Privacy Policy
Last updated:
This page has not yet been professionally translated. The Romanian version is legally authoritative.
Contents
Privacy Policy
1. Who we are
This privacy policy applies to the website demorest.sitecare.ro, operated by:
- Name: Demo Restaurant SRL
- Tax ID (CUI/CIF): RO12345678
- Trade Register No.: J40/1234/2020
- Registered address: Strada Dorobanților nr. 42, Sector 1, București
- Contact email: comenzi@demorestaurant.ro
- Phone: +40 721 345 678
As the data controller, we are committed to protecting the confidentiality of your data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Romanian law.
2. What data we collect
2.1 Data you provide directly
By completing the forms available on the site (contact, booking, order, reservation), we may collect:
- First and last name
- Email address
- Phone number
- Delivery address or location (where applicable)
- Your message or request
- Order or reservation details (products, quantities, date, preferences)
These data are provided exclusively by you, voluntarily.
2.2 Data collected automatically via Google Analytics
When you visit the site, through the Google Analytics service (operated by Google LLC), anonymised data about your browsing behaviour is collected automatically, including:
- IP address (anonymised)
- Browser type and device used
- Operating system
- Pages visited and duration of visit
- Source of access (e.g. Google search, social media, direct access)
- Approximate geographical location (city/region level)
These data are processed by Google in accordance with their own privacy policy, available at policies.google.com/privacy.
2.3 Data collected via cookies and tracking technologies
The site uses cookies and similar technologies, including:
- Essential cookies — required for the basic operation of the site
- Analytics cookies — Google Analytics, to understand visitor behaviour
Full details about each type of cookie, storage duration, and how to disable them are available in the Cookie Policy of the site, at /cookies.
3. Why we collect this data
| Purpose | GDPR legal basis |
|---|---|
| Responding to requests submitted via contact forms | Legitimate interest — Art. 6(1)(f) |
| Processing online orders and reservations | Performance of a contract — Art. 6(1)(b) |
| Sending confirmations and notifications related to orders / bookings | Performance of a contract — Art. 6(1)(b) |
| Tax and accounting archiving (invoices, transactions) | Legal obligation — Art. 6(1)(c) |
| Statistical analysis of traffic via Google Analytics | Consent — Art. 6(1)(a) |
| Improving the browsing experience | Legitimate interest — Art. 6(1)(f) |
4. How long we retain data
| Data category | Retention period |
|---|---|
| Contact form data | 12 months from the last interaction |
| Order and reservation data | 5 years (legal archiving period for supporting documents) |
| Billing and payment data | 10 years (legal archiving period for accounting documents) |
| Analytics data (Google Analytics) | 14 months (default Google Analytics 4 setting) |
| Cookie data | As per each cookie's duration (details in the Cookie Policy) |
Upon expiry of the retention period, data is deleted or anonymised.
5. Who we share data with
We do not sell or rent your personal data to third parties. Data may be accessed by:
- SiteCare.ro — the web service provider that technically administers this site, acting as a data processor on behalf of the controller, solely for the purpose of providing maintenance services. For sites with online ordering or reservation functionality, data submitted through these forms (name, phone, order details) is stored on SiteCare.ro's technical infrastructure and is accessible to the controller at any time via the administration panel.
- Google LLC — via Google Analytics, for statistical traffic analysis
- Online payment provider (where applicable) — solely for processing transactions, without the controller having access to card data
- Public authorities — only where there is a legal obligation (e.g. tax authority, judicial bodies)
All partners we work with are contractually obliged or bound by their own policies to protect your data and use it solely for agreed purposes.
6. Transfer of data outside the EU
Through the use of Google Analytics, browsing data may be transferred to servers located in the United States of America, operated by Google LLC. These transfers are carried out on the basis of Standard Contractual Clauses approved by the European Commission, which ensure an adequate level of data protection.
7. Minors
This site is not intended for persons under 16 years of age and we do not intentionally collect personal data from minors. If you become aware that a minor has provided us with data without the consent of a parent or legal guardian, please contact us at comenzi@demorestaurant.ro to have it deleted.
8. Your rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access — you may request a copy of the data we hold about you
- Right to rectification — you may request the correction of inaccurate or incomplete data
- Right to erasure ("right to be forgotten") — you may request the deletion of data, subject to legal conditions
- Right to restriction of processing — you may request that we limit how we use your data
- Right to data portability — you may request your data in a structured, commonly used, machine-readable format
- Right to object — you may object to processing based on our legitimate interest
- Right to withdraw consent — at any time, without affecting the lawfulness of processing carried out prior to withdrawal
To exercise any right, please contact us at: comenzi@demorestaurant.ro
We will respond to your request within 30 calendar days.
If you believe your rights have not been respected, you have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP):
- Website: www.dataprotection.ro
- Email: anspdcp@dataprotection.ro
- Phone: +40 318 059 211
9. Data security
We take appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure, including:
- HTTPS secure connection across the entire site
- Restricted access to stored personal data
- Exclusive use of service providers with verified security standards
10. Changes to this policy
We reserve the right to update this privacy policy whenever necessary, for example as a result of legislative changes or expansion of the services offered. The updated version will be published on this page, indicating the date of the last modification.
We recommend that you check this page periodically.
11. Contact
For any questions relating to the processing of your personal data:
- Email: comenzi@demorestaurant.ro
- Phone: +40 721 345 678
- Address: Strada Dorobanților nr. 42, Sector 1, București