Terms and conditions

Who We Are

Blue Sky Resort Eforie SRL, with its registered office in Constanța Municipality, Veniamin Costache Street, No. 33, Constanța County, with a working point at Meduzei Street No. 1, Eforie Nord, Constanța, 905350, registered with the Trade Registry Office under number J13/925/2018, Tax ID: RO39184200, email: bskyeforienord@gmail.com, phone number: +40739914704 (hereinafter referred to as "the company," "the platform," or "the operator"), is a personal data operator.

This policy aims to inform data subjects about the conditions under which personal data is processed by the platform. This policy applies to all specific activities of the company carried out through our following websites.

The use of the services offered by the company can only be done after acknowledging these policies.

The platform is not intended for minors under 16 years of age and cannot be used by them.

Definitions

Within this policy, the terms mentioned will have the meanings specified below:

• "Personal data of the beneficiary/legal representative/conventional representative" – all personal data, regardless of its form or medium, which are: i) provided either by the beneficiary, or by the legal or conventional representative of the beneficiary; ii) provided, originated, or brought to notice in writing or verbally by the insurer of the vehicle undergoing repair or another directly involved insurer, or by public institutions/authorities/entities (police stations, prosecutor's offices attached to courts, courts, etc.);

• "Supervisory authority" – means an independent public authority established by a member state with competence to supervise the protection of personal data in the EU, in whose jurisdiction the platform, as an operator, has its headquarters and processes personal data, or the person empowered by the platform;

• "Processing" – means any operation or set of operations performed on personal data or sets of personal data, with or without the use of automated means, such as: collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction;

• "Operator" – a legal entity, such as the platform in this case, or a natural person who, alone or together with others, determines the purposes and means of processing personal data;

• "Consent" of the data subject – means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them;

• "Personal data breach" – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed;

• "Regulation" – means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

General Provisions

As we value the confidentiality of your information, the operator undertakes to comply with the provisions of this policy, as well as the provisions mentioned in the Regulation and the rules provided by domestic law regarding the processing, security, and confidentiality of personal data.

If we modify this policy, we will notify you on this page and inform you (e.g., via email or through the platform). If you do not agree with our data privacy policy or any changes to it, you can close your account by accessing your account settings and selecting account deletion, or you can request the deletion of the posted ad and the erasure of your personal data.

Purpose, Duration, Nature, Purpose, and Type of Processed Personal Data

Personal data means any data or information that helps us identify you directly (e.g., your name, surname) or indirectly (e.g., based on the profile we create to send you personalized offers). Some information is less obvious (e.g., your shopping preferences and habits, your computer’s IP address), but when associated with you, it helps us identify you and thus falls under the notion of "personal data."

Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sexual life, sexual orientation, political opinions, trade union membership, health information, and genetic and biometric data. We do not collect any information about beliefs, sexual life or orientation, political opinions, trade union membership, health information, genetic or biometric data, or criminal records.

Data We Receive Directly from You:

When you open an account on the platform
You can open an account on the platform only if you provide us with the following personal data:

• Name and surname

• Contact address

• Email

• Phone number
  The legal basis for processing is the establishment and initiation of a contractual relationship.

When you post an ad on the platform
Each time you post an ad, we will process the following data:

• Name and surname

• Email

• Phone number
  The legal basis for processing is the contractual relationship.

When you pay an invoice for services provided by us
Each time you make a payment to us, we may process the following data:

• Name and surname

• Address

• Bank account or card number
  The legal basis for processing is the contractual relationship.

Promotional campaigns
For online campaigns conducted on the platform, we may collect, depending on the campaign, the following data necessary for your participation:

• Name and surname

• Email

• Phone number
  The legal basis for processing is consent.

Accounting and reporting
We process your data (those indicated in tax invoices) for maintaining accounting records, for annual financial audits, and for submitting tax and accounting declarations to tax authorities.
The legal basis for processing is the contractual relationship and legal obligation.

Defense of rights in court
When we defend our rights in court to recover owed amounts or protect our interests against unjustified claims/complaints, we will process your data (provided to us by you) necessary for filing lawsuits, other requests, and specific documents.
The legal basis for processing is our legitimate interest.

