S.C
Privacy Policy

This Privacy Policy defines how we, SC Z TOUR SRL, collect, store and use your personal data when you access or interact with our website www.ztour-travel.ro, and from where we obtain or collect your data. This Privacy Policy is applicable as of May 25, 2018.

Content
• Summary
• Details about our company
• What information we collect when you visit our website
• What information we collect when you contact us
• What information do we collect when you interact with our website
• What information do we collect when placing an order on our website
• Use of automatic decision-making systems
• How we collect information about you from third parties
• Disclosure and additional uses of your data
• Duration of your data storage
• Securing your information
• Transfer of your data outside the European Economic Area
• Your rights to personal data
• Your right to object to data processing for certain purposes
• Sensitive personal data
• Changes to our privacy policy
• Confidentiality of minors
• Copyright

Summary
This section summarizes how we obtain, store and use your data. This summary is intended to provide only a general picture of the privacy policy. This section is not a complete description and it is necessary to read the additional chapters present in this document for completions.

The data operator: SC ZTOUR SRL
How we collect or obtain information about you:
o when you provide the respective data (eg: by contacting us, by accessing, ordering or purchasing different services and Z Tour products, by filling in the offer request form, by creating an account on the website, by registering in the company database to receive information marketing regarding our services and products, by filling in online or offline forms for registration in advertising lotteries and events (eg fairs), by completing the form for issuing the loyalty card; o when you access our site, some data is collected through cookies; and o from third parties: tour operators and resellers, Z Tour agents in the franchise system.
What information do we collect:name, first name, telephone number, home address, e-mail address, series and no. identity card, series and no. passport, CNP, IP, date of birth, age of children, union membership, place of work, company name (if applicable), VAT registration number (if applicable).
How we use your data: for business and administrative purposes (especially to contact you and to process the orders you place on our site), to fulfill our contractual obligations, to promote goods and services ours and in connection with our legal rights and obligations.
Disclosure of user data to third parties:the minimum necessary to fulfill the contractual obligations we have towards you - to the hotel, transport, tourist service providers, for the operation of the business, for compliance with the legal obligations.
Your data is not sold to third parties.
How long your information is stored: no more than necessary - according to our legal obligations (eg to maintain accounting records), or according to any other basis on which we use the information (eg, consent, contractual obligations) , legitimate interests). Information about specific periods of user data storage is in the Duration section of your data storage.
How your data is secured: by using technical and organizational solutions such as: storing information on secure servers, encrypting data transfers to and from our servers using SSL technology, encrypting payment transactions on site using SSL technology, allowing access to your personal data only when necessary, encrypting personal data, encrypting emails, pseudonymizing and / or anonymizing personal data.
Use of cookies and similar technologies: we use cookies and similar technologies for collecting information, such as web beacons, on our website including essential, functional, analytical and targeting cookies. For more information, please access our cookie policy here: https://www.ztour-travel.ro/page/cookie.html
Transferring your personal data outside the European Economic Area: we will transfer your personal data outside the European Economic Area only if we are obliged to do so by law or in order to perform contractual obligations towards you - when we do so, we ensure that there are adequate protection measures, for example: the protection of personal data to partners outside the European Union is regulated by standard contractual clauses for the transfer of personal data from the Community to third countries.
Use of automatic decision making processes: we use automatic decision making processes in relation to our website, for example: using Web Analytics tools, cookies, web beacons or using targeting cookies to display ads to people who visit our site on other websites (for example, by using the Google AdSense network).

Your rights regarding your personal data:

o You have the right to access your data and receive information about its use
o you have the right to request the correction and / or completion of the information (the right to rectification)
o you have the right to request the deletion of data (the right to be forgotten)
o you have the right to restrict the use of the data
o you have the right to receive the data in a portable format
o you have the right to object to the processing of your data
o you have the right to withdraw your consent to the processing of your data.
o you have the right to call a supervisory authority

Sensitive personal information: we collect what is commonly referred to as "sensitive personal data", for example: data on membership of unions. For more information, see the main section entitled "Sensitive personal information".

