📞 0724 447 211 📞

Privacy Policy

DECLARATION OF CONFORMITY
with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation)
Declarăm că SC VISRO EVENTS SRL cu sediul în Soseaua Brasovului 92, Valea Lupului, judetul Buzau, CUI 33468815, NIRC J10/381/2024 a pus în aplicare măsuri care corespund cerințelor Regulamentului (UE) 2016/679 al Parlamentului European și al Consiliului din 27 aprilie 2016 privind protecția persoanelor fizice, în legătură cu prelucrarea datelor cu caracter personal și libera circulație a acestor date și de abrogare a Directivei 95/46/CE (Regulamentul General privind Protecția Datelor), denumit în continuare “DGPR”.
These measures include:
- Protection and non-disclosure of personal data with which we may come into contact as part of commercial or communication processes specific to our company's business;
- Ensuring the ongoing credibility, integrity and availability of the information systems we use in order to provide services to you as a customer or visitor to the Outdoor-Events.ro website;
- The ability to renew in a timely manner the availability of and access to personal data processed as part of the services provided to you in the event of a physical or technical security incident in our information systems;
- In our organisation there is an established procedure for informing your company in the event of a breach of personal data protection that we may come into contact with as part of providing services to you;
- The ability, through appropriate measures, to respond to a request to exercise rights by a personal data subject (Chapter III of the GDPR);
- An established procedure for regular evaluation of the effectiveness of technical and organisational measures to ensure the security of personal data processed in our company.

WHAT DATA DO WE COLLECT?
1. Email addresses and phone numbers
We get your email addresses through the following channels:
- Registration for events, tours, activities through the Outdoor-Events.ro portal
- Commercial correspondence generated by you or VISRO EVENTS SRL
We use email addresses and phone numbers to keep in touch with you in the period between your registration/booking and the actual execution of the contracted service.
La înscrierea / rezervarea de locuri prin portalul Outdoor-Events.ro vi se solicită în mod expres acordul pentru utilizarea datelor dumneavoastră personale, în pagina https://www.Outdoor-Events.ro/plata/ .
In the absence of active consent by ticking the relevant box, the booking procedure is automatically terminated.
Email addresses and phone numbers are stored online in the customer account opened at SmartBill Cloud for VISRO EVENTS SRL or on VISRO EVENTS SRL's own internal storage drives for internal use and future correspondence with you.
Email addresses will NOT be passed on to third parties without your express and specific consent.
2. Name, surname and addresses
According to Article 319, para. (20) of the Fiscal Code, the invoice must contain the following information:
- the name and address of the recipient of the goods or services, as well as the VAT registration number or tax identification code of the recipient, if the recipient is a taxable person or a non-taxable legal person;
Solicităm aceste date prin pagina https://www.Outdoor-Events.ro/plata/, la momentul înscrierii / rezervării de servicii.
Your name, surname, telephone number and addresses are stored online in your customer account with SmartBill Cloud for VISRO EVENTS SRL, respectively on VISRO EVENTS SRL's own internal storage drives for internal use and future correspondence with you.
3. Photographs and videos of the company's services.
Photos and videos are stored for a minimum of 30 days and a legal maximum of 3 years.
When you register, you are expressly asked to agree to the use of the media materials for marketing purposes or to pass them on to other participants in the activity in which you are a co-participant.
If we do not have your express consent, photos/videos in which you can be identified with you will be blurred.

HOW DO WE USE YOUR PERSONAL DATA?
Your personal data is used strictly:
- for the purpose and purpose of facilitating communication with you and the delivery of purchased services
- the completion of legally binding tax documents
- the development of internal statistics on sales trends, buying behaviour, trends and interests
- geolocation of our customers

WHICH THIRD PARTIES HAVE ACCESS TO YOUR DATA?
To operate its business, VISRO EVENTS SRL uses outsourced services that have access to your data as follows:
- for online billing services - https://www.smartbill.ro/
- for accounting services - http://www.esconsulting.ro/
- for online payment collection - https://plationline.eu/
Each VISRO EVENTS SRL partner is subject to the same privacy rigors outlined by the GDPR rules.
If you request the deletion of your data from our records please make the same request to our partners using the contact links above.