Procedures before authorities
When required by legal provisions, we will provide the competent authorities and institutions with the data we hold and which are legally requested.
The legal basis for processing is a legal obligation.

Customer support
We may process your voice from recordings of phone conversations with you to respond to your support requests. We emphasize that we do not routinely analyze phone conversation recordings, only in cases where complaints regarding the services provided by us may arise.
The legal basis for processing is our legitimate interest.

Data Collected Automatically

Creating customer profiles for direct marketing purposes
Based on your interactions and behavior on the platform, we may collect and process data through our partners (e.g., Google) to create your customer profile for the subsequent sending of personalized offers or placement of promotional ads (via Google or Facebook).
For profiling purposes, we may process the following data:

• Based on your browsing behavior on the site, e.g., viewed ads

• Based on demographic data: age, gender, city

• Based on activity history and monetary value
  It’s important to note that you can object to profiling at any time by simply informing us. Regarding ad targeting via Facebook and Google.
  The legal basis for processing is consent.

Data collected through cookie technology
When you visit the platform as a visitor or log into your customer account, we collect data using cookies from your computer, phone, tablet, or other device ("device"), information with which we can identify you online ("online identifiers"), and which we use for profiling for direct marketing purposes:

• IP address

• Internet browser you use and the operating system version of your device

• HTTP/HTTPS protocol data

• Duration of your visit/activity on the platform’s website

• General location of the device (if geolocation is enabled) from which you connect to the platform’s site
  It’s very important to know that most devices offer the option to disable geolocation services directly from the device’s settings.
  "Cookies" – are files that a server sends to your device, placed on the platform’s site or through downloading. The way we process cookies is detailed in the cookie usage policy, available on the platform’s website.
  The legal basis for processing is the consent you have likely given us through a pop-up, email, or SMS. It’s important to note that you can withdraw your consent at any time.

Advertising
Based on your browsing and behavior on the platform, monitored through cookies, we may provide you with online ads for some of our services that may interest you or for some of the ads posted on the platform. Based on information about your browsing on the platform, we may place you in an interest group with other similar customers, based on browsing behavior, and thus deliver ads (banners) based on those interests.
You can refuse the setting of a cookie by adjusting your browser settings to generally disable the automatic setting of cookies. You can also disable cookies for a browser service provider’s advertising services (e.g., Google) by setting your browser to block cookies from that domain. Opting out of online behavioral advertising will not stop the display of general ads that are not tailored to your interests.
The legal basis for processing is the consent you have likely given us through a pop-up, email, or SMS. It’s important to note that you can withdraw your consent at any time.

Personalized Offers
We may use your email address and mobile phone number to create customer lists, and then we will use the encoded data from this list to match your data (and that of other customers in an interest group) with the data of people on Facebook, to send personalized offers through targeted ads to your Facebook account via this channel.
Additionally, on the platform’s website, we also use Facebook’s custom audience services created using your pixel data. With this service provided by Facebook, the platform, with Google’s help, can identify that you clicked on our ad on Facebook and were redirected to the platform’s site. The data collected with Facebook is used solely for compiling statistics on the success and use of our advertising campaigns on Facebook.
Separately, if you like our Facebook page by giving it a "like," we will receive this information without using it other than to communicate with you and possibly send you personalized offers through your Facebook account based on custom audiences.
The legal basis for processing is the consent you have likely given us through a pop-up, email, or SMS. It’s important to note that you can withdraw your consent at any time.

Website Security and Maintenance
We normally use the following online identifiers for the maintenance and security of the platform’s website:

• IP address

• Internet browser you use and the operating system version of the device you connect with

• HTTP/HTTPS protocol data

• Device location (if geolocation is enabled) from which you connect to the platform’s site
  These data are processed to ensure the proper functioning of the website, namely:

• Correct display of content

• Retention of your login data (when requested by you)

• Improvement of the platform’s website

• Configuration of the device you connect/authenticate from to the site’s requirements

• Ensuring the website’s security and protecting you against fraud or any IT security breach concerning the platform

• Identifying and fixing malfunctions that prevent the use of our website or your customer account
  The legal basis for processing is our legitimate interest in implementing, configuring, and maintaining the security measures of the platform’s website(s).