Details about our company
The data operator regarding our site is: Z TOUR SRL, with headquarters in Cluj county, Cluj-Napoca, Str. Anatole France Nr. 62, Romania. You can contact the data operator by writing to the above address or by e-mail at protectiedate@ztour-travel.ro . If you have any questions regarding this privacy policy, please contact the data operator.

What information we collect when you visit our website
We collect and use information from website visitors in accordance with this section and with the section titled Disclosure and additional uses of your data.
Web server log information
We use a third party server to host our website, called ECOWORKS SRL, whose privacy policy is available here: https://www.ecoworks.ro/politica-confidentialitate. Our website server automatically records the IP address you use to access our website, as well as other information about your visit, such as pages accessed, information requested, date and time of request, source of access to the site- our website (for example, the website or URL (link) that refers to our site) and the version of the browser and operating system.
Use information from the logs of the website server for IT security purposes
Our provider collects and stores server logs to ensure the security of the IT network. This includes analyzing log files to help identify and prevent unauthorized access to our network, distributing malicious code, predicting DDOS attacks and other cyber attacks, by detecting unusual or suspicious activities.
If we do not investigate a suspicious or potential criminal activity, we do not allow or allow our provider to make any attempt to identify you based on the information collected through the server logs.
The legal basis for processing: compliance with the legal obligations to which we are subject (Article 6 (1) (c) of the General Data Protection Regulation). Legal obligation: registration of access to our website using server log files is a technical measure to ensure an adequate level of security to protect the information collected from our site in accordance with Article 32 (1) of the General Regulation on data protection.

Cookies and similar technologies
Cookies are data files that are sent from a website to a browser to record user information for different purposes.
We use cookies on our website, including essential, functional, analytical and targeting cookies and web beacons. For more information on the use of cookies, see our cookie policy, which is available here: https://www.ztour-travel.ro/page/cookie.html . You can reject some or all of the cookies we use on our website by changing your browser settings or you can disable non-essential cookies using our cookie control tool, but by rejecting them you can affect the functioning of the website or some features of the website. For more information about cookies, including changing your browser settings, visit www.cookiebot.com or see our cookie policy.

The information we collect when you contact us
We collect and use the information from the persons who contact us in accordance with this section and with the section entitled Disclosure and additional uses of your information.
E-mail
When you send a message to the e-mail address displayed on our site, we collect your e-mail address and any other information you provide in that e-mail (such as your name, your account number, telephone and the information contained in any signature block in the e-mail).
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: To answer the questions and messages we receive and to keep the correspondence record.
The legal basis for processing:it is necessary to execute a contract or to start the contracting process at your request (Article 6 (1) (b) of the General Data Protection Regulation). The reason why it is necessary to perform a contract: if your message is about the supply of goods or services or taking measures at your request before providing you with our goods and services (for example, providing information about such services) goods and services); we will process your information to do so).
Transferring and storing your information
We use a third-party email provider to store the emails you send to us. Our e-mail provider is ECOWORKS SRL. Its privacy policy is available here: https://www.ecoworks.ro/politica-confidentialitate.
The e-mails you send to us will be stored inside the European Economic Area on ECOWORKS servers in Germany.
Contact form
When you contact us using the contact form, we collect: first name, last name, e-mail, telephone number. We also collect any other information you provide to us when you complete the contact form in the field of observations.
If you do not provide the information requested by the contact form, you will not be able to send it and we will not receive your request, therefore we will not be able to respond.

The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to answer the questions and messages we receive and to keep track of the correspondence.
The legal basis for processing:it is necessary to execute a contract or to start the contracting process at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary for the performance of a contract: if your message is about the provision of goods or services or taking measures at your request before providing you with our goods and services (for example, providing information about such services) goods and services); we will process your information to do so.
Transferring and storing your information
The messages you send us through our contact form will be stored inside the European Economic Area on the servers of the hosting provider - ECOWORKS SRL in Germany. Their privacy policy is available here https://www.ecoworks.ro/policy-confidentiality
Phone
When you contact us by telephone, we collect your telephone number and any information you provide to us during the conversation with us. We record phone calls.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)
Legitimate interest: to answer the questions and messages we receive and to keep the correspondence evidence.
The legal basis for processing: it is necessary to execute a contract or to start the process of hiring a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to execute a contract: if your message is about the provision of goods or services or taking measures at your request before providing you with our goods and services (for example, providing information about such services) goods and services); we will process your information to do so).
Transferring and storing your information
Information about your call, such as your telephone number and the date and time of your call, is processed by our telephone service provider, Ada Voice, which is located in Romania. Its privacy policy is available here https://rovoice.com/contact/policy-of-confidentiality/
• Post
If you contact us by post, we will collect all the information you provide to us in any postal communications you send us.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation)
Legitimate interest: to answer the questions and messages we receive and to keep the correspondence evidence.
The legal basis for processing: it is necessary to execute a contract or to start the process of hiring a contract at your request (Article 6 (1) (b) of the General Data Protection Regulation). The reason why it is necessary for the performance of a contract: if your message is about the supply of goods or services or taking measures at your request before providing you with our goods and services (for example, providing information about such services) goods and services); we will process your information to do so).