HOW DO I CHANGE MY DATA IN THE VISRO EVENTS SRL ARCHIVE?
Poți oricând să-ți retragi consimțământul privind prelucrarea datelor personale, contactându-ne la OFFICE@OUTDOOR-EVENTS.RO
We constantly monitor requests for deletion or modification of personal data through the GDPR module embedded in the source code of the Outdoor-Events.ro website.
The person in charge of the GDPR compliance audit makes periodic assessments using the dedicated module.
The EU General Data Protection Regulation (GDPR) also provides that data is processed either on the basis of your consent or if the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract, cf. GDPR Art. 6 (1) (a) - (b).
Declarație emisă la data de 25 mai 2022.

VISRO EVENTS SRL
Sinziana Ioana Ioan

Annex 1 - processing of personal data by SmartBill.ro according to GDPR Personal data processing contract Operator (VISRO EVENTS SRL)-Director (SmartBill.ro)

Varianta 1.0 valabilă din 25 mai 2022

This Annex provides the specific rules regarding the processing of personal data submitted by VISRO EVENTS SRL (Beneficiary), as Controller, by S.C. Intelligent IT S.R.L, as Processor in accordance with Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR"), as well as any subsequent national legislation in the field of personal data protection.

Art. 1 Terms Throughout this Annex terms used shall be interpreted in accordance with the GDPR, and where applicable, terms used shall have the definitions stipulated in Article 4 of the GDPR.

Art.2 Object of processing The object of the processing of personal data is the processing by the Controller of personal data submitted by the Operator for the purpose of providing the services stipulated in the SmartBill.ro main service contract.

Art. 3 Data collected Personal data made available by the Operator processed under this contract are:

3.1 For the SmartBill.ro service - personal data are those that appear on documents, such as: Name, surname of the issuer of the document and his/her identification data, email, telephone and if the document is issued to a natural person client: name, surname, full address, and depending on the Operator's wishes - bank account, CNP. The Operator may also add additional personal data directly to the invoices issued, which the Authorised Person cannot foresee.

3.2 For the SmartBill.ro service - configuration of email transmission to customers, the data are -user email and password by which emails are transmitted, as well as the email addresses to which invoices are sent.

3.3 For the Typing DNA service - data on typing behaviour at the time of authentication: time intervals spent by the user on each key and between each two keys, and device movements during the pressing of each key.

Art.4 Categories of persons concerned The categories of persons concerned are:

- Employees of the Operator ◦ Only those who issue invoices (Art. 3.1) ◦ Only those who send invoices (Art. 3.2)

- customers of the Operator (only for the specific data expressly mentioned in Art. 3)

Art. 5 Specific instructions Under this contract the Operator gives the following specific instructions to the Trustee:

5.1. to collect and process personal data received directly from the Operator for the purposes set out in Article 7.

5.2. Send email messages on behalf of the Operator for the email document transmission service (if this service is used by the Operator);

5.3 Collect and process information whether documents submitted and hosted on the Smart Bill platform have been opened and/or viewed by the Operator's Customers.

Art. 6 Duration of processing The duration of the processing of personal data is identical to the duration of the operation of the main service contract.

Art. 7 Nature and purpose of the processing The nature and purpose of the processing shall be as determined by the Operator under the main contract, namely the provision of Smart Bill services, depending on the service package purchased. For customers who use authentication by keystroke profile recognition, the purpose of the processing is to protect against impersonation and the potential risks that may arise from it.