Data Received from Third Parties

Collected automatically from sites where real estate ads are promoted
The platform owns an application that periodically scans certain sites where any interested person posts ads regarding the intention to sell or rent properties.
This application identifies, based on pre-established algorithms, whether an ad is already in our database and, if not, copies it for inclusion on the platform. Only data expressly made public by you is copied, usually name, phone number, and email address.
The legal basis for processing is our legitimate interest in creating a database as detailed as possible.

How Long We Process Your Data

The platform processes your data for the period necessary to fulfill the purposes for which it was collected and in accordance with our personal data retention policies. In certain cases, some legal provisions may require or allow us to retain the data for a longer period.

The retention period of the data mainly depends on the following:

• The period for which we need your data to provide you with services and fulfill our obligations to you and for the purposes mentioned above in this policy;

• If you have an open customer account on the platform, we will retain your data as long as this customer account is active, but no longer than 5 (five) years from the date of your last login to the account or last activity on the platform; we will notify you before closing your customer account and deleting all data associated with this account;

• If you have given your consent to the processing of data for a longer period, we will retain the data for this entire period unless you withdraw your consent in the meantime;

• If you call the special phone numbers associated with certain ads and the phone call is recorded, we may retain the call recording for a maximum period of 1 year.

Legal or contractual obligations require us to retain your data for a certain period, for example, periods provided by law for defending our rights in court (generally, a period covering the statute of limitations).

If you deactivate your customer account on the platform and expressly request complete deletion, the data associated with your customer account will be deleted or anonymized so that you can no longer be identified in our data records, except where we are obliged to retain your data for a longer period under the law or our legitimate interest.

In this way, we will ensure you have full control over your personal data. We will collect and process your data again if you provide it to us again on the platform’s website.

For the purposes for which you have given us consent to process the data, as highlighted in the table above, we will process your data for that purpose until you withdraw your consent regarding processing for that purpose, except where we are obliged to retain this data for a longer period under the law, for reporting to public authorities, or to defend our rights in court.

We inform you that we rely on your consent when we process your data to send you:

• Personalized offers based on online behavioral advertising;

• Personalized offers based on profiling we conduct for direct marketing purposes, through SMS, email, and push-up notification channels;

• Offers based on custom audiences (on customer lists) on Facebook.

Who We May Disclose Your Data To

Your personal data may be transmitted to and processed by our trusted partners to provide you with services.

To deliver services on the platform, we will share your data with our trusted partners. We carefully select the partners and suppliers who perform operations supporting our activity on our behalf. We share with them only the personal data necessary to carry out the specific activities we entrust to them. Data collected through our ad centralization software will be made public on the platform as they are, in turn, collected from public sources.

When we outsource certain activities to our trusted partners, we make all reasonable efforts to verify in advance that they ensure the protection of your data through strict data security measures and will conclude data processing agreements with each of them. In detail, we transmit some data to third parties (our suppliers and partners) to perform the functions and services necessary for operating the platform’s activities, such as:

• The provider that ensures data storage services on external servers located in the EU;

• The provider of communication and email correspondence services located in the USA, which holds the Privacy Shield certification (EU-US Privacy Shield);

• Tourism agencies.

Transmission of data to public authorities and judicial bodies
We may transmit some of your personal data to competent public authorities or institutions when required by law (e.g., fraud investigation; prevention of money laundering; submission of declarations, financial statements to tax authorities, etc.), or we may transmit this data to judicial courts when defending ourselves in court or before other public authorities.

Access by auditors and consultants
We may transmit some of your personal data to providers of accounting, legal, human resources, audit, and banking services.

International Transfers

As a rule, your data is not stored in a country outside the European Union or the European Economic Area ("EEA"). However, some data may be transferred to our partners who assist us in operating the platform’s activities and are located outside the European Union. However, with each of these partners, we have made reasonable efforts to ensure that adequate data protection measures are in place.

More specifically, our service provider that assists us in sending you email notifications, although located in the USA (outside the EU), holds the Privacy Shield certification (EU-US Privacy Shield) in the non-HR section, thus ensuring an adequate level of data security recognized by the European Commission.

When we send you personalized offers through targeted ads, we use the custom audience function managed by Facebook, Inc., located outside the EU/EEA, which, according to publicly available information, is certified under the EU-US Privacy Shield requirements (considered to ensure an adequate level of protection for personal data transferred from the European Union to organizations in the United States). We recommend that you also consult Facebook’s privacy policy on its website.

