal data on our behalf and according to our indications (such as software suppliers, IT, accounting services, medical healthcare services).

  2. Members of the InterContinental Hotels Group brand portfolio with either similar purposes or in connection to those for which they have been collected.

  3. Group events or meetings:  if you visit InterContinental Bucharest as part of a group or to attend a conference, the information requested to plan the meeting or the group may be shared with the organizers and, as appropriate, with other participants to the meeting or part of the group.

  4. Business partners:  in some cases, we associate with other companies in order to supply products, services and offers. For example, we can arrange the rental of a car or the purchasing of city/country tours.

  5. Co-sponsors of promotions:  in some cases, we co-sponsor promotions, lotteries, raffles, competitions or contests with other companies or we can supply prizes for lotteries and contests sponsored by other companies. If you participate to such lotteries or contests, we may transmit your personal data to the sponsor we collaborating with or to a third sponsor.

Authorities ad/or public institutions for: (i) observing the legal provisions, (ii) answer to their requests, (iii) for reasons of public interest (i.e: national safety). For example, according to the regulation explained within “PURPOSE AND LEGAL GROUNDS FOR PERSONAL DATA PROCESSING" section, letter b), any hotel unit has the obligation to transmit on a daily basis the check in – check out forms for each individual client.

Your data privacy is important to us, that is why,  whenever possible, transmission of personal data according to the above mentioned will be made solely based on a privacy agreement with the receivers, which guarantees that the data is safely stored and all information is supplied  according to the current legislation and applicable policies. In any event, we will always transmit to the recipients information which is strictly necessary to accomplish a particular goal.

____________________________________________________________________________________________________________

COLLECTING DATA FROM THIRD PARTIES

In order to provide high quality services, it is possible to collect information about you from the members of the InterContinental Hotels Group brand portfolio our business partners and other third parties, as detailed below:

  1. Members of the InterContinental Hotels Group brand portfolio: for either similar goals or in connection to the ones for which the data has been collected.

  2. Business partners: such as travel agencies, companies that issue card, services provided by the social networks according to your personal settings for these services or other third sources that are authorized by law to transmit us your data.

  3. Co-sponsors of promotions:  in some cases, we co-sponsor promotions, lotteries, raffles, competitions or contests with other companies or we may supply prizes for lotteries and contests sponsored by other companies. If you participate to such lotteries or contests, we may transmit your personal data to the sponsor we are collaborating with or to a third sponsor.

Nevertheless, we assure you that your data collected from third parties will be processed under the same conditions as it had been collected directly from you. Likewise, we will collect only what is necessary to fulfill our goals. (See section “PURPOSE AND LEGAL GROUNDS FOR PERSONAL DATA PROCESSING").

Moreover, when we contact you for the first time, we will firstly communicate, the source from which we have obtained your personal data.

____________________________________________________________________________________________________________

INTERNATIONAL TRANSFERS OF PERSONAL DATA

As an international brand, we provide the same quality of services, no matter where you are: in Europe, in America or in Asia. In order to provide these services, we transfer your personal data to the members of the InterContinental Hotels Group brand portfolios well as their service suppliers.

Likewise, it is possible to transfer your data to our service suppliers and to other third parties that may have their registered office in other countries than the one you are living in.

Although the laws regarding data protection applicable in these countries may be different from the ones in your country, we will take the necessary measures to ensure that your personal data are processed according to the current policy and the applicable legislation.

____________________________________________________________________________________________________________


PERSONAL DATA OF OTHER NATURAL PERSONS

If you supply us personal data of other natural persons, please make sure you obtain their consent before disclosing their data, and communicate to them, , the way in which this data will be processed, as described in the current privacy policy.

____________________________________________________________________________________________________________

DATA STORAGE PERIOD

Your personal data are stored for the entire execution period of the goals detailed in the current policy, if a longer storage period is not necessary or permitted by the  law (for example, the surveillance cameras records will not be kept more than 30 days).

We are constantly reviewing the need of storing your personal data, and as long as processing them is not necessary anymore, and there is no longer a legal obligation to store them, we will destroy your personal data as soon as possible in such way they can no longer be recovered or reconstructed (for example, we will erase/destroy all the data concerning persons that have not been hired following interviews, if there is no real perspective for a future employment).

