Through this Privacy Notice we would like to provide you with details about the processing of your personal data when you use our wifi data network.
When you visit the Therme Bucharest complex, we provide you with a wifi data network, that you can use throughout your visit.
Access to the wifi network is granted only by using an account that allows you to connect to our network in adequate security conditions.
For this processing activity we carried out a Data Protection Impact Assessment analysis in order to identify and mitigate the risks associated with the processing of these categories of data.
WHAT ARE THE CATEGORIES OF PERSONAL DATA THAT WE PROCESS?
In order to create your account and connect to the WiFi network, we process the following categories of data:
WHY DO WE PROCESS THIS PERSONAL DATA?
The required identification and contact data is necessary to manage the process of connecting to the data network.
The purpose of the registration data processing is to prevent and investigate illegal activities that may occur through our wifi network.
The information collected will only be accessed at the request of the competent authorities.
WHAT ARE THE LEGAL GROUNDS ON WHICH WE PROCESS YOUR DATA?
We rely on our legitimate interest as a legal basis for data processing in order to keep records of the use of our data network. These records are necessary for defending legal rights or other similar legitimate interests, where there are suspicions or allegations of unlawful use of the Therme data network, by the competent authorities.
WHO ELSE HAS ACCESS TO YOUR PERSONAL DATA?
Personal data may also be accessed by other third parties, to the extent that this is reasonably necessary in accordance with the purposes mentioned in this Privacy Notice.
IT service providers will mainly have access to this data.
Your data may also be made available to the competent authorities only when there are requests to investigate illegal activities from them.
HOW DO WE MANAGE INTERNATIONAL DATA TRANSFER?
As a rule, for this processing activity, your personal data is stored and processed on servers and in physical locations in Romania and the European Union.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The recorded data is automatically deleted after a period of 1 year.
WHAT ARE YOUR RIGHTS?
For using your personal data for the purposes aforementioned, you shall have the following rights:
UPDATING THE PRIVACY NOTICE
The information presented in this Privacy Notice will be reviewed periodically to reflect any changes in current processing activities.
Please, visit this page periodically to make sure you always have up-to-date information.
However, if we intend to significantly change the way we use your personal data, we will notify you in advance.
Last update: April 2022