If we transfer your data to other partners/suppliers of the platform located in countries that do not ensure an adequate level of protection for the transmitted data, we undertake to take all necessary measures to ensure that these partners/suppliers comply with the terms and conditions set out in this policy. These measures may additionally include implementing data protection standards (e.g., ISO 27001), standard contractual clauses adopted by the European Union Commission, and direct control systems for these mechanisms.

Data Security

The platform has implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized manner. We also limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know such data. They will process your personal data only on our instructions and are subject to a confidentiality obligation.

We have implemented procedures to address any suspected personal data breaches and will notify you and any competent regulatory authority of a breach when we are legally required to do so.

We may retain your data in physical or electronic format. In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Your Rights

In addition to what is mentioned in this policy, in certain circumstances, the data subject has certain rights under data protection laws regarding your personal data. These include:

Right of access
You can ask us:

• To confirm whether we are processing your personal data;

• To provide you with a copy of that data;

• To provide you with other information about your personal data, such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it, what rights you have, how you can make a complaint, where we got your data from, and whether we have carried out any automated decision-making or profiling, to the extent that this information has not already been provided to you in this policy.

Right to rectification
You can ask us to rectify inaccurate personal data. We may seek to verify the accuracy of the data before rectifying it.

Right to erasure (right to be forgotten)
You can ask us to erase your personal data, but only where:

• It is no longer necessary for the purposes for which it was collected; or

• You have withdrawn your consent (where the data processing was based on consent); or

• Following a successful right to object (see "objection" below); or

• It has been processed unlawfully; or

• A legal obligation to which the company is subject must be complied with.
  We are not obliged to comply with your request to erase your personal data if the processing of your personal data is necessary:

• For compliance with a legal obligation; or

• For the establishment, exercise, or defense of legal claims;
  There are a few other circumstances in which we are not obliged to comply with your erasure request, although these two are likely the most common circumstances where we would refuse your request.

Right to restriction
You can ask us to restrict (i.e., keep but not use) your personal data only when:

• Their accuracy is contested (see rectification), to allow us to verify their accuracy; or

• The processing is unlawful, but you do not want them erased; or

• They are no longer needed for the purposes for which they were collected, but we still need them to establish, exercise, or defend legal claims; or

• You have exercised your right to object, and verification of overriding grounds is pending.
  We may continue to use your personal data following a restriction request where:

• We have your consent; or

• To establish, exercise, or defend legal claims; or

• To protect the rights of another natural or legal person.

Right to data portability
You can ask us to provide your personal data in a structured, commonly used, machine-readable format, or you can request that it be "ported" directly to another data controller, but in any case only when:

• The processing is based on your consent or on the performance of a contract with you; and

• The processing is carried out by automated means.

Right to object
You can object to any processing of your personal data that has "our legitimate interests" as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests.
Once you have objected, we have the opportunity to demonstrate that we have compelling legitimate interests that override your rights and freedoms.

Right to lodge a complaint
You have the right to lodge a complaint with the national supervisory authority for personal data processing. Please try to resolve any issues by discussing them with us first, although you have the right to contact the supervisory authority at any time.

Right to withdraw consent
You have the right to withdraw your consent where the platform processes personal data based on it.

The data subject will not pay a fee or any other charge to access your personal data (or to exercise any of the other rights). However, the platform, as the operator, may charge a reasonable fee if the request is manifestly unfounded, repetitive, or excessive. Alternatively, the platform may refuse to comply with a request received under these circumstances.

The platform has the right to request certain information to confirm the identity of the data subject making the request and to ensure the secure provision of personal data (or to exercise any of the other rights). This is a security measure to ensure that personal data is not disclosed to persons who have no right to receive it. We may contact you to request additional information regarding your request to expedite our response.

The platform will make the necessary efforts to respond to all legitimate requests within one month. Occasionally, it may take longer than a month if the data subject’s request is very complex or if the data subject has made multiple requests. In this case, the platform will notify you and keep you updated.

