RO Acest website este în curs de dezvoltare și reprezintă o variantă demonstrativă. Informațiile, funcționalitățile și ofertele pot fi incomplete, provizorii sau cu titlu de exemplu.

EN This website is under development and is a demonstration version. Information, features, and offers may be incomplete, provisional, or for illustration only.

Privacy Policy

How we process your data on the BucharestRent platform.

Last updated: 20 March 2026

How we process your data on the BucharestRent platform.

Demo version. BucharestRent is shown as a demonstration platform for rentals and related services in Bucharest. The policy below is written in full for transparency; definitive company details (tax ID, registered office, representative) will be published at commercial launch and should be reviewed by legal counsel before real-world use.

During the demo, test accounts or data may be deleted or reset without prior notice.

This Privacy Policy explains how BucharestRent (bucharestrent.com) processes personal data in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable Romanian law, including Law no. 190/2018 on measures for implementing GDPR.

Data controller (who determines the purposes and means of processing for this demo):

  • Trading name: BucharestRent
  • Legal entity (demo): company in formation / demo project — to be completed when the production operator is registered
  • Address / correspondence (demo): Bucharest, Romania (full street address will appear at commercial launch)
  • Tax ID and trade register: to be published after the entity operating the live platform is incorporated
  • Privacy / data protection email: privacy@bucharestrent.com

For general enquiries you may also use our contact page.

1. Data we collect

Depending on how you use the platform, we may process:

  • Account data: email address, password (stored securely / hashed), phone number if provided, language or display currency preferences;
  • Technical & usage data: IP address, browser type, device, pages viewed, timestamps, session identifiers, cookies and similar technologies (see Cookies);
  • Communications: messages via forms, messaging, or quote/booking requests submitted through the platform;
  • Service usage: favourites, comparison lists, saved searches where enabled;
  • Booking / request details: identity and contact details, travel or stay information you submit so we or partners can respond;
  • Data required by law (e.g. invoicing, archiving) where applicable.

We do not routinely collect special categories of personal data unless required by law or a specific service and clearly communicated in advance.

2. Purposes and legal bases

We process data on the basis of:

  • Performance of a contract or steps at your request (e.g. account creation, handling requests to partners);
  • Legitimate interests (e.g. security, fraud prevention, service improvement, aggregated analytics, administrative messages), where your fundamental rights are not overridden;
  • Legal obligation (e.g. tax or record-keeping requirements);
  • Consent where required (e.g. certain newsletters, non-essential cookies) — you may withdraw consent at any time without affecting prior lawful processing.

3. Recipients and processors

We may share data with:

  • Technical providers (hosting, transactional email, aggregated analytics, IT support) acting as processors under GDPR-compliant agreements;
  • Commercial partners (owners, agencies, mobility providers) only as necessary to respond to a request or fulfil a booking you initiated;
  • Public authorities when legally required or on a lawful request.

We do not sell personal data.

4. Transfers outside the EEA

If we use services outside the European Economic Area, we ensure appropriate safeguards (e.g. Standard Contractual Clauses or adequacy decisions) unless GDPR permits a derogation.

5. Retention

We keep data only as long as necessary for the stated purposes, including:

  • the life of your account and a reasonable period thereafter for legal claims or statutory retention;
  • minimum retention for security logs and accounting records where the law requires;
  • after account deletion, erasure or anonymisation within reasonable time, subject to legal exceptions.

6. Security

We apply reasonable technical and organisational measures (access controls, encryption in transit where appropriate, internal policies). No system is 100% secure.

7. Your rights

Under GDPR you may request:

  • confirmation of processing and access;
  • rectification of inaccurate data;
  • erasure where applicable;
  • restriction of processing;
  • data portability where applicable;
  • objection to processing based on legitimate interests;
  • withdrawal of consent where processing is consent-based.

Contact us at the email above. You may also lodge a complaint with the Romanian Supervisory Authority (ANSPDCP)www.dataprotection.ro.

8. Cookies

In demo mode, we mainly use strictly necessary cookies (session, language preference, security). Analytics or marketing cookies will only be enabled once a lawful consent mechanism is implemented.

The production site may use additional categories subject to consent where required. Further detail may appear in a Cookie Policy and/or consent banner.

9. Children

The platform is not directed at children under 18. We do not knowingly collect data from minors without appropriate parental consent where required by law.

10. Changes

We may update this policy. The version on this page with the “last updated” date applies. Please review it periodically.

11. Contact

To exercise your rights or for privacy questions, email us at the address at the top or use the contact form where suitable for data protection requests.