Privacy policy

Data Policy

Privacy Policy — Accommodation in Bucharest

Legal · Accommodation in Bucharest

Privacy Policy

Last updated: June 2026  ·  Website: www.accommodationinbucharest.com

01Who we are

This Privacy Policy applies to www.accommodationinbucharest.com (the "Website"), privately operated, hereinafter referred to as the "Operator", "we", or "us".

Email: adela.accommodation@gmail.com
Phone: +40 722 521 550

This Policy explains what personal data we collect from Guests and Website Users, why we collect it, how long we keep it, who we share it with, and what rights you have regarding your data, in accordance with Regulation (EU) 2016/679 (the "GDPR") and applicable Romanian law.

02What personal data we collect

Depending on how you interact with the Website, we may collect:

  • Identification and contact data: full name, email address, phone number, country of residence.
  • Booking data: dates of stay, number of guests, selected Property, special requests, communication related to the booking.
  • Identity document data: photographs/copies of valid identity documents (ID card or passport) for all guests staying at the Property, collected before check-in, as required by Romanian legislation on the registration of accommodated persons.
  • Payment data: bank transfer details necessary to process payment. We do not collect or store full bank card numbers; payments are made via bank transfer directly to our account.
  • Technical data: information automatically collected when you browse the Website, such as IP address, browser type, device type, and pages visited (see Section 8, "Cookies").

03Why we process your data and on what legal basis

Purpose Legal basis (GDPR Art. 6)
Managing and confirming bookings, communicating with you about your stay Performance of a contract — 6(1)(b)
Issuing invoices and accounting records Legal obligation — 6(1)(c)
Registering guests with the competent local authorities, as required for short-term accommodation in Romania Legal obligation — 6(1)(c)
Preventing fraud and verifying guest identity before check-in Legitimate interest — 6(1)(f)
Responding to questions, complaints, or requests sent to us Legitimate interest / contract
Sending marketing communications (only if you opt in) Consent — 6(1)(a)
Operating and improving the Website (analytics, if enabled) Consent, where required

04Who we share your data with

We do not sell or rent your personal data. We may share personal data with the following categories of recipients, strictly for the purposes described above:

  • Our bank, for processing bank transfer payments.
  • Our accountant / accounting service provider, for invoicing and bookkeeping purposes, in compliance with Romanian tax legislation.
  • Competent local/national authorities, where required by law, for the registration of accommodated guests (e.g., tourist registration obligations applicable to short-term accommodation providers in Romania).
  • IT service providers, where applicable (e.g., website hosting, email service providers), acting under our instructions and bound by confidentiality obligations.

We do not transfer personal data outside the European Economic Area (EEA). If this changes in the future, this Policy will be updated to describe the safeguards applied (e.g., Standard Contractual Clauses).

05How long we keep your data

  • Identity documents and booking records: kept for the duration required by Romanian legislation on accounting and fiscal records (generally up to 10 years from the end of the financial year in which the transaction occurred), and as required for tourist registration obligations.
  • Communication records (emails, messages related to your stay): kept for a reasonable period after your stay, generally up to 2 years, to handle any follow-up questions, complaints, or disputes, unless a longer retention period is required by law.
  • Marketing consent: kept until you withdraw your consent (see Section 7, "Your rights").

After the applicable retention period expires, personal data is securely deleted or anonymized.

06Data security

We apply reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or disclosure, including limiting access to identity documents and payment-related information to those strictly necessary for managing your booking.

While we take reasonable steps to protect your data, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

07Your rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase your data ("right to be forgotten"), where applicable;
  • Restrict the processing of your data in certain circumstances;
  • Object to processing based on legitimate interest, including direct marketing;
  • Data portability, where technically feasible;
  • Withdraw consent at any time, where processing is based on consent (e.g., marketing communications), without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us at adela.accommodation@gmail.com. We will respond within the timeframes required by the GDPR (generally within one month).

Right to lodge a complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal – ANSPDCP), www.dataprotection.ro, or with the competent supervisory authority in your EU country of residence.

08Cookies and similar technologies

The Website may use cookies — small text files stored on your device — to ensure its proper functioning and, where applicable, to understand how visitors use the Website.

  • Strictly necessary cookies: used to enable core functionality of the Website (e.g., security, basic navigation). These do not require consent.
  • Analytics and marketing cookies (e.g., Google Analytics, Facebook Pixel, or similar tools): if such tools are used on the Website, they will only be activated with your prior consent, collected via a cookie consent banner, in accordance with Law No. 506/2004 on the processing of personal data in the electronic communications sector.

You can manage or disable cookies at any time through your browser settings. Disabling certain cookies may affect the functionality of the Website.

Before publishing: verify which cookies/analytics tools are actually active on the Website (e.g., by checking your website builder or hosting platform settings) and update this section accordingly, including a cookie consent banner if any non-essential cookies are used.

09Children's data

The Website and its booking services are intended for use by individuals who are at least 18 years old. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

10Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. The updated version will be published on the Website with a revised "Last updated" date.

11Contact

For any questions about this Privacy Policy or how your personal data is processed, please contact us at:

Email: adela.accommodation@gmail.com
Phone: +40 722 521 550