The information we collect when you interact with our site
We collect and use data from persons who interact with certain features of our website, in accordance with this section and with the section entitled Disclosure and further use of your information.
newsletter
When you subscribe to our newsletter to receive information about promotions, events or contests from us through the subscription forms or any other form on which you can express your consent to register in the database we collect names, first names , email.
Legal basis for processing: your consent (Article 6 (1) (a) of the General Data Protection Regulation).
Consent: You will consent to receive our newsletter, by signing up to receive it, using the steps described above.
Transferring and storing your data
We use a service provided by a third party to send our newsletter and to manage our email list, Active Soft. Its privacy policy is available here: https://www.mailagent.ro/en/politica-confidentialitate.
The information you send to subscribe to our newsletter will be stored in the European Economic Area on the servers of our provider, in Romania.
Use of web beacons and similar technologies in emails
We use technologies such as web beacons (small graphic files) to measure the performance of our emails such as delivery rates, opening rates and click-through rates and unsubscribe rates, links with which the customer has interacted. We will use web beacons to measure interceptions in a newsletter.
For more information on how we use web beacons in our newsletter emails, check out our cookie policy, which is available here: https://www.ztour-travel.ro/page/cookie.html For more information about our newsletter providers and the use of web beacons, see the privacy policy available here: https://www.mailagent.ro/en/policy-confidentiality
Registration on our site
When registering and creating an account on our site, we collect the following information: first name, last name, e-mail address, telephone.
If you do not provide all the information required by the registration form, you will not be able to register or create an account on our website.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: registration and administration of accounts on our website to allow you to access the history of purchased services and invoices and the list of tourist services preferences.
Transferring and storing your data
The information you provide to us through the registration form on our website will be stored in the European Economic Area on the servers of the web hosting service provider ECOWORKS SRL in Germany. Its privacy policy is available here: https://www.ecoworks.ro/politica-confidentialitate

The information we collect when placing an order on our website
We collect and use the information from the persons who place an order on our website in accordance with this section and the section entitled Disclosure and additional uses of your data. Information collected when placing an order
Necessary information
When placing an order for goods or services on our website, we collect: name, first name, date of birth, (data for other tourists for whom booking is made, including minor details), e-mail, telephone, billing address, name company (if applicable) - unique identification code and registration number in the Trade Register.
If you do not provide this information, you will not be able to purchase our goods or services on our site or enter into a contract with us.
Legal basis for processing: necessary for the performance of a contract (Article 6 (1) (b) of the General Regulation on data protection).
The reason why it is necessary for the execution of a contract:we need the mandatory information collected through our verification form to determine who the contractor is and to contact you to fulfill our obligations arising from the contract, including sending receipts and confirming orders.
The legal basis for processing: compliance with a legal obligation (Article 6 (1) (c) of the General Regulation on data protection).
Legal obligation: we have the legal obligation to issue you an invoice for the goods and services you have purchased from us, in which you are registered for VAT purposes and we request the mandatory information collected for this purpose by our payment form.
Optional information
Also, please express your consent if you wish to receive marketing communications from us. For more information, see the "Marketing Communications" section below.
The legal basis for processing: our legitimate interests (Article 6 (1) (a) of the General Data Protection Regulation).
Legitimate interests: you agree to process any optional information you provide by sending this information to us, so that you may be permanently informed about our offers and services.
Payment processing
After placing an order on our website, you will have to pay for the goods or services you ordered. To process your payment, we use third party payment processors: SC Romcard SA . Your payment will be processed by those mentioned above. Payment can also be made by bank transfer, payment order and online bookings - with payment directly to your own Z TOUR agencies (not franchises).
The payment processors mentioned above collect, use and process your information, including payment information, in accordance with their privacy policies. You can access the privacy policies through the following links: https://www.bancatransilvania.ro/politica-prelucrare-si-protectie-date-personale/
Transferring and storing your information
Romcard is located in Romania. The information regarding the processing of your payment is stored in the European Economic Area on the Romcard servers in Romania.
The legal basis for processing: necessary for the performance of the obligations arising from the contract with you (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to execute a contract: to fulfill your contractual obligation to pay the services you have ordered from us.