Art. 8 Sub-processors Where the processing of the Controller's data or parts of the processing is carried out by the Processor through other persons, called sub-processors, the Processor must comply with the following principles:

8.1. Pursuant to this Article, the Operator agrees to authorize the Trustee to process its data through the following sub-processors for the following activities: - Amazon Web Services, Inc. - Ireland and Germany - for hosting - Amazon Web Services, Inc. certified in the EU-US Privacy Shield program; - S.C. Typing DNA S.R.L. - uses Amazon Web Services for hosting - for securing authentication in Smart Bill products.

8.2. For future sub-processors, the Licensee shall receive a general authorisation to sub-contract with any other EU, EEA or country supplier with an adequate level of protection recognised by decision of the European Commission, which is necessary for certain parts of the data processing under this contract that provides an adequate level of security at least at the level of this contract. This authorisation includes the obligation to inform the Controller, by a message through the account on the website of the Trustee or by email. The Controller has the opportunity to object within 2 working days.

8.3 Smart Bill may also send the data processed by the Processor to other processors of the Processor (such as payment processors) only if there is a contract between the Processor and these other processors, as well as the request of the Processor to Smart Bill to send the data to this processor.

Art. 9. Rights and obligations of the Operator

- The right to receive information from the Processor or to verify through a mandated auditor that the Processor has and implements appropriate technical and organisational measures so that the processing complies with the requirements of the GDPR; the verification will take place on the basis of a prior written notification sent at least 14 working days before the verification takes place;

- The right to receive assistance from the Processor, in particular in fulfilling its obligation to respond to requests from data subjects regarding the exercise of their rights under the GDPR;

- The right to object to other sub-trustees under Article 8.2;

- Comply with its obligations under the GDPR as Controller with respect to personal data collected or processed by the Trustee on its behalf;

- Obligation to inform data subjects under the GDPR, including information on the processing of data by the Data Processor under this contract;

- The obligation to be solely responsible for establishing the legal basis for the processing of personal data which is the subject of this contract;

- The obligation to implement appropriate technical and organisational measures in accordance with the GDPR, including securing the transfer of data from data subjects to the Processor;

- The Operator understands that from the moment of deletion of the data after the end of the provision of the services by the Data Controller in accordance with the GDPR obligations and Article 10 of this contract, the data can no longer be recovered and it is the Operator's entire responsibility to ensure that it has made a complete copy of the data.

- In all situations where the Controller is the one who is required to perform an obligation, such as, for example, informing the data subject of a personal data breach, the Processor cannot be held liable for the Controller's inactions within the scope of that obligation.

Article 10 Rights and obligations of the Trustee:

- The obligation to inform the Controller within a maximum of 10 days if, in the opinion of the Data Processor, an instruction violates the GDPR and/or another legal provision relating to the processing of personal data;

- The obligation to ensure the security of personal data processed on behalf of the Controller in accordance with Article 32 of the GDPR and Article 11 of this Annex;

- The obligation to inform the Controller without undue delay of a breach of the security of the Controller's personal data in the course of processing by the Processor;

- The obligation to assist the Controller with all necessary information in order to notify, where appropriate, the competent Authority of the data breach, but without substituting the Controller in its notification obligation;

- Obligation to assist the Operator to ensure compliance with the obligations set out in Articles 32-36 of the GDPR;

- The obligation to assist the Controller in dealing with requests from data subjects or to transmit to the Controller any request received from data subjects in relation to personal data that have been collected and processed by the Processor within a maximum of 5 calendar days of receipt. This assistance does not apply where the Controller already has in the technical tools provided by the Processor the possibility to directly address the data subject's request (e.g. Right of Access - where the Controller already has all the information on what data it collects);

- The obligation not to transmit personal data and/or confidential information, which may be personal data, of which it has become aware during the performance of the contract;

- The obligation to provide training to staff authorised to process personal data on the confidentiality of such data;

- Obligation to include confidentiality obligations to employees and sub-employees;

- The right to disclose certain personal data by virtue of a legal obligation or other condition laid down by law at the request of an authority, public institution or court.

