PRIVACY POLICY



1. General provisions

1.1 The confidentiality of personal data is one of the concerns 360 YACHT SUPPLY SRL. As such, we want to make sure the highest standards of confidentiality, integrity and transparency regarding the personal data that we process in our activity.
1.2 Since in carrying out the activity it is necessary to process a series of data with personal character with predilection in relation to the specifics of our object of activity we want to assure you that the processing will take place in accordance with the principles transparency and security of personal data. This policy of privacy is meant to help you understand what data we collect, why we also collect what we do with them.

2. Who are we?

2.1 360 YACHT SUPPLY SRL (hereinafter "the Company") is a Romanian company, with headquarters in place. Dragan Valley no. 226, Cluj County, registered in the Register Trade with no. J12 / 3182 / 09.08.2019 and having CUI: 34814275.
2.2 The company acts as the operator of personal data collected through the website www. www.topcarrentals.ro (the “Site”).
2.2 The operator has the obligation to administer safely and only for for the purposes specified, the personal data that users of the Site provide.

3. What data do we process?

Last name, last name, phone number, email address, flight number or details related to arrival / departure (place, date and time of picking up and handing over the car).

4. For what purpose do we process this data?

4.1 We process this data for the purpose of providing the services for which you opt in customer quality.
4.2. We also process your contact details so that we can contact you in in case of cancellation of a reservation and / or in case any problem related to your reservation
4.3 We may also process your data in order to send you offers promotional or commercial messages, if you agree to do so.
4.4 In addition to the purposes mentioned above, the Company may process data with personal data collected also taking into account the following purpose:

  1. To fulfill our obligations as a result of the services provided (eg accounting, tax, audit, etc.) these are always compatible with the main purposes for which the data were collected.
  2. To the extent that the data subject has given his or her consent to processing of your personal data for one or more purposes specific;
  3. For any other purpose other than the above, or for any other purpose for which we have been provided with personal data, in compliance with the legislation in matter.

4.5 In situations where we use your data for purposes other than those mentioned in We undertake to obtain your consent to this Policy, unless which we have a legal obligation or we have another legal basis for processing data.

5. How long is the personal data collected stored?

5.1 We process your data for one year from the time you have made a reservation with us on the site.

5.2 To the extent that you have given your consent to receive newsletters from Top Car Rentals, our email address will be processed by us for this purpose until withdrawal of consent.

6. What is the legal basis for processing each category of data?

6.1 The company processes your data on the following legal grounds:

  • with the consent of the persons concerned; (Art. 6.1 letter a) of the Regulation 679/2016)
  • based on a contractual obligation (a contract between the company / organization you and a customer); (Art. 6.1 letter b) of Regulation 679/2016)
  • to comply with a legal obligation (provided for in EU law or in national legislation); (Art. 6.1 letter c) of Regulation 679/2016)
  • for the legitimate interests of the Company , but only after we have ensure that this does not adversely affect the rights of and fundamental freedoms of the persons whose data we process.

7. How do we collect your personal data?

7.1 We collect your personal data, either directly from when you make a reservation with us on the site or give your consent to receive newsletters from us.
7.2 We collect your personal data automatically and automatically when use our services on the Company's website, we collect information through through cookies and by logging in your activity. For more information regarding the use of cookies, please consult Art. 9 of this Policy confidentiality.
7.3 If you choose to provide us with other people's personal data, we will assume responsibility for how you obtained this data and that you have a legal basis for their processing, we cannot be held responsible for violating the rights of those persons.

8. How and where do we store personal data?

8.1 We use a type service to store the personal data you provide us cloud provided by Amazon Web Services EMEA SARL, and the data is stored on its servers in Ireland.

9. Use of cookies

9.1 The site contains cookies (very small files that the Company transmits to the computer of the users of the Site or to another access device).
9.2 These cookies are of two types:

  • Functionality cookies: These cookies enhance the experience Site users browse the Site and allow them to benefit from various functionalities;
  • Performance cookies: These cookies are used to measure and analyze how the Company's customers use the Site. Through these cookies- The way the Site works and the experience can be continuously improved users of the Site.

9.3 At the time of use of the Site, the consent of the users of the Site will be requested about placing and accessing these types of cookies on their device their next visit to the site.
9.4 Information on deleting and controlling cookies is available on www.AboutCookies.org. Delete cookies or block them cookies may prevent access to certain areas or features on Site.
9.5 For more details please see our Module Policy cookies.

10. To whom do we disclose personal data?

10.1 In order to fulfill the processing purposes, Compania SRL discloses the data your personal information i) to the rental companies from which you rent car or ii) to third parties or entities that support the Company in carrying out the activity, or to central / local public authorities, in the following exemplary cases listed:

  1. To our service providers and contractual partners, for example: marketing and advertising service providers; IT service provider; courier services, payment services, banking services, etc. This data will be provided to the extent necessary and only under a commitment of confidentiality from the contractual partners, through which guarantees that this data is kept secure and that it is processed do according to the legislation in force;
  2. To accountants, auditors, lawyers, insurers or other such advisors external to the Company. This data will be provided to the extent that it is necessary and only on the basis of a confidentiality commitment from the party contractual partners, which guarantees that this data is kept in safety and that their processing is carried out in accordance with the legislation in force;
  3. Public authorities, institutions and bodies, if requested from them or to the extent that there is a legal obligation from our part;