Marketing communications
At checkout you will have the option to receive marketing communications from us.
Transferring and storing your information
We use a service provided by a third party to manage our email list: Active Soft. The information you send to subscribe to our newsletter will be stored in the European Economic Area on the servers of the third-party administrator of the e-mail list in Romania.
Our goods and services You can sign up to receive marketing communications from us regarding our goods and services by email, text message, phone, and posting, by filling out the form and ticking the box indicating that you want to receive such communications.
We will send you marketing communications regarding our goods and services only if you sign up to receive them.
The legal basis for processing: consent (Article 6 (1) (a) of the General Data Protection Regulation).
Consent: You consent to send us information about our goods and services by registering to receive such information in accordance with the steps described above.

Information collected or obtained from third parties
This section sets out how we obtain or collect information about you through third parties.
Information received from third parties
In general, we receive information about you from third parties. Those third parties from which we receive data about you are, in general, group companies, affiliates, business partners or persons who purchase our services (and) on your behalf.
It is also possible that third parties with whom we do not have had no previous contact to provide us with information about you.
The information we obtain from third parties will generally be your name and contact details, but will include any additional information about you that will be provided to us.
Legal basis for processing: it is necessary to execute a contract or take measures at your request to conclude a contract (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary for the performance of a contract: if a third party has transmitted information about you (such as your name and e-mail address) to provide you with services, we will process your information to get measures at your request to conclude a contract with us (as the case may be).
The legal basis for processing: consent (Article 6 (1) (a) of the General Data Protection Regulation).
Consent: if you have requested that a third party disclose information about you and the purpose of disclosing this information is not related to the performance of a contract or service by us to you, we will process the information based on your consent, that you grant by requesting the third party in case to transmit your information to us.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate Interests: If a third party has disclosed to us information about you and you have not consented to the transmission of such information, we will have a legitimate interest in processing that information under certain circumstances.
For example, we will have a legitimate interest in processing your information to fulfill our obligations arising from the subcontract with the third party, if the third party has the main contract with you. Our legitimate interest is to fulfill our obligations within our subcontract.
Similarly, third parties may transmit information about you to us if you have violated or could violate any of our legal rights. In this case, we will have a legitimate interest in processing this information to investigate and prosecute any such potential breach.

If we receive information about you by mistake
If we mistakenly receive information about you from a third party and / or have no legal basis for processing such information, we will delete your information.
Information obtained from us from third parties
In certain circumstances (for example, to verify the information we hold about you or to obtain the missing information we need to provide a service), we will obtain your information from certain publicly accessible sources, both from EU, as well as outside the EU, such as public institutions / authorities.
In certain circumstances, we will also obtain information about you from private sources, both within the EU and outside the EU, such as: insurance companies. This data will only be processed with your explicit consent.
Legal basis for processing: it is necessary to perform a contract or take measures at your request to conclude a contract (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary to conclude a contract: if you have concluded a contract or have requested to conclude a contract with you in certain circumstances, we will obtain information about you from public sources to enable us to understand your business and provide services to a standard sufficient for you. For example, we will obtain and / or verify your e-mail address from your web site if you ask us to send you information via e-mail and we do not have or need confirmation of your email address.