- The right to recruit sub-authorised persons in accordance with Article 8 or if approved by the Operator;

- The right to cover the costs incurred by the Operator in providing assistance to the Operator in the situations provided for by the GDPR under Article 9, if they exceed the monthly cost of the services provided by the Trustee.

- The right to use anonymised statistical information as a result of activities carried out as a result of this contract or as a result of its entire activity.

- The obligation to delete all data collected as a result of this contract as a Trustee within a maximum of 6 months after the termination of the contract between the two parties.

- The Data Controller may not determine purposes or means of processing personal data, which are determined exclusively by the Controller.

Article 11 Security of processing

11.1 The Authorised Officer shall carry out appropriate technical and organisational measures to ensure adequate risk-related security measures in accordance with good industry practice. In determining the appropriate level of security, the Processor shall take into account the current state of development, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risk with varying degrees of probability and severity to the rights and freedoms of natural persons, as well as the risks arising as a result of the processing, in particular with regard to those that may lead to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, personal data transmitted, stored or otherwise processed.

11.2 In this context, the Trustee has established the internal implementation of the following organisational and technical security measures for the security of personal data, taking into account the type of activity provided: - implementation of ISO27001/ISO27017/ISO27018 security standards - regular security audits by cyber security experts - limited access to the database for a very limited number of employees of the Trustee - permanent monitoring of access to the database - encryption of the connection used by the Operator to access the service using SSL - client passwords stored encrypted - regular backups

11.3 On a voluntary basis, the Trustee may send summaries of the findings of security audits (after deletion of commercial or confidential information) conducted periodically to the Operators to demonstrate its ongoing activities on this subject.

Art. 12 Limitation of Liability The Operator agrees to hold the Trustee harmless from any liability for damages that may arise from:

- non-performance of the contract due to events beyond any liability of the Trustee;

- compliance with the Operator's instructions or failure to comply with the Operator's instructions justified in advance by a notice of illegality;

- lack or vitiation of the consent of data subjects or use of a wrong legal basis by the Controller;

- failure to comply with the contract due to actions of the Operator.

Art. 13 Delimitation of liability The controller and the Processor shall delimit their responsibilities for ensuring the protection of personal data (e.g. ensuring confidentiality or security of processing), depending on the actual access to and control over the data, both contractually and technically.

Art. 14 Entry into force and amendments. This Annex shall enter into force on 25 May 2018 and shall remain in force until amended by SmartBill.ro and the customers informed thereof. The use of the account after informing the customers means their agreement to this document.

 

Cookie Policy

Cookies Policy on Outdoor-Events.ro website

1. Introduction
This Cookie Policy applies to all users of the Outdoor-Events.ro website. The following information is intended to inform users of this website about the placement, use and management of cookies by VISRO EVENTS SRL, as the owner of Outdoor-Events.ro, in the context of users' navigation on this website.

2. What are cookies?
We use the term "cookies" to refer to cookies and similar technologies through which information can be collected automatically.
An "Internet Cookie" (also known as a "browser cookie" or "HTTP cookie" or "cookie") is a small file of letters and numbers that will be stored on a user's computer, mobile device or other equipment through which the Internet is accessed.
Cookies are set by a request from a web-server to a browser (e.g. Internet Explorer, Firefox, Chrome). Once installed, cookies have a fixed lifetime and remain "passive" in the sense that they do not contain software, viruses or spyware and will not access information on the hard drive of the user on whose computer they are installed.
A cookie consists of two parts:
cookie name;
the content or value of the cookie.
Technically, only the web-server that sent the cookie can access it again when a user returns to the web page associated with that web-server.