11. Information security

11.1 We work hard to protect the site and our users, as well as all personal data collected in accordance with this Policy, from unauthorized access or modification, unauthorized disclosure or destruction of the information we hold.
11.2 In this regard:

  1. The company certifies that it meets the minimum security requirements for personal data, the data being processed in a way that ensures protection against unauthorized or illegal processing and against accidental loss, destruction or damage by taking technical measures or appropriate organizational requirements;
  2. The data storage systems used have back-up mechanisms in place to ensure the redundancy of the stored data;
  3. We regularly review the practices of collecting, storing and processing information, including physical information, as well as security measures to prevent unauthorized access to systems;
  4. We restrict the access of our employees and contractors to your personal information, and our contractual relations with such persons are subject to strict rules regarding the obligations of contractual confidentiality, including the sanction of termination of contracts;

12. Your rights in connection with the processing of character data personal:

12.1 If you have given your consent to the processing activities, you can withdraw your consent at any time. This withdrawal will produce effects only for the future and will not affect the lawfulness of processing before withdrawal his.
12.2 To the extent that your consent is withdrawn, the Company will prohibits the processing of your personal data and will undertake all actions to delete all records containing this data. With all these, if the processing is mandatory for the provision of services by The company and this can be done on the basis of other legal provisions, the Company will proceed with such processing and will notify you accordingly.
12.3 In accordance with the legal provisions, you have the following rights:

  1. Right of access. The right to obtain from us, upon request and free of charge, confirmation that the data concerning you is or is not being processed by company and the right of access to such data, unless these requests are repetitive or made in bad faith.
  2. Right to information about the identity of the operator, the purpose for which it is processes the data, the recipients or the categories of recipients of the data, the existence of the rights provided by the GDPR and the conditions under which they can be exercised.
  3. Right to rectify - you may request the rectification of inaccurate personal data.
  4. The right to delete data ("the right to be forgotten"). Based on this right you can delete the data if it has not been processed legal or in other cases provided by law.
  5. The right to restrict processing. You can request at any time restricting the processing if you dispute the accuracy of the data, as well as in other cases provided by law.
  6. Right to object. Right to object at any time for any reason substantiated and legitimate reasons for the data to be processed, with unless otherwise provided by law.
  7. Right to data portability. You may request and receive, under certain conditions, the personal data you have provided to us, in a readable format automatically or you can request that the data be passed on to another operator.
  8. Right to file a complaint - you can file a complaint about the manner processing of personal data at the National Supervisory Authority of Processing of Personal Data or you can contact the courts judgment.
  9. The right not to be subject to additional automated or profiling decisions related to automatic decisions. The right to request and obtain withdrawal, annul or re-evaluate any decision which has legal effect, adopted exclusively on the basis of the processing of personal data, performed by automatic means, intended to evaluate some aspects of his personality, such as professional competence, credibility, behavior or other such issues;
12.4 If you wish to exercise the rights set forth above, please contact the person responsible for the protection of personal data using the following contact details:

  • E-mail: office@dpsolutions.ro
  • Address: Valea Draganului no. 226, jud. Cluj.
12.5 You can also file a complaint regarding the processing of your data with the National Authority for the Processing and Supervision of Personal Data (B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, postal code 010336, Bucharest, Romania, www.dataprotection.ro , anspdcp@dataprotection.ro) .

13. The principles on which our data protection policy is based:

  1. The processing of personal data will be done in a legal, fair and transparency;
  2. The collection of personal data will be done only for specified, explicit purposes and legitimate and data will not be further processed in a manner incompatible with those purposes;
  3. The collection of personal data will be adequate, relevant and limited to the information necessary for the purpose of processing;
  4. Personal data will be accurate and, where necessary, updated;
  5. All necessary steps will be taken to ensure that the data is incorrect are deleted or corrected without delay;
  6. Personal data will be stored in a form that allows the person to be identified and for a period not exceeding that in which the personal data are processed;
  7. All personal data will be kept confidential and stored in a manner that provide the necessary security;
  8. Personal data will not be shared with third parties unless is necessary for the purpose of providing services in accordance with the agreements;
  9. Data subjects have the right to request access to personal data, their rectification and deletion, opposition or restriction from data processing as well as data portability law.

14. Direct marketing emails

14.1 The company has the right to send customers marketing emails with their consent. This specific form of consent must be given in freely, informed, specifically and precisely. These requests are then met when customers chose to receive marketing emails (actively approved).
14.2 Customers will always have the right to object, upon request and free of charge, to processing personal data for direct marketing purposes without having to provide concrete justifications. Customers can do this by clicking on the link "Unsubscribe" that appears in the e-mails we send or can send you send an e-mail to the e-mail address office@dpsolutions.ro Once the client has objected, that customer's personal data will no longer be processed for marketing direct.
14.3 Marketing emails contain information that we find interesting for customers, as well as breaking news about our products and services.

15. Changes

15.1 This policy will be updated periodically, subject to functional changes what may occur, legislative or internal. If changes occur material, customers will be notified by e-mail or through the website beforehand for the changes to take effect. We encourage customers to check this page regularly to be informed of the latest practices our privacy policy.