Through this Privacy Notice we want to provide you details about the processing of your personal data in the context of the purchase of Therme’s products and services both online (through the website or Therme applications) and physically, when you visit us.
We also inform you about the data processing activities when using our alternative systems of purchase and payment of products and services, such as automated systems that are found in the reception area of Therme Bucharest complex.
WHAT ARE THE CATEGORIES OF DATA THAT WE PROCESS?
When you make online orders, we process the following personal data:
*Bank data is not stored in Therme computer systems. The data is processed through an authorized payment processor that complies with the PC-DSS standard. Therme stores only the card token and its expiration date;
When you purchase products and services directly from the Therme Bucharest complex, we can process the following personal data:
*Bank data is not stored in Therme computer systems. The data is processed through an authorized payment processor that complies with the PC-DSS standard. Therme stores only the card token and its expiration date.
In order to comply with the entry conditions in the Therme Bucharest complex, we may ask you to confirm the eligibility of the purchased tickets, by presenting the following documents:
We may ask you to submit these documents (at the time of your visit) for our legitimate interest in allowing access to age-restricted areas or offering discounts to eligible people.
Refusal to submit these documents may result in refusal to grant the benefits purchased or in the process of being purchased.
The aforementioned supporting documents are not recorded or stored in our systems.
THE USE OF AUTOMATION SYSTEMS IN PURCHASING AND PAYMENT PROCESSES
1. Self check-in
Therme offers you a check-in device located in the cash register area that helps you purchase your tickets without the help of Therme staff, thus shortening the time spent at cash registers.
The system uses a computer interface that allows you to select the services you want and make the payment. The check-in system does not process any personal data other than that necessary in relation to the services selected and the details of the card payment.
After this point, the sales process continues at the cash registers, in order to get the bracelet and allow access to the Therme Bucharest complex.
The use of this service is optional and can be used as an alternative to the conventional sales process.
2. Vending machine
It is another IT system located in the cash registers area that you can use to activate tickets purchased online at the time of your arrival at the location. The system scans the QR code on the online ticket, reads and verifies the information on the ticket in the online store’s computer systems and releases the access bracelets. The sales process continues at the cash registers, in order to activate the bracelet and allow access to the Therme Bucharest complex.
3. Self check-out
This IT system is located in the exit areas and allows you to make the payment of the consumption recorded on the bracelet. Subsequently, the bracelet must be handed over to Therme staff at dedicated cash registers. Processing data refers to the data recorded on the bracelet throughout the visit and the details of the card payment.
4. Self invoice
This IT system can be used by you to request and generate your tax invoice. In this regard, the system allows you to scan the tax receipt to provide the necessary information regarding the payment. At the same time, for confirming the company’s data, the system is synchronized to the ANAF database.
The system allows entering additional personal data you want on your invoice, First name and last name, address (for individuals). First name and last name, serial number and ID number (for persons delegated in relation to a company).
WHY DO WE PROCESS THIS DATA?
We need this information for the management of commercial relations and the fulfillment of legal obligations:
WHAT ARE THE LEGAL GROUNDS ON WHICH WE PROCESS YOUR DATA?
We process your data for the fulfillment of our contractual obligations toward you in the context of the purchase of Therme’s products and services as well as for the fulfillment of legal obligations arising from the sales activity.
We also process your data on the basis of our legitimate interests such as:
WHO ELSE HAS ACCESS TO YOUR PERSONAL DATA?
Personal data may also be accessed by other third parties to the extent that this is reasonably necessary in accordance with the purposes set out in this notice.
HOW DO WE MANAGE INTERNATIONAL DATA TRANSFER?
As a rule, for this processing activity, your personal data is stored and processed on servers and in physical locations in Romania and the European Union.
HOW LONG DO WE KEEP YOUR DATA?
We keep the data that is necessary for tax purposes according to the legal provisions under national and European law, at least 10 years after the issuance of the supporting documents containing them. After the expiry of this period, the data will be destroyed safely within 1 year according to the internal storage policy.
Data that is not subject to legal regulations are assigned retention periods in accordance with the purposes for which they are used. The need to retain these categories of data is reviewed periodically.
WHAT ARE YOUR RIGHTS?
For the purposes of using your personal data for the purposes mentioned, you have the following rights:
UPDATING THE PRIVACY NOTICE
The information presented in this Privacy notice will be reviewed periodically to reflect any changes in current processing activities.
Please visit this page periodically to make sure you always have up-to-date information.
However, if we intend to significantly change the way we use your personal data, we will notify you in advance.
Last update: April 2022