Fleur
mobile logo
Cloud of Memories > Confidentiality Policy

PERSONAL DATA PROCESSING AND INFORMATION CONFIDENTIALITY POLICY

The owner collects and processes personal data in accordance with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation or GDPR).

1. Types of Processed Data

To access the platform and its services, organizers may be required to provide personal data such as their full name, address, phone number, or email.
These data are stored and processed by the owner only with the registered users’ consent, which is provided by checking the relevant boxes on the platform to accept the personal data processing and confidentiality policies.
Based on users’ consent, we process the following categories of information:
• Personal identification and contact data – full name, contact address, email, and phone number;
• Text, images, and voice – communicated by users within the uploaded content;
• Order details – information related to orders placed;
• Event data – details related to events created on the platform;
• Correspondence related to services – emails, letters, information regarding your requests for issue resolution, complaints, inquiries, feedback received from you;
• Payment information – bank account details or other banking and payment-related information regarding transactions made;
• Other information – such as IP address when visiting the website.
The processing of the aforementioned personal data is mandatory for us in order to provide the services.

2. Reasons and Purposes for Processing Personal Data

The owner processes the personal data described in section 1 above for any of the following reasons:
• Compliance with legal obligations;
• Fulfillment of contractual obligations;
• Consent of the individual;
• Protection of legitimate interests.
The purposes of collecting and processing data include:
• Concluding and executing contracts in accordance with the purpose of the services;
• Enabling communication between guests and organizers;
• Allowing organizers to purchase packages;
• Informing users about the status of their purchases;
• Providing access to data history, reports, and statistics.
Additionally, the owner collects and processes data to tailor commercial policies to the needs and requirements of users (targeted offers, reports and statistics, vouchers, etc.), and to communicate with registered users via the platform, phone, or email for updates (news, offers, promotions, etc.). Registered users have the option to subscribe to newsletters and updates through the platform to receive information related to the above-mentioned topics. Subscribers to newsletters/updates have the option to unsubscribe by clicking the relevant link in the newsletter emails.
Personal data provided by users may also be processed by the owner for the purpose of generating statistics on the services provided, platform performance, user preferences and needs, and platform adaptation and updates.
The processing of personal data is also necessary for the owner to fulfill legal obligations, such as, but not limited to, providing data and information to relevant authorities in the areas of taxation, competition, consumer protection, etc.

3. Recipients/Categories of Recipients

Personal data related to names may be disclosed to other users of the platform within an event, depending on the technical transmission options and preferences selected by the users. Additionally, such data may be shared with authorized persons designated by the owner or those involved in providing the services. Furthermore, personal data may be transmitted to public authorities or institutions as part of the owner’s legal obligations.
The owner is not responsible for the direct transmission of personal data by users, regardless of the reason for such disclosure and the method by which it occurs. The responsibility for the processing of personal data collected or used by users lies solely with them.

4. Transfer of Data to Third Parties

As part of service provision, the owner may transfer certain personal data to third parties, both within Romania and within the European Economic Area (EEA).
If users’ personal data are transferred outside the European Economic Area, we will comply with applicable legal requirements regarding international data transfers.

5. Duration of Processing

Personal data is retained for the period necessary to achieve the purpose for which it was collected or for the periods required by the owner’s legal obligations (for example, but not limited to, the archiving of financial and accounting documents).
Personal data communicated by users through content (images, voice, text) will be stored for a period of 3 months from the date of the event, after which it will be deleted.

6. Users’ Rights

By providing your personal information and/or consenting to its collection, you acknowledge that we will collect, store, use, and disclose your personal information in accordance with this privacy policy.
You are not obligated to provide us with personal information; however, failure to do so may affect your ability to use the website or the products and/or services offered through it.
In accordance with legal provisions and under the conditions stated therein, users, as data subjects, have the following rights:
• The right to access the processed data;
• The right to request the owner to rectify or delete the processed data or to restrict processing;
• The right to data portability;
• The right to object to data processing.
To exercise these rights, you may send a written request via email to gdpr@cloudofmemories.com. We will respond within a maximum of 15 working days from the date of submission of the request.
Some of these rights (rectification, modification, deletion, objection) can be exercised directly by users within the platform by selecting the relevant options in their user account.
Additionally, you have the right to file a complaint with the supervisory authority: The National Authority for Personal Data Processing Supervision, located in Bucharest, at B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Postal Code 010336, Bucharest, Romania.

7. Protection of Personal Data

To ensure the appropriate protection of company and customer data, we apply all necessary organizational and technical measures, as stipulated by data protection legislation. In this regard, we maintain reasonable and appropriate physical, electronic, and procedural safeguards, both commercially and legally, to protect your data against loss, theft, unauthorized access, disclosure, copying, use, or modification.
For maximum security during the processing, transfer, and storage of your data, we may employ additional protection mechanisms such as encryption, pseudonymization, and other security techniques.

8. Changes and Updates

We may modify or update this Privacy Policy from time to time to reflect changes in our operations, legislative updates, or for other operational, legal, or regulatory reasons.
If the changes are significant or required by applicable legal provisions, we will contact you (based on your selected communication preferences) and inform registered users about the changes or updates by providing a link to the updated or modified policy.

9. Newsletter

Users have the option to subscribe to our newsletter through the Cloud of Memories website. Subscription can be done in two ways:
By entering their email address in a dedicated field on the presentation page.
By checking an optional box in the event configuration form.
By subscribing to the newsletter, users will periodically receive emails that may contain special offers, information about new products, and functionalities available within the Cloud of Memories services or the related online invitation software of Cloud of Memories.
Users can unsubscribe from the newsletter at any time using the unsubscribe option included in each email sent.