Keeping in Touch

We have appointed a data protection officer. The first point of contact for all matters arising from this policy, including requests to exercise data subject rights, is the data protection department, which can be contacted in the following ways:

• By email at bskyeforienord@gmail.com

• By mail at Meduzei Street No. 1, Eforie Nord, Constanța, 905350

If you have a complaint or are concerned about how we use your personal data, please contact us first, and we will try to resolve the issue as soon as possible.

We wish you pleasant browsing!

Cookie Policy

The information presented below aims to provide visitors/users with more details about the placement, use, and management of "cookies" used by the website. There are also some useful links related to this topic.

This website uses cookies to provide visitors with a much better browsing experience and services tailored to everyone’s needs and interests.

Role of a Cookie

In what we call "Web 2.0," "cookies" play an important role in facilitating access and delivery of the multiple services that users enjoy on the internet, such as:

• Personalizing certain settings such as the language in which a site is viewed, the currency in which certain prices or tariffs are expressed, retaining options for various products (sizes, other details, etc.), authenticating users to the server (cookies help the server remember that the user is logged in and allow actions specific to authenticated users), and settings explicitly made by the user;

• Cookies provide website owners with valuable feedback on how their sites are used by users, so they can make them more efficient and accessible;

• Cookies allow multimedia or other applications from other sites to be included on a particular site to create a more valuable, useful, and enjoyable browsing experience;

• They improve the efficiency of online advertising.

What is a Cookie?

An "Internet cookie" (also known as a "browser cookie," "HTTP cookie," or simply "cookie") is a small file, consisting of letters and numbers, that is stored on the computer, mobile device, or other equipment of a user accessing the internet.

The cookie is installed through a request issued by a web server to a browser (e.g., Internet Explorer, Google Chrome) and is completely "passive" (it does not contain software, viruses, or spyware and cannot access information on the user’s hard drive).

Cookies are used by almost all websites and do not harm your system.

Components of a Cookie

A cookie consists of two parts: the name and the content or value of the cookie. Furthermore, the lifespan of a cookie is determined; technically, only the web server that sent the cookie can access it again when a user returns to the website associated with that web server.

Cookies themselves do not require personal information to be used and, in most cases, do not personally identify internet users.

Categories of Cookies

There are two main categories of cookies:

• Session cookies – these are temporarily stored in the browser’s cookie folder so that it remembers them until the user exits the respective website or closes the browser window (e.g., when logging in/out of a webmail account or social media);

• Persistent cookies – these are stored on the hard drive of a computer or device (and generally depend on the preset lifespan of the cookie). Persistent cookies also include those placed by a website other than the one the user is currently visiting – known as "third-party cookies" (cookies placed by third parties rather than the website owner) – which can be used anonymously to memorize a user’s interests, thus delivering advertising as relevant as possible to users. Third-party providers must also comply with applicable law and the website owner’s privacy policies.

Note that third parties advertising on our site (including, for example, advertising networks and external service providers such as web traffic analysis services) may also use cookies over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

Cookies can also be classified as follows:

• Strictly necessary cookies – these cookies are essential to enable you to use the site effectively, such as when purchasing a product and/or service, and therefore cannot be turned off. Without these cookies, the services available on our site cannot be provided. These cookies do not collect information about you that could be used for marketing or remembering where you have been on the internet;

• Preference cookies – preference cookies allow a site to remember information that changes depending on how the site behaves or looks, such as your preferred language or the region you are in;

• Performance and statistical cookies – these cookies allow our site to understand how visitors interact with the sites by collecting and reporting information anonymously, enabling us to monitor and improve our site’s performance;

• Marketing cookies – these cookies are used to track users from one site to another and display relevant and engaging ads for individual users.

Cookies Used:

• Category: Necessary (4)
  Necessary cookies help create a user-friendly website, enabling basic functions such as page navigation and secure access to certain areas of the website. The website cannot function properly without these cookies.

• Category: Statistical (9)
  Statistical cookies help website administrators understand how users interact with the site by collecting and reporting information anonymously.

• Category: Marketing (27)
  Marketing cookies are used to track the websites visited by the user. Their purpose is to display ads that are relevant and engaging to the user, making them more valuable to those posting ads or third parties placing ads.

Changing Cookie Preferences

Why Cookies Are Important for the Internet

Cookies are the focal point of the internet’s efficient functioning, helping to generate a friendly browsing experience tailored to each user’s preferences and interests. Refusing or disabling cookies may make some websites impossible to use.