3. For what purposes cookies are used through this website:
Cookies are used to provide users of this website with a better browsing experience and services tailored to the needs and interests of individual users, namely to:
- to improve the usability of this website, including by identifying any errors that occur during users' visit/use of this website;
- providing anonymous statistics on how this website is used to VISRO EVENTS SRL as the owner of this website;
- anticipation of possible future goods that will be made available to users via this website, depending on the services/products accessed.
On the basis of the feedback sent by cookies on how this website is used, VISRO EVENTS SRL may take measures to make this website more efficient and accessible to users.
Thus, the use of cookies allows the storage of certain settings/preferences set by the users of this website, such as:
- the language in which a web page is viewed;
- the currency in which certain prices or tariffs are expressed;
- posting comments on the website.

4. What is the lifetime of cookies?
The lifetime of cookies can vary significantly, depending on the purpose for which it is placed. There are the following categories of cookies which also determine their lifetime:
- Session cookies - A "session cookie" is a cookie that is automatically deleted when the user closes their browser.
- Persistent or fixed cookies - A "persistent" or "fixed" cookie is a cookie that remains stored on the user's terminal until it reaches a certain expiry date (which may be minutes, days or years in the future) or until the user deletes it at any time via browser settings.

5. What are cookies placed by third parties

Certain sections of content on the website may be provided through third parties, i.e. not by VISRO EVENTS SRL, in which case these cookies are referred to as "third party cookies".

Third party cookie providers must also comply with data protection rules and the Privacy Policy https://www.outdoor-events.ro/politica-de-confidentialitate/ available on this website.
These cookies may come from the following third parties: Google Analytics, Facebook.
6. What cookies are used through this website:
By using/visiting the website the following cookies may be placed: a. Website performance cookies;
b. User analytics cookies;
c. Cookies for geotargeting;
d. Registration cookies;
e. Advertising cookies;
f. Cookies from advertising providers;

a. Performance cookies
This type of cookie stores the preferences of the user of this website, so that it is not necessary to set the preferences again when visiting the website again.

b. User analysis cookies
These cookies inform us whether a particular website user has visited/used this website before. These cookies are only used for statistical purposes.

c. Cookies for geotargeting
These cookies are used by software that determines the country of origin of the website user. You will receive the same advertisements regardless of the language selected.

d. Cookies for registration
When you register on this site, cookies are generated to remember this. The servers use these cookies to show us the account you registered with. The use of these cookies also allows us to associate any comments posted on the website with the username of the account used. If the "keep me logged in" option has not been selected, these cookies will be automatically deleted when the browsing session ends.

e. Advertising cookies
These cookies allow us to track whether a user has viewed an online advertisement, the type of advertisement and the time elapsed since the advertisement was viewed. As such, such cookies are used to target online advertising. These cookies are anonymous, storing information about the content viewed, not about the users.

7. What kind of information is stored and accessed through cookies?
Cookies store information in a small text file that allows browser recognition. This website recognises the browser until the cookies expire or are deleted.

8. Customise your browser settings for cookies
If the use of cookies is not intrusive and the computer or technical equipment used to browse this website is only used by you, long expiry periods may be set for storing browsing history.
If the computer or technical equipment used to browse this website is used by more than one person, you may consider setting it to delete individual browsing data each time the browser is closed.

9. How cookies can be turned off

Disabling and refusing to receive cookies may make this website difficult or impossible to visit, resulting in limitations on your ability to use it.
Users can set their browser to reject cookies or to accept cookies from a specific website.
All modern browsers offer the possibility to change cookie settings. These settings can usually be accessed in the "options" or "preferences" menu of your browser.
However, refusing or disabling cookies does not mean that you will no longer receive online advertising - only that it will not be tailored to your preferences and interests as evidenced by your browsing behaviour.

To understand these settings, the following links may be useful:

- Cookie settings in Internet Explorer https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Cookie settings in Firefox https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Cookie settings in Chrome https://support.google.com/chrome/answer/95647
- Cookie settings in Safari https://support.apple.com/ro-ro/guide/safari/sfri11471/mac

If you have any further questions about how cookies are used through this website, please contact office@outdoor-events.ro