Should the personal information be printed, it will be destroyed in a secure way, by using a shredder, and should it be saved in an electronic format, it will be erased through technical means in order to ensure that the information cannot be recovered or reconstructed later on.

____________________________________________________________________________________________________________

YOUR RIGHTS

As data subject of the current policy, w you benefit from the following rights stipulated by GDPR:


  1. The access right: you may request us (i) a confirmation of the fact that your personal data  are processed or not, and, if so, the access to the data and information regarding it, as well as (ii) a copy of the personal data we hold (art. 15 from GDPR);

  2. The rectification right: you may inform us about any modification of your personal data or you may request us to rectify your personal data that we hold (art. 16 from GDPR);

  3. The erasure right („the right to be forgotten”): in some cases (for example (i) if the data was illegally collected, (ii) the deadline for data storage expired, (iii) you have exercised your veto right or (iv) the data processing was made based on your consent and you have withdrawn the consent), you may require us to erase your personal data that we hold. (art. 17 from GDPR);

  4. The right to restrict the processing: in some cases (for example should you question the accuracy of the data or whether the data processing was legal or not ), you may ask us to restrict your data processing for a specified period of time (art. 18 from GDPR);

  5. The right to data portability: you may require us to send your personal data to a third party or directly to you (art. 20 from GDPR);

  6. The veto right: in some cases (for example the processing of data having as legal ground the legitimate interest), you may require us not to process you data anymore (art. 21 from GDPR);

In case we are using your personal data based on your consent, you have the right to withdraw this consent at any moment. In this case, your data will no longer be processed by us, unless there is a legal provision that forces us to store and archive them. Nevertheless, we will inform you if there is such a legal provision and we will explicitly indicate it.

____________________________________________________________________________________________________________

PERSONAL DATA SECURITY

We treat very seriously your personal safety, which is why we are taking important security measures, necessary for the protection against unauthorized access to the data or the modification, disclosure or unauthorized destruction of data. This implies regular internal reviewing of data collection processes, storage and processing procedures and of the security measures in place, as well as physical security measures designed for protection against unauthorized access to the systems where we store personal data.

We require all our service suppliers, as well as business partners to take all the necessary measures for  protection against unauthorized access to the data or the modification, disclosure or unauthorized destruction of data.

____________________________________________________________________________________________________________

LINKS TO OTHER WEBSITES

Our site contains links to third party sites. Please note that we do not take responsibility for the collection, usage, storage, sharing or disclosure of data or information by such third parties. In case you use or provide information to third party sites, the terms and conditions of those respective sites shall apply.  We advise you to read carefully the privacy policy of the sites you visit before sending your personal data.


The use of the internet services provided by InterContinental Bucharest falls within the scope of the terms and privacy policy belonging to the internet suppliers. You may access those terms and policies by using the links on that service authentication page or by visiting the website of the internet supplier.

____________________________________________________________________________________________________________

QUESTIONS OR COMPLAINTS

If you have questions or concerns in relation to your personal data processing or if you wish to exercise any of the above mentioned rights, you are welcome (a) to contact us, in writing, at the following e-mail address: privacy.bucharest@ihg.com,  and we will answer in no later than 30 days from receiving the request.

Should you not have access to electronic means of communication or should you not wish to use it, you may reach us through a written request that you may leave at the hotel on 4, Nicolae Balcescu Boulevard, District 1, 010051, Bucharest Romania. For further information, you may call us at 00 40 21 310 20 20.    

Likewise, if you are not satisfied with the way your request has been solved, you may submit a complaint to the National Authority for Personal Data Processing Surveillance.

____________________________________________________________________________________________________________

POLICY MODIFICATIONS

This confidentiality policy may be modified according to the changes in the legislation regarding data policy or based on specific modifications of our services or of the organization process. In case we make material modifications to the current policy, we will publish on the landing page of our site a link leading to the revised policy. In case we make significant changes that will impact your rights and liberties (for example, should we start processing your personal data for other purposes than the above mentioned ones), we will contact you before starting this processing.

In order to help you track the most important modifications, we will include below a history of the changes so that you can easily identify the amendments brought to the current policy.

Terms and conditions | Privacy Policy

Copyright 2018 InterContinental Bucharest. This hotel is owned by SC Compania Hoteliera Intercontinental Romania SA and managed by HH Hotels (Romania) SRL