Introduction

Thank you for your interest in our company, clubs and/or events we organize. When you enter in any kind of relationship with us, you provide us with your information. The information presented in this document (hereinafter referred to as `Privacy policy`) is important. We recommend you to read it carefully.

The purpose of this Privacy policy is to explain what kind of data we process (collect, use, share), why we process them, in what way we process them, your rights under GDPR and the way you can exercise these rights. When collecting this information, we are acting as a controller, and, therefore, we are bound by law to provide you with this information. 

The personal data protection and privacy is very important for us. Being deeply aware that personal information belong to you, we do the best we can to store them safely and process them carefully. We do provide third parties with information without informing you under the legal provisions. We do not take automated exclusive decisions with significant impact on you. 

By visiting the website, by filling in a form on our websites, by booking a table, by registering or participating in an event or by interacting with us through any means and/or through any communication means (e-mail, telephone, social network etc.), you agree with this Privacy policy and give consent including to the use of your data for advertising or marketing purposes, as we described below in the sections dedicated to Marketing and Advertising. If you do not agree with the abovementioned clause from our Privacy policy, please do not contact us, do not visit our locations or do no participate in any event organized by us. 

 

Other services

This Privacy policy does not cover the applications and the websites of other third parties which you may come across by accessing the links on our website. This exceeds our control. We encourage you to carefully read the Privacy policy of any website/application before providing your personal data.

 

Who are we?

High Entertainment Concept SRL, having its headquarters in Municipiul Curtea de Argeş, B-dul BASARABILOR, Camera 1, Bloc A1, Scara B, Etaj 4, Apartament 31, Județ Argeş, registered with the Trade Office under no.J3/363/2015, fiscal identification code34215829, is responsible for processing your personal data we collect directly from you or from other sources. 

According to the legislation, our company is controller of personal data. So that your data are processed under safe conditions, we have made every effort to implement reasonable and adequate technical and organisational measures to protect your personal data. 

 

Who are you?

According to the applicable legislation, the natural personal who participates in our events, the representative or the contact person of a company, the website’s visitor or any person being involved in any kind of relationship with our company, you are `data subject`, in other words,  an identified or identifiable natural person. In order to be completely transparent in relation to the processing of data and to allow you to easily exercise your rights at any time, we implemented measures to facilitate information, please access Sections 7, 10 and 11 of this document.  

 

Our commitment

Your personal data protection is very important for us. This is why we committed to comply with the European and national legislation on personal data protection, especially with the Regulation (EU) 679/2016, also known as GDPR and with the following principles:

 

  • Lawfulness, fairness and transparency 

We process your data lawfully and fairly. We are always transparent regarding the information we use, and you are duly informed. 

 

  • You have control

Within the limits of the law, we offer you the possibility to examine, rectify, erase the personal data you shared with us and to exercise other rights. For more information, access Sections 7, 10 and 11 of this document.  

 

  • Data integrity and purpose limitation

We use data only for purposes described at the moment of collection or for new purposes compatible with the previous ones. In all cases, our purposes are in accordance with the legislation. We take reasonable measures to ensure that personal data are accurate, complete and up-to-date.

 

  • Security

We implemented reasonable security and encryption measures, so that your personal information are best protected. Nevertheless, please remember that no website, no application nor internet connection is completely safe.

 

  • Amendments

We can bring amendments to this Privacy policy at any time. All upgrades and amendments brought to this Policy are available immediately after notification, which will be carried out by publishing it on the website and/or by e-mail.

 

  • Questions and requests

If you have questions or unclarities regarding the processing of your personal data or if you which to exercise your legal rights concerning the data we store or if you have concerns related to the way we deal with any privacy matter, you can write to us at dpo@facecorporate.com.

 

Your information 

  • What kind of information we collect about you?

When you navigate our website, when you fill in a form on our website, when you register as a member on one of our websites, when you book a table, when you connect to our WIFI free address in locations, when you participate in an event or when you send us a request by e-mail or you contact us by phone or you contact us for any other purpose and using any other means of communication, you can share with us your personal data, which we collect directly from you or form other sources, such as:

  • Last name and first name;
  • Age;
  • E-mail address;
  • Phone number;
  • Postal code;
  • Booking date;
  • Date of birth;
  • Position you have in a company;
  • Location. 

 

Most information we collect directly from you (e.g., by filling in a form on the website). Most information are the one described above, but there can be situations when we collect data from third parties (i.e. partners, advertising platforms), such as, information regarding purchases and interests. 

Beside the information described above, we may also collect the following information, depending on the situation: 

  • The way you interact with the our website/websites or with adds (e.g., information on how and when you access our website or what device you are using to access the website);
  • information provided when you fill in forms or questionnaires;
  • The content of messages sent using messaging and e-mail systems;
  • The interaction between you and us on social networks (e.g., likes, shares, comments);
  • Information we collect about you from other companies of the group or third companies which obtained you consent or detain another legal right to share these information with us (including partners/publishing or advertising platforms and data aggregators which have obtained the right to do so).

It is possible that we collect information through cookies or other similar technologies, such as:

  • IP address
  • Internet browser
  • Location
  • Web pages you access on our website

In case you visit our locations or you participate in our events, we will collect the images resulted from using CCTV systems. In this respect, we record and store CCTV images inside and around our clubs/locations in order to ensure your safety and the safety of other clients and of our personnel, as well as to detect and prevent possible offences or to solve possible complaints.

Our security personnel can wear cameras, which can record videos and photos.

You may be personally identified on this kind of images during your visit (e.g., your face may be visible on the recorded material, according to the devices used, position, light conditions etc.).

We have to collect CCTV footage for your safety, the safety of other clients and of our personnel. If you do not agree with us collecting and processing this information, we will have to refuse your access in our locations.

 

  • Why are we collecting this information?

We collect personal data for the following purposes:

  • To process bookings;
  • To organize events;
  • To conclude or execute a contract between you and us;
  • To answer to your questions and requests and to provide the client support service;
  • For marketing purposes, but only when we have your prior consent or when there is a legal exception from obtaining the said consent;
  • To offer and improve our services;
  • To diagnose or remedy technical problems;
  • To defend ourselves against cyber attacks;
  • To comply with the legislation, for example compliance with tax legislation which requires us to keep the accounting documents for a period of 10 years,
  • To establish or to claim a right before the court;
  • For analytical and research purposes;
  • To carry out events, promotions and competitions;
  • To prevent crimes, deception or frauds;
  • To protect your safety, the safety of our personnel and of other clients, as well as to detect and prevent crimes/offences or to solve possible complaints.

 

  • Which is the legal basis for processing?

We may use the following legal bases depending on the case:

 

  • The consent for processing personal data;

Nevertheless, please remember that when you are our client, we may send promotional messages (direct marketing) by e-mail, sms or other means of communication (i.e. Whatsapp) concerning similar events, without needing prior consent, under Article 12 (3) of Law no. 506/2014. 

However, in all cases, you can refuse direct marketing and/or withdraw consent at any time by following the unsubscribe instructions (`unsubscribe`) of every e-mail or by sending a written request at dpo@facecorporate.com

For example, we can use your consent to collect personal data when connecting to the WIFI network while visiting our location, which we use for behavioural marketing and advertising through our partners from smrtwifi.ro. For more information, please access Section 9 – Marketing.

  • The processing is necessary to conclude or execute a contract between you and us, for example in case you book a table for an event organized by us and we need your information to process the booking. 
  • The processing is necessary for our or other party’s legitimate purposes, except the case when you interests, rights or freedoms prevail.

When we use the legitimate interest, we carry out an analysis of the legitimate interest (balance test) through which we weigh our interest against yours. Where our interests prevail, we will use the legitimate interest. Where your interests prevail, we will not use legitimate interest, and if we are not able to identify another adequate legal basis, we will not carry out that processing activity. 

Currently, we make use of legitimate interest for CCTV monitoring, audio and video content capturing (images, videos etc.) from our events and for online marketing activities and behavioural advertising. 

  • The processing is necessary in order to comply with legal obligations (e.g., compliance with tax legislation which requires us to keep the accounting documents for a period of 10 years or to provide certain information to the competent public bodies and institutions);
  • In some situations, the processing can be necessary in order to protect your vital interests or the interests of another natural person;

Please remember that obtaining the consent is not mandatory, and we will proceed to obtain your consent only when we didn’t succeed in using another legal basis. 

 

  • How long are we storing the data?

We store your personal data only for the period necessary to fulfil the purposes, but no more than 5 years from the termination of the contract or from your last interaction with us. 

At the end of this period the personal data will be destroyed or erased from the informational systems or transformed into anonymous data in order to be used for scientific, historical or statistical purposes.

Please remember that in some situations expressly regulated, we store the data for the period required by law.

  • How do we share your information with the others?

We can disclose your data, under the applicable law, to our business partners or other third parties. We are permanently making reasonable efforts to ensure that these third parties implemented adequate protection and security measures. We concluded with these third parties contractual clauses so that your information is protected. In these situations, we will make sure that any transfer is legitimate, based on your consent or other legal basis.

For example, we could provide your information to other companies, such as IT services or telecommunications, accounting, legal services providers or to other third parties with which we have a contractual relation. These third parties are carefully selected so that your data are processed only for the purposes we specify. 

We could also share your data with business partners as a result of a common effort to offer a product or a service.

Although very unlikely, we could sell in the future the business or a part of the business, situation which will involve the transfer of your data. 

We can also send the data to other parties, according to your consent or instructions, for example in case you make a portability demand.  

We will also disclose your personal information to the prosecutor’s office, police, courts and other authorised bodies of the state, under and within the legal provisions and following expressly made requests.

We will make sure, within reasonable limits, that your data do not leave the European Economic Area, but, in case we will transfer data towards other states outside EEA, we will make sure, in all cases, that the transfers are legitimate and based on your explicit consent or other legal basis.

 

Marketing

If we obtained your prior consent, one of our partners obtained your consent for marketing activities from us or you are already a client of the company, we can use direct marketing and targeted advertising technologies, using the information collected about you regarding interests, preferences, purchases, age, location etc. For example, we could send e-mails, we could show adds on our website or on social media or we could place adds on third websites, in applications or on other devices connected to the internet. 

  • What kind of data are we collecting for marketing?

In order to carry out the activities of direct marketing or targeted advertising, we could use the following information:

  • information collected through cookies or other similar technologies (location, device, navigator, age etc.);
  • Your purchases, the way you interacted with our goods and services and the feedback you sent us;
  • Age, country, region, sex;
  • Other information obtained from our third marketing partners, information they obtained with your consent. 
  • Marketing partners

Our marketing partners, such as Facebook, Google and/or other agencies help us send marketing towards you on the basis of the information they directly collected from you with your consent. In some cases, we are the ones to share information we collected from you. We make sure, in all cases, that these transfers are legal, as we explained at point 8.5. 

Our partners can place adds concerning our services and products, depending on the data previously collected from you (interests, preferences) on other websites and/or services. Our marketing partners can also use the information collected about you in order to improve the services and/or algorithms (including the algorithms based on artificial intelligence). 

This privacy policy does not contain information related to the way our partners process your data, but we encourage you to read the privacy policy of our marketing partners for more information. 

  • How can you stop direct marketing?

You can object to direct marketing and/or withdraw consent at any time by following the unsubscribe instruction of every e-mail or message (`unsubscribe`) or by sending such a request at  dpo@facecorporate.com. In order to deactivate advertising based on interests, please see Our cookies use policy. 

 

  • Which are your rights?

Your rights set out by the GDPR Regulation are the following:

  • The right to withdraw consent

You can withdraw consent to the processing of your personal data by sending a request in this respect at the e-mail address dpo@facecorporate.com.

However, please remember that if we identified another legal basis for processing your data, we will continue to process them under this legal basis. We have the legal possibility to use one or more bases for processing your data. 

  • The right to be informed about the processing of your data
  • The right of access to data

You have the right to obtain from us a confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to that data and information provided byArticle 15 (1) of GDPR. 

  • The right to rectification of inaccurate or incomplete data

You have the right to obtain from us, without unjustified delays, the rectification of inaccurate personal data concerning you.

  • The right to erasure (‘right to be forgotten’)

In situations provided byArticle 17 of GDPR, you have the right to request and obtain the erasure of personal data. 

  • The right to restriction of processing

In situations provided byArticle 18 of GDPR, you have the right to request and obtain the restriction of processing. 

  • The right to send the data we have concerning you to another controller (`the right to data portability`)

In situations provided byArticle 20 of GDPR, you have the right to request and obtain the portability of data. 

  • The right to object the processing of data

In situations provided byArticle 21 of GDPR, you have the right to object the processing of data. 

  • The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. 
  • The right to access justice to defend your rights and interests.
  • The right to lodge a complaint with an supervisory authority

 

Name Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Address B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, cod poștal 010336, București, România

Telephone: +40.318.059.211 sau +40.318.059.212

E-mail: anspdcp@dataprotection.ro

 

Please remember that:

  • You can withdraw consent for direct marketing at any time by following the unsubscribe instructions of every e-mail/sms or other electronic message or by the following ways:
  • The message `STOP` in any communication (message) by Whatsapp, Instagram, Facebook Messenger and other means of communication. 
  • By sending an e-mail in this respect at the e-mail address (a se indica adresa) with the title `unsubscribe`. To successfully unsubscribe, we may also need other information, as we will explain as follows. 
  • The rights listed above are not absolute. There are exceptions, this is why every request received will be analysed so that we can decide if it is duly justified or not. If the request is justified, we will facilitate the exercise of your rights. If the request is not justified, we will reject it, but we will inform you on the reasons of the rejection and on your rights to lodge a complaint with the Supervisory Authority and to access justice.
  • We will try to answer the request within a month. However, the delay can be extended depending on different aspects, such as the complexity of the request, the large number of requests received or the impossibility to identify you within a reasonable period of time. To unsubscribe messages, we will try to answer within maximum 24 hours.  
  • If, despite all our efforts, we are not able to identify you and you do not provide us with additional information in order to proceed with the identification, we are not required to receive the request.

If you want to exercise your rights, you can do this by sending a written request, duly signed and dated, at the e-mail address dpo@facecorporate.com

 

Questions, requests and exercise of rights 

If you have questions or unclarities regarding the processing of your personal data or if you want to exercise your legal rights or you have any other concern related to the privacy, you can write to us at dpo@facecorporate.com

 

Also, the contact data of our data protection officer are:

Name: Emil Mirea

E-mail address: dpo@facecorporate.com

Telephone: 0730.400.800


Congratulations! You reached the end. Thank you for making time to find out how we protect your personal data!

Policy drawn up for HIGH ENTERTAINMENT CONCEPT SRL by LegalUp.ro .