Privacy policy

The company that administers the website www.amoom.ro is AMOOM RESTAURANTS S.R.L, hereinafter called amoom.ro, registered at the Trade Registry with no. 40/5905/2022 and having the Unique Registration Code 45875596 with headquarters in Str. Vointei 21 Bl. C1 Cod 052833, Sector 5, Bucuresti
This privacy policy covers the personal data of customers and other users of this website. Personal data means any information regarding an identified or identifiable natural person, collected through this site without being limited to name, surname, address, telephone number, e-mail address.
The purpose of collecting personal data is the sale of products and services on www.amoom.ro (with all related activities such as order processing, delivery, payment, invoicing, etc.), customer relations services and marketing activities for your own needs .
www.amoom.ro collects personal data directly from users when an account is created or an order is placed, from traffic data from the user's browser by collecting anonymous data that helps improve services and ensure site security and through through cookies and external traffic analysis services such as Google Analytics.
Google Analytics is used to help the operator understand the flow of website usage, and more information about it can be found at www.google.com/int/ro/policies/privacy/.
In addition, in the situation where the support services are accessed (e.g. the columns "We invite you to write", "Are you interested? Contact us" or filling out a form in the Corporate section) the operator reserves the right to record any communication made with the purpose to improve the services offered by www.amoom.ro.
The services of the Mobilpay payment processor are used to make the payments, so the banking information is transmitted to them. The Mobilpay partner's personal data processing policies are available on its own website http://www.mobilpay.ro/public/
www.amoom.ro applies the necessary technical and organizational measures in the use of personal data to ensure their security, protection against accidental or illegal destruction, modification, disclosure or unauthorized access. Although the operator has links to other web pages on the site, he is not responsible for the information protection strategies or the content of other web pages.
Personal data may be transferred or access to certain customer data may be provided to courier service providers, payment/banking service providers and IT service providers. We assure you that access to data is carried out in accordance with the legal provisions on data protection and information confidentiality, based on contracts concluded with them.
The processing of personal data for the above purposes is based on the following legal grounds from Regulation (EU) 2016/679:

the execution of the contract to which the data subject is a party or to take steps at his request before the conclusion of a contract for the data collected through the order form according to art. 6, para. (1), lit. b);
the legal obligations for the necessary invoicing data according to art. 6, para. (1), lit. c);
the client's consent regarding marketing/advertising activities (e.g. newsletter subscription, marketing cookies, etc.) and other processing for which the legislation in the field provides for the obligation to obtain consent according to art. 6, para. (1), lit. a);
the legitimate interest of www.amoom.ro to promote its products and/or services. As a general rule, personal data is stored while the account is active. The data subject may at any time request the deletion of certain information or the closure of the account, and the operator shall proceed in support of the request, subject to the preservation of certain information including after the account is closed, in situations where the applicable legislation or legitimate interests require it (e.g. complaints, claims, litigation ).In the situation where a legal obligation arises or if it is necessary to defend a legitimate interest, the operator reserves the right to disclose certain personal data to public authorities. In relation to the processing of personal data, the data subject has the following rights:
the right to information provided for in art. 13 RGPD – the data subject from whom personal data is directly obtained has the right to receive a set of information regarding the identification data of the operator, the purpose and legal basis in which the data are processed, the recipients of the data and the storage period;
the right of access to data provided for in art.

15 RGPD – the data subject has the right to receive a confirmation from the operator regarding the performance or not of some processing operations of his personal data, as well as a copy of the processed personal data;
the right to rectification and deletion of data provided for in art. 16 and art. 17 GDPR – the data subject has the right to obtain the rectification or completion of his personal data, with the help of the operator, as well as the possibility to request the deletion of his personal data from the records/databases of the operator;
the right to restrict data processing provided for in art. 18 RGPD - the data subject has the right to request the restriction of the processing of his personal data by the operator, in the situation where certain conditions are met: the data are not accurate, the processing is illegal, the operator no longer needs these data, etc.;
the right to data portability provided for in art. 20 GDPR – the data subject has the right to receive the personal data concerning him and which he has provided to the operator in a structured, commonly used and machine-readable format and he has the right to transmit this data to another operator, without obstacles from the operator to whom the personal data was initially provided;
the right to opposition provided for in art. 21 GDPR – the data subject has the right to object to the processing of his personal data;
the right to be informed about security incidents regarding personal data provided for in art. 34 RGPD – the operator will promptly inform the occurrence of security incidents concerning personal data and which present a high risk for the rights and freedoms of the data subjects. The communication will be made without undue delay and will contain, in clear and simple language, the nature of the personal data security breach, accompanied by the measures taken/proposed;
the right to withdraw at any time the consent granted for the processing of personal data provided for in art. 7, para. (3) of the GDPR – the data subject has the right to withdraw his consent at any time. Its withdrawal does not affect the legality of the processing carried out on the basis of consent before the withdrawal;
the right not to be the subject of an autonomous processing decision provided for in art. 22 GDPR – the data subject has the right not to be subject to a decision based exclusively on automatic processing, including profiling, which produces legal effects concerning the data subject or similarly affects him to a significant extent.
the right to file a complaint before a supervisory authority provided for in art. 15, para. (1), lit. f) from the RGPD - the data subject has the right to file a complaint with the National Authority for the Supervision of Personal Data Processing with the following contact details: B-dul G-ral Gheorghe Magheru no. 28-30, Sector 1, postal code 010336, Bucharest, Romania, Phone: +40.318.059.211 or +40.318.059.212, e-mail: anspdcp@dataprotection.ro

In addition, to exercise the rights provided for by Regulation (EU) 2016/679, we recommend that you contact the operator at the e-mail address contact@amoom.ro. It is important to note that no fee will be charged for the exercise of any right regarding the user's personal data, unless the request for access to information is unfounded, repetitive or excessive, in which case according to the provisions of the RGDP Art. 12, para. (5) the operator may "a) either charge a reasonable fee taking into account the administrative costs for providing the information or communication or for taking the requested measures; b) or refuse to comply with the request". Any change regarding data protection will be posted on the website www.amoom.ro, as well as on the social networks that the operator deems appropriate.