The legal basis for processing: our legitimate interests (Article 6 (1) (b) of the General Data Protection Regulation).
Legitimate interests:In certain circumstances, we will have a legitimate interest in obtaining information about you from public and private sources. For example, if you have violated or suspect that you have violated any of our legal rights, we will have a legitimate interest in obtaining and processing information about you from these sources, to investigate and track down any suspected or potential violations.
The legal basis for processing: consent (Article 6 (1) (a) of the General Data Protection Regulation).
Consent: it is possible to obtain information from third parties, if you agreed to communicate this data to us through, expressing your consent e.g. Checking a box that tells you that you want your information to be shared with us.
Use of automatic decision-making mechanisms
We use automatic decision making mechanisms on our website. We do not consider this to have a legal effect on you or affect you in a similar way.
You have the right to oppose our use of automatic decision making and profiling mechanisms described in this section. You can do this by giving up cookies and similar technologies, in accordance with the method described in the relevant section of this privacy policy. If you do not want us to process your real IP address (usually the IP address assigned by your Internet Service Provider) when you visit our site, you may use a private virtual network (VPN) or a free service, such as Tor .
You can learn more about the use of cookies and similar technologies (including the legal basis for their use) and how to dispose of them in the cookie policy, available here: https://www.ztour-travel.ro/page /cookie.html

Automatic decision-making mechanisms
Automatic decision-making mechanisms are those decision-making mechanisms by technological means (through a machine) without human involvement.
Use of automatic decision-making mechanisms for advertising
We automate the display of advertisements containing our products and services on other websites you visit through the use of cookies. For more information on the types of cookies we use, see our cookie policy, available here: https://www.ztour-travel.ro/page/cookie.html Logic involved: automatic display of ads to people who Visiting our site increases the efficiency of advertising and is more economical for us than manual display or other advertising methods. Significance and expected consequences: Cookies will be used to acknowledge that you have visited our site to display advertisements (unless you have blocked such cookies) and will collect information about your online behavior .
How to oppose it: You can block these types of cookies by using your browser settings. For more information, see our cookie policy: https://www.ztour-travel.ro/page/cookie.html

Further disclosure and use of your data
This section sets out the circumstances under which we will disclose your data to third parties and any additional purposes for which we use your data.

Disclosure of your information to service providers
We use a number of third parties to provide us with services that are necessary to run our business or to help us run our business and that process your information for us on our behalf, namely:
• Telephone service providers
• Email service providers
• IT service providers
• Website developers
• Web Hosting Provider (s)
• Marketing service providers
• Email marketing service provider
Your information will be shared with these service providers, where necessary to provide the service you have requested, whether this request is accessing our site or ordering goods and services from us.
We do not display the identity of our service providers publicly, for security reasons and for competitiveness reasons. If you would like further information about the identity of the service providers, please contact us directly through our contact form on the page https://www.ztour-travel.ro/contact.html or by e-mail at the protected address @ ztour -travel.ro and we will provide you with such information if you have a legitimate reason to request this.
The legal basis for processing: legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: if we share your information with these third parties in a different context than if it is necessary to perform a contract (or following your request to do so), we will share your information with such third parties to enable us to run and manage the business efficiently.
Legal basis for processing: it is necessary to perform a contract or take measures at your request to conclude a contract (Article 6 (1) (b) of the General Data Protection Regulation). Reason for which it is necessary to perform a contract: it is possible to share information with our service providers to allow us to fulfill the obligations arising from the respective contract or to take the measures that you have requested before entering into a contract with you.
Disclosure of your information to other third parties
We disclose your information to third parties in certain circumstances, as shown below. Providing information to third parties, such as Google Inc., Facebook. Google collects information by using Google Analytics on our website. Google, Facebook, uses this information, including IP addresses and cookie information, for a variety of purposes, such as improving the quality of our services and your browsing experience. The information is collected by Google and Facebook anonymously.
The legal basis for processing: our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation). Legitimate interests: improving the quality of our services.
Sharing your information with third parties, which are either related to or associated with the operation of our business, if necessary for us. These third parties include consultants, affiliates, business partners, independent contractors and insurers. Further information on each of these third parties is presented below.

The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: the efficient operation and management of our business.
consultants
Occasionally, we get advice from consultants, such as lawyers, audit firms, public relations professionals and sociological research firms. We will share your information with these third parties only if it is necessary to allow these third parties to provide us with relevant advice. Our consultants are located in Romania.
Affiliates
Affiliates are the persons or entities we work with to promote our business through various means, for example Z Tour agencies in the franchise system. The affiliates will share information with us and we will disclose information with them if you have expressed your interest in our products or services and to execute the contractual obligations we have towards you. Our affiliates are located in Romania.
Business partners
Business partners are the companies we work with and provide goods and services similar to those offered by us, which are complementary to our own business or which allow us to provide goods or services that we cannot offer on our own. We share information with our business partners, in case you have requested services that they provide, either independently or in relation to our own services and in order to fulfill our contractual obligations towards you. Our business partners are active in the field of tourism, hotel and transport services. Our business partners are located in the European Union and outside the European Union.2
For more information on the guarantees used when your information is transferred outside the European Economic Area, please refer to the section of this privacy policy below entitled Transferring your data outside the European Economic Area.
Independent contractors
Occasionally we use independent contractors in our business. Your information will be distributed to independent contractors only if it is necessary for them to perform the service we have contracted to perform in connection with our business.
Our independent collaborators are tour guides or accompanying groups or local representatives of the company in different tourist destinations.
insurers
We will disclose your information to our insurers if it is necessary to do so, for example: if you opt for the insurance system when purchasing a tour package, or later, in connection with a claim or a possible request we receive / we do it or in accordance with our general disclosure obligations, according to our insurance contract with them.
Our insurers are located in Romania.

The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: the efficient operation and management of our business.
The legal basis for processing: it is necessary to execute a contract (or to take measures at your request before entering into a contract) (Article 6 (1) (b) of the General Data Protection Regulation).
The reason why it is necessary for the execution of a contract: we must pass on the information to third parties (partners, insurers, etc.) in order to fulfill our contractual obligations towards you or to take measures at your request before entering into a contract.
We do not display the identity of all the other third parties with whom we can share information for security reasons and to keep the competitive advantage. If you would like further information about the identity of such third parties, please contact us directly through the contact form on the page https://www.ztour-travel.ro/contact or by e-mail at the protected address @ ztour-travel .ro and we will provide you with such information if you have a legitimate reason for requesting it and only if we shared the information with such third parties, for example).
We will disclose your information to a potential or actual buyer or seller in the context of a business sale or acquisition, a merger or a similar, actual or potential event.
The legal basis for processing:
legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest:
We allow access to information with a potential buyer, seller or similar person to allow such a transaction.
Disclosure and use of your information for legal reasons
Indication of possible criminal acts or threats to public safety to a competent authority
If we suspect that a criminal or potential behavior has occurred, we will, in certain circumstances, need to contact a competent authority, such as the police. It could be the case, for example, if we suspect that a fraud or cyber crime has been committed or if we receive threats or communications that are malicious to us or to third parties.
In general, you will only have to process your information for this purpose, if you have been involved or affected by such an incident in one way or another.
The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest:
prevention of crime or suspected criminal activity (such as fraud).
In connection with the application or potential application of our legal rights
We will use your information regarding the implementation or potential application of our legal rights, including, for example, exchanging information with debt collection agencies, if you do not pay the amounts due when you are contractually obligated to do so. . Our legal rights may be contractual (if we have signed a contract with you) or non-contractual (such as the legal rights we have under copyright or civil criminal liability).
The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: to impose our legal rights and to take measures to ensure our legal rights. In connection with a litigation or a legal or potential legal procedure
We may need to use your information if we are involved in a dispute with you or a third party, for example, either to resolve the dispute, or as part of mediation, arbitration, or a court decision or similar process.
The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest: settling disputes or possible disputes.
For continuous compliance with laws, regulations and other legal requirements
We will use and process your information to comply with the legal obligations we are subject to. For example, it may be necessary to disclose your information based on a court decision or subpoena, if we receive one.
The legal basis for processing:
compliance with a legal obligation (Article 6 (1) (c) of the General Regulation on data protection). Legal obligation : legal obligations to disclose information, established in our task by internal or international normative acts (for example in the form of an international agreement that Romania has signed).
The legal basis for processing:
our legitimate interests (Article 6 (1) (f) of the General Data Protection Regulation).
Legitimate interest:
if the legal obligations are part of the laws of another country and have not been integrated into the legal framework of Romania, we have a legitimate interest in meeting these obligations.
Duration of your data storage
This section determines how long we keep the collected data. We have set specific storage periods where possible. In case this was not possible, we set the criteria we use to determine the retention period.
Retention periods
Server logs : we keep server log information for a period of 6 months.
Information regarding placed orders: when placing an order for goods and services, we keep this information for six years from the end of the financial year in which you placed the order, in accordance with our legal obligation to keep records for tax purposes.
Correspondence: when you make a request or contact us for any reason, either by email or through our contact form or by telephone, we will keep your information for as long as necessary or until your express request to delete your data , which will be applied in conjunction with the legal obligations established in our task.
newsletter: we keep the information you used to sign up for our newsletter as long as you remain a subscriber (as long as you do not unsubscribe) or if we decide to cancel our newsletter service.

Criteria for establishing the retention periods
In any other circumstances, we will keep your information only for as long as necessary, taking into account the following:
• the purpose and use of your information both in the present and in the future (for example, if it is necessary to continue storing that information in order to continue to fulfill our obligations under a contract with you or to contact you in the future;
• if we have a legal obligation to continue processing your information (such as any record keeping obligations required by law or relevant regulations);
• if we have any basis to continue processing the information (such as your consent);
• if we have a legitimate interest in continuing to process your data;
• the levels of risk, cost and responsibility involved in continuing to hold the information.
Securing your information
We take appropriate technical and organizational measures to secure your information and to protect it against unauthorized or illegal use and accidental loss or destruction, including:
• sharing and providing access to your data to the minimum extent necessary, subject to confidentiality restrictions, where appropriate and anonymously, whenever possible;
• using secure servers for storing information;
• verifying the identity of any person requesting access to information before granting them access to information;
• the use of the Secure Sockets Layer (SSL) standard to encrypt any information you send to us through any forms on our website;
• we transfer your data only through a closed system or encrypted data transfers.
Transmission of information to us by email
The transmission of information on the Internet is not entirely secure and if you send us information via the Internet (via e-mail or any other way), you do so entirely at your own risk. We cannot be responsible for any expenses, losses of profit, damages of reputation, damages, debts or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.

Transfer of your data outside the European Economic Area
Considering the object of activity of the company, in order to respect our contractual obligations we assume towards you, respectively to ensure the tour packages you contract, we are required to transfer your personal data to our contractual partners, some of them having their headquarters outside the EEA.
Your data will only be transferred outside the EEA when you purchase tourist packages with destinations outside the EEA or when the carriers of your choice have their headquarters outside the EEA.
Guarantees (protections) used: Contractual clauses for the transfer of personal data from the European Union to third countries - in accordance with Article 46 (92) (c) of the General Data Protection Regulation.
Your rights to personal data
Subject to certain restrictions, you have the following rights in relation to your data which you may exercise by completing the forms at https://www.ztour-travel.ro/contact.html , or sending a written request sent to SC Z Tour SRL at the address: Cluj county, Cluj-Napoca, Calea Dorobantilor, no. 33-35-37, postal code 400117 or by sending an e-mail to protectiedate@ztour-travel.ro :
• request access to your information and information regarding the use and processing of your information;
• to request the correction or deletion of your data;
• request to limit the use of your data;
• receive the information you provided to us in a structured, commonly used format that can be read by a device (for example, an Excel file) and the right to transfer that information to another data controller (including to a third party data controller);
• object to the processing of your data for certain purposes (for more information, see the section below entitled "Your right to object to data processing for certain purposes"); and
• withdraw your consent to use your data at any time we rely on your consent to use or process this information. Please note that if you withdraw your consent, this will not affect the legality of the use and processing of your data based on your consent before the time you withdraw your consent.
In accordance with Article 77 of the General Data Protection Regulation, you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of residence, the workplace or an alleged breach of the general data protection Regulation .
To this end, in Romania, the supervisory authority is: www.dataprotection.ro
Verifying your identity if you request access to your information If you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so.
These measures are designed to protect your information and reduce the risk of identity fraud, identity theft or general unauthorized access to your information.

How we verify your identity
If we have adequate information about you in the database, we will try to verify your identity using this information.
If it is not possible to identify you based on this information or do not have enough information about you, we may require or certified copies of documents so we can verify your identity before you can provide access to your data.
We can confirm the exact information we need to verify your identity in your specific circumstances if and when you make such a request.
Your right to object to data processing for certain purposes
You have the following rights regarding your data which you can exercise by writing to SC Z Tour SRL at the following address: Cluj, Cluj-Napoca, Calea Dorobantilor, no. 33-35-37, postal code 400117 or by sending an e-mail to protectiedate@ztour-travel.ro
• object to the use or processing of information by us to perform a task in the public interest or in our legitimate interest, including analyzing or predicting your behavior based on your information; and
• object to the use or processing of your data for direct marketing purposes (including any profile we involve in connection with this direct marketing).
You may also exercise your right to object to the use or processing of your data for direct marketing purposes:
• by clicking on the unsubscribe link at the bottom of any marketing email we send you and following the instructions that appear in your browser, after clicking that link;
• sending an SMS message containing only the word "DEBATE" in response to any marketing communication we send by text message or by accessing the link indicated in the received SMS message; or
• sending an e-mail to protectiedate@ztour-travel.ro , asking us not to send marketing communications or by including the words "DEBATCH"; or
• by completing the form on the website https://www.ztour-travel.ro/contact.html
For more information on how you can object to the use of data collected through cookies and similar technologies, see our cookie policy, available here: https://www.ztour-travel.ro/contact.html
Sensitive personal data
"Sensitive personal data" is information about an individual that discloses racial or ethnic origin, political opinions, religious or philosophical beliefs or membership of a union, genetic information, biometric information for the purpose of uniquely identifying an individual, health information or information. regarding the sexual life or sexual orientation of a natural person. In specific situations, we collect "sensitive personal data" regarding health, membership of a union and data of minors (name, surname, age, NOC, serial number and passport number). The personal health data is provided by the users when they have special requirements regarding the transport services or the accommodation services they purchase (for example: allergies - requesting a special menu at the hotel, disabilities - requesting a hotel with a ramp, etc. . personal data on membership of a trade union process them as the basis of partnerships with trade unions, members of those unions can benefit from certain facilities and discounts. the data minors process them for developing optimal conditions for services contracted by legal representatives of minors.
If, however, you accidentally or intentionally provide us with other sensitive personal information, you will be deemed to have explicitly consented to us processing sensitive personal information in accordance with Article 9 (2) (a) of the General Regulation regarding data protection. We will use and process your personally identifiable information for the purpose of deletion.
Changes to our privacy policy
We regularly update and modify our privacy policy.
Minor changes to our privacy policy
If we make minor changes to our privacy policy, we will update the Privacy Policy with a new effective date mentioned at the beginning of it. The processing of your information will be governed by the practices established in the new version of the Privacy Policy from its effective date.
Major changes to our privacy policy or the purposes for which we process your information If we make major changes to our privacy policy or intend to use your data for a new purpose or for a purpose other than the purposes for which we initially collected it, we will notify you by email (if possible) or by posting an ad on our website. We will provide you with information about the change in the case and the purpose and any other relevant information before using your information for the new purpose. Whenever necessary, we will obtain your prior consent before using your information for a purpose other than the purposes for which we initially collected it.
Confidentiality of minors
We process data of persons under the age of 18 years, only with the consent of the legal representative, for the optimal performance of the services contracted by the legal representatives of the minors.
It is possible to receive information regarding persons who have not reached the age of 18 years by fraud or deceit of a third party. If we are notified of this, as soon as we verify the information, when the law requires it, we will immediately obtain the consent of the legal representative to use this information or, if we cannot obtain this consent, we will delete the information from our servers. If you would like to announce the receipt of information about persons under the age of 18, please do so by sending an e-mail to protectiedate@ztour-travel.ro

Z-Tour Cookie Consent

To provide you with a better browsing experience, this website uses cookies. These cookies are small files that are used by the website to remember information about your preferences regarding the processing of personal data. By using cookies the website becomes more useful by personalizing its content according to your preferences. For more information, please access the Cookie Policy & Privacy Policy. Continuation implies their acceptance.