Privacy policies and terms
This policy was drafted on 04.09.2019 and will be reviewed and updated periodically.
Identity and contact details of the operator
The COMPANY Be Story Teller (hereinafter referred to as bestoryteller), with registered office in Sos Unirii 27, Ilfov, registered at the Trade Registry Office under no. J23/542/2013, with Unique Registration Code 34176487 as author, owner and administrator of the website , respects the confidentiality and security of the processing of personal data of each person accessing the website. In this regard, we make every effort to ensure that the information that is entered into our databases is used only for specified, explicit and legitimate purposes.
A.N.S.P.D.C.P. – National Authority for the Supervision of Personal Data Processing;
personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
restriction of processing” means the marking of stored personal data for the purpose of limiting their further processing;
controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by Union or national law, the controller or the specific criteria for its designation may be laid down in Union or national law;
processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
recipient” means the natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, public authorities to whom personal data may be disclