Within this privacy notice we would like to provide you with details on the processing of your personal data in the context of participation in marketing events organised by Therme and Therme partners.
By participant we mean any natural persons such as customers, employees, service providers, organizers, etc., including minors under the age of 16, if applicable.
By marketing events we refer to any event such as a contest, campaign, party, image promotion, products and services organized, both online through the website, social networks (Facebook, Instagram, Youtube, etc.) and physically, in the locations of Therme Bucharest Complex or in other event venues.
We also refer to both public and private events.
To learn more about how we protect your personal data, we recommend that you read this Information notice together with our Privacy Policy.
Depending on the nature of the event, we may further inform you about the processing of your personal data by adding relevant content in regulations, contracts, agreements, information notes/panels or other media used in the organization of events.
WHAT ARE THE CATEGORIES OF PERSONAL DATA THAT WE PROCESS?
Before organising an event, we always make sure that we only process your data that is necessary to fulfil the stated purposes. We do not collect excess data for which there are no well-defined purposes.
Depending on the nature of the event, we may process the following categories of personal data:
WHY DO WE PROCESS PERSONAL DATA?
We process this data for purposes such as:
WHAT ARE THE LEGAL GROUNDS ON WHICH WE PROCESS YOUR DATA?
The legal grounds which we rely on when processing your data vary depending on the nature of the event, the activities, the stages as well as the purposes of the processing.
We use consent as a legal basis for processing only when you can freely and unconditionally consent to the processing of your data. This context gives you the possibility to withdraw your consent at any time of the processing, without affecting the lawfulness of the processing conducted up to that point. If you are a minor (under the age of 16), a parent or legal guardian has to give consent.
Performance of a contract may be another legal basis we use in marketing events whenever the processing of your data is conducted in close connection with compliance with contractual terms and conditions agreed by you in advance (acceptance of terms and conditions, signing of contracts, agreements etc.).
There may also be situations in which data processing is necessary for the fulfilment of a legal obligation for which Therme is responsible (e.g., fiscal, financial-accounting, physical and cyber security, archiving etc.).
We may also process your data based on our legitimate interests such as:
Where we use legitimate interest as a legal basis for our activities, we are committed to protecting your data so that the processing does not override your interests or fundamental rights and freedoms.
WHO ELSE HAS ACCESS TO YOUR PERSONAL DATA?
Your personal data may be disclosed, as appropriate, to the following categories of recipients:
-marketing partners (other Therme group companies, collaborators, partners, joint controllers, organisers, co-organisers, consultants and marketing specialists, etc.);
-service providers (IT service providers, web application and tool providers, Therme data processors, cloud storage and data transfer service providers, etc.);
For details of our data processors, please see the list of Therme's data processors within the Privacy Policy.
Your data as well as media materials may also be disseminated in the public space, from social media (Facebook, Instagram, YouTube), websites, magazines, publications, billboards, etc. and physical locations that can be accessed by an unlimited number of people.
HOW DO WE MANAGE INTERNATIONAL DATA TRANSFER?
As a rule, we process your personal data on the territory of Romania, the European Union and countries that offer an adequate level of protection according to the decision of the European Commission.
Depending on the nature, context and location of the marketing event, your personal data may also be disclosed to international destinations that do not provide an adequate level of protection, such as the United States. In this situation, for the protection of your data, we will take additional protection measures.
To learn more about the conditions under which we may transfer your data to third-party destinations, please refer to the “International data transfer” section of the Privacy Policy.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Data retention periods vary depending on the purpose for which the data is processed and may be influenced by the nature of the event and the legal grounds we use.
So, the criteria based on which we determine the retention or deletion of data are:
Retention periods are assigned to data processed on basis of legitimate interests in accordance with the purposes for which they were collected. We periodically evaluate storage periods to ensure that we only keep data for as long as necessary for the purposes intended.
WHAT ARE YOUR RIGHTS?
Depending on the legal grounds on which we process your data, you have the following rights:
The rights mentioned are not exclusive. Therme will analyse each request individually and will respond to the data subjects considering the nature and context of the processing.
FILMING AND PHOTOGRAPHING EVENTS
Marketing events include promotional and marketing media activities ("media activities") for which photographs and videos ("media materials") are taken that capture the highlights of the events, including images that contain personal data about you (image, voice or other information about you that may be revealed in recordings), including minors present at the event.
Media activities can be conducted by Therme, Therme representatives or other organizers/partners carrying out activities in Therme locations.
In case the event is organised in association with other organisers/partners, the media materials will be used by all parties involved for the purpose of promoting the event or for their own marketing activities. Each party is responsible for the way it uses the media materials.
Legitimacy conditions regarding the processing of media materials
a) Therme's and Therme partners' legitimate interest.
Media activities are carried out based on Therme's and/or Therme partners' legitimate interest to organize and promote events in public and private spaces or other internal marketing purposes of the parties involved (e.g. promoting the current event or similar events in the future, improving Therme's or Therme partners' image and reputation, etc.).
You may object at any time to the use of media materials in which your personal data is disclosed if you believe it violates your right to privacy or significantly affects your rights and freedoms. In this situation, Therme, will review your request and, where possible, stop the processing and order the deletion of the data concerning you. However, there may be certain situations in which Therme will continue to use media materials when there is a well-founded legitimate interest (for example when more than one person appears in the recordings and your data. Where there is a legitimate interest (e.g. where more people appear in the recordings and your personal data cannot be deleted, extracted or anonymised without affecting the usefulness of the recordings, or where the media materials have been disseminated in the online environment or public space where Therme has no control to order their deletion, or where discontinuing the use or deletion of the media materials would require a disproportionate effort or would cause material, financial, or reputational harm to Therme or its partners).
Therme will review each situation individually to ensure that your legitimate interests do not override your rights and freedoms.
b) Consent given in advance
In situations where it is desired to collect and use media material that specifically targets you (close-up shots) for professional use for marketing purposes, without strictly related to the event itself, Therme may request your prior written consent by providing you with an image release or a similar document. For children under the age of 16, consent must be authorized by a parent or legal guardian. In this situation you have the right to withdraw your consent at any time without affecting the lawfulness of the processing prior to the consent being given.
How the media materials are used
Therme will transmit, distribute, broadcast, communicate media materials in good faith and without further formalities (notifications, agreements, contracts, etc.), both in public and private spaces:
- online/internet/media environment - including but not limited to websites, social networks (e.g. Facebook, Instagram, Twitter, Linked-In, etc.), radio, television or any other online tools that can be accessed globally by an unlimited number of people.
- offline environment, for internal use within Therme and Therme Group - any written medium, magazines, posters, flyers, books, public or private locations, fixed and mobile equipment, etc.
Therme may make derivative works of any kind from the collected media, which it may use as mentioned above.
Media materials will be used in joined, combined, modified, continuous or interrupted form, etc. without territorial limitation.
Since the purposes for which the media are used are varied and the exact period of use cannot be determined in advance, Therme will keep the media indefinitely.
UPDATING THE PRIVACY NOTICE
The information presented in this Privacy Notice will be reviewed periodically to reflect any changes in current processing activities.
Please visit this page periodically to make sure you always have up-to-date information.
However, if we intend to significantly change the way we use your personal data, we will notify you in advance.
Last update: June 2022