This page describes how the Invizita website processes personal data, in line with Regulation (EU) 2016/679 (“GDPR”) and applicable law. Invizita showcases stays and editorial content; bookings and communication with hosts happen outside the platform, via the channels shown in each listing.
Data controller
The entity operating Invizita is the controller for processing related to this site (“we”). For data-protection requests (including exercising your rights), use the contact details published on the site or the channel indicated by the controller.
Categories of data we may process
Depending on how you use the site, we may process: • Technical and usage data: IP address, browser type, device, pages viewed, timestamps — typically via server logs and tools needed for operation and security. • Data you provide directly: for example, if you email us or use a form, the message content and contact details you include. • On-site preferences: e.g. selected language, if stored via technical means (cookie / local storage). Favourite lists you save in the browser (localStorage) stay on your device and are not sent to Invizita as a user “account”.
Purposes and legal bases
We process data to: (1) provide and improve the site; (2) security and abuse prevention; (3) comply with legal obligations; (4) respond when you contact us; (5) aggregated, anonymised traffic analysis if we use such tools and you have consented where required by law. Legal bases may include: performance of a contract or pre-contract steps, legitimate interests (within reasonable limits), legal obligation, or your consent, as applicable.
Retention
We keep data only as long as needed for the purposes above or as required by law. Technical logs may be kept for short periods, then aggregated or deleted. Contact messages are kept as long as needed to respond and for any subsequent legal obligations.
Recipients and transfers
We may use providers for hosting, infrastructure or IT services (processors), strictly as needed. If a provider is outside the EEA, we ensure appropriate safeguards (e.g. standard contractual clauses) under GDPR.
Your rights and complaints
You have rights of access, rectification, erasure, restriction, objection and portability, subject to applicable law. You may lodge a complaint with your local supervisory authority or with the Romanian DPA (ANSPDCP). You can contact us about personal data using the controller’s contact details shown on the site.