Refusing or disabling cookies does not mean you will no longer receive online advertising – only that it will no longer be able to take into account your preferences and interests as evidenced by your browsing behavior.

Security and Privacy Issues

Cookies are not viruses!

They use plain text formats. They are not made up of pieces of code, so they cannot be executed or run automatically. Consequently, they cannot duplicate or replicate on other networks to run or replicate again. Since they cannot perform these functions, they cannot be considered viruses.

However, cookies can be used for negative purposes. Because they store information about users’ preferences and browsing history, both on a specific site and across multiple sites, cookies can be used as a form of spyware. Many anti-spyware products are aware of this and consistently mark cookies for deletion during anti-virus/anti-spyware scanning/deletion procedures.

In general, browsers have built-in privacy settings that provide different levels of cookie acceptance, validity periods, and automatic deletion after a user has visited a particular site.

Other Security Aspects Related to Cookies

In addition to the above, since identity protection is very important and a right of every internet user, it is useful to know what potential issues cookies might create.

Because they constantly transmit information in both directions between the browser and the website, if an attacker or unauthorized person intervenes during the data transmission process, the information contained in the cookie can be intercepted. Although very rare, this can happen if the browser connects to the server using an unencrypted network (e.g., an unsecured Wi-Fi network).

Other cookie-based attacks involve incorrect cookie settings on servers. If a website does not require the browser to use only encrypted channels, attackers can exploit this vulnerability to trick browsers into sending information through unsecured channels. Attackers then use the information to gain unauthorized access to certain sites. It is very important to be cautious in choosing the most appropriate method of protecting personal information.

Guidelines for Safe and Informed Browsing Due to Cookie Use

Due to the flexibility of cookies and the fact that most of the most visited sites use cookies, they are almost inevitable. Disabling cookies will not allow the user to access the most widespread and used sites, including YouTube, Gmail, Yahoo, and others.

Here are some guidelines (which you can ignore if you do not find them useful) that can ensure worry-free browsing while using cookies:

• Customize your browser settings regarding cookies to reflect a comfortable level of security for you;

• If cookies do not bother you and you are the only person using the computer, you can set long expiration periods for storing your browsing history and personal access data;

• If you share access to the computer, you might consider setting the browser to delete individual browsing data each time you close the browser. This is a way to access sites that place cookies and delete any visit information upon closing the browsing session;

• Install and regularly update antispyware applications. Many spyware detection and prevention applications include detection of site-based attacks;

• Ensure your browser is always updated. Many cookie-based attacks exploit weaknesses in older browser versions.

Possibility and Method of Stopping Cookies

We warn you in advance that disabling and refusing to receive cookies can make certain sites impractical or difficult to visit and use. Also, refusing to accept cookies does not mean you will no longer receive/see online advertising.

It is possible to set your browser so that these cookies are no longer accepted, or you can set the browser to accept cookies from a specific site. However, for example, if you are not registered using cookies, you will not be able to leave comments.

All modern browsers offer the ability to change cookie settings. These settings are usually found in the "options" or "preferences" menu of your browser.

To understand these settings, the following links may be helpful, or you can use the "help" option in your browser for more details:

• Cookie settings in Internet Explorer

• Cookie settings in Firefox

• Cookie settings in Chrome

• Cookie settings in Safari

For settings of cookies generated by third parties, you can also consult this site: Your Online Choices

Useful Links

If you want to learn more about cookies and what they are used for, we recommend the following links:

• Microsoft Cookies Guide

• All About Cookies

The IAB Romania Association provides the following site to offer more information regarding privacy related to online advertising: Your Online Choices Romania

Other Terms and Conditions

RESERVATIONS

To make a reservation, access the "Book Now" button on the site or call the phone number 0739914704.

RATES

The rates we can offer you vary depending on the type of room you choose, availability, day of the week, and season.

ARRIVAL AND DEPARTURE

Check-in to the rooms can be done starting at 2:00 PM.
Room checkout on the departure day must be completed by 11:00 AM.
Early check-in or late checkout beyond the times mentioned above is possible upon request, subject to availability, and any additional costs for these services are available at the reception.

QUIET HOURS

Maintain silence between 11:00 PM and 10:00 AM, a period considered rest time (music is allowed until 11:00 PM). Since the comfort of every guest is important to us, please respect the rest hours. If, for objective reasons, you arrive after 11:00 PM, please maintain silence.

PETS

Pets are not allowed.

SMOKING

Smoking is not permitted in the rooms or indoor areas of the property.

COMPLAINTS

Complaints regarding the quality of the tourist services provided must be made on the spot, throughout the guests’ stay at the hotel. Complaints made after the end of the stay will not be considered. Complaints regarding damage caused by theft or destruction of the guest’s belongings must be brought to the administrator’s attention within one hour of the event being noticed.

PYNBOOKING

By the terms "we," "our," "ours," we refer to the Blue Sky Resort accommodation unit.
Data Controller: The Blue Sky Resort accommodation unit operates the reservation system through a data processor, as explained below. Under GDPR regulations, the accommodation unit is the data controller and the one that determines the purpose and means by which data processing is carried out.

Blue Sky Resort Accommodation Unit
Company: Blue Sky Resort Eforie S.R.L.
Address: Eforie Nord, Meduzei Street No. 1
Tax ID: RO39184200
Reg. No.: J13/925/2018

Data Processor
PYNBOOKING operates the reservation system for the Blue Sky Resort accommodation unit and is committed to protecting the confidentiality of the data provided by the system’s users. PYNBOOKING is the data processor. PYNBOOKING is empowered by the Blue Sky Resort accommodation unit to process data on its behalf.

PYNBOOKING NET SRL
Address: Bucharest, Decebal Street, No. 12
Tax ID: RO 32956788

PYNBOOKING is a hotel management tool used by those who own and/or manage accommodation units to allow users to make and manage online reservations. This document refers to the processing by PYNBOOKING of personal data collected by accommodation units using the PYNBOOKING reservation system.

What Kind of Personal Data is Requested from Users

Accommodation units using PYNBOOKING collect and store the information that users provide when making a reservation. They are asked for their name, address, phone number, and email address, financial data for payment execution when prepayment is made, and the names of the guests traveling with them. This may also include the IP address. This information is necessary and mandatory (unless otherwise specified in the dedicated fields) to process the user’s request and is stored in the PYNBOOKING system to process the reservation. If the user refuses to provide it, the request cannot be executed. Users may be contacted by those managing the accommodation unit regarding the reservation. Their personal data is also stored after the stay but will be kept only as long as necessary in accordance with legal obligations.

Personal Data Processed Directly by Third Parties

If users provide financial information (bank card details), it will be processed directly by providers with PCI Level 1 certifications (euplatesc.ro, PayPal, Authorize.net).

Personal Data of Third Parties (Reservations for Companions, Friends, Family Members, etc.)

If the user provides the data of a third party, it is presumed that they have that party’s consent and have informed them of the details in this Privacy Statement, with the data controller and processor being exempt from any liability in this regard. However, we may conduct additional checks, adopting appropriate measures in accordance with applicable law.

Purpose of Using Personal Data

Depending on the users’ requests, the collected data will be processed for the following purposes:

• Managing the reservations made, including payment execution (where applicable) and handling the user’s requests and preferences;

• Managing users’ enrollment in loyalty programs and obtaining membership status;

• Contacting users for the purposes listed here;

• Sending personalized commercial offers via electronic means if the user has given consent;

• Managing additional services;

• Conducting surveys and evaluations regarding the quality of the services provided.

Duration of Personal Data Retention

Data is retained for the time necessary to fulfill the objectives listed above, except where it is needed for a longer period and permitted by law, or unless the user requests its deletion, withdrawing their consent. The criteria for determining the duration are:

• The period during which the user has a relationship with the data controller during which they provide services (e.g., the period the user has an account in the reservation system or uses its services or the period prior to the stay);

• Where there is a legal obligation (certain laws require the data controller to retain transaction-related data for a specific period before being allowed to delete it).

Use of Users’ Social Media Accounts

In the case of registration or login via a social media platform account, we may collect and access various information from the user’s profile on that social network for internal administrative purposes and/or the purposes indicated above.

Security Procedures

In accordance with the General Data Protection Regulation (GDPR), PYNBOOKING reasonably ensures the necessary procedures to prevent unauthorized access and misuse of personal data. We use appropriate systems and procedures to protect and keep secure the information provided to us. We also employ technical and security procedures and physical restrictions to prevent access to and use of personal data on our servers. Only authorized personnel have access to personal data, and only during the performance of their job duties.

Data is processed in a way that ensures its security and combats the risk of it being altered, lost, processed, or accessed illegally, depending on the nature of the technology, the stored information, and the risks to which it is exposed.

Control and Users’ Rights Over Personal Data

Users have the right to access the data stored by the accommodation units where they made reservations via the PYNBOOKING system. To do this, they should contact the accommodation unit where they made the reservation through PYNBOOKING.

Users have the right to request the deletion of the provided data at any time.
Users have the right to modify any incomplete or invalid data.
Users have the right to request the deletion of data when it is no longer necessary for the purposes for which it was collected and stored.
Users have the right to confirm the revocation of consent.
Users have the right to obtain the restriction of data processing when the conditions regarding personal data processing regulations allow it.
Users have the right to request the portability of their data.

Users will also be informed that they can lodge a complaint regarding the protection of their personal data with the relevant authorities at any time.

Reviews, Ratings, Feedback

Users may be asked to provide an opinion on the quality of accommodation services after their stay to improve services. The user’s email address will be used for this purpose. If they complete a review, it may be published on the accommodation unit’s website, Facebook page, Twitter, or Google Plus. Details regarding the user’s identity will not be published. Storing user information may be necessary to fulfill the obligations the accommodation unit has toward them.

Legitimate Interest in Processing User Data

We may use user information for legitimate purposes, such as administrative purposes, fraud detection, or legal purposes.

The processed data we request to fulfill the purposes listed above cannot be used without the user’s consent. Also, if the user withdraws their consent, this will not affect the legality of the prior processing of their data. To revoke consent, the user must contact us through the channels mentioned above. Similarly, in cases where processing a user’s data is necessary to fulfill a legal obligation or perform a contractual relationship between us and the user, the processing will be legitimate as it is necessary to achieve those objectives.

Cookies

The term "cookie" refers to a small amount of information placed in the web browser on the computer or mobile device used by users. Cookies are used to facilitate the booking process and contain information such as search data and the language in which the reservation is made. There is a difference between temporary cookies and long-term cookies. Temporary cookies will exist only until the web browser is closed. Long-term cookies are used for a longer period and are not automatically deleted when the browser is closed. We use long-term cookies in Google Analytics to analyze traffic and visitor behavior. By using the PYNBOOKING site or making reservations through PYNBOOKING, you consent to the use of cookies as described above.

Use of Services by Minors

The services are not aimed at individuals under 18 years of age, and we do not request that they provide personal data.

Disclosure of Personal Data

Personal data will be used and disclosed in the following cases:

• To comply with applicable laws, including laws in the user’s country of residence;

• To respond to a request in a legal proceeding;

• To respond to requests from government authorities, including authorities outside the user’s country of residence, and to meet national security requirements;

• To enforce the terms and conditions;

• To protect our rights, privacy, data security, those of users, and third parties.

We may use and disclose Other Data for any purpose, except where current legislation does not allow it. In certain cases, we may combine Other Data with personal data (e.g., the user’s name with location). If we do so, we will consider and treat the resulting data as personal data as long as the combination process is in effect.

User Obligations

The user guarantees that they are legally responsible, of sound mind, and that the information provided is true, valid, complete, and current. The user is solely responsible for the accuracy of the data provided and undertakes to update the information when necessary.

The user undertakes to inform third parties whose personal data they provide, where applicable, about the information in this document. They also undertake to obtain the approval of these third parties regarding the provision of their personal data for the purposes outlined above.

The user is responsible for false or invalid information provided through the website and for any direct or indirect damage caused to us or third parties as a result.

General Terms & Conditions

Reservation Policy

Flexible & Guaranteed

• If canceled at least 2 days before arrival, no fee is charged.

• If canceled later or in case of no-show, the first night’s accommodation will be charged.

Non-Refundable

• In case of no-show, the advance payment for the first night’s accommodation will be retained.

• Online payment with a bank card via Euplatesc (Visa/Mastercard/Vacation Voucher).

We wish you pleasant and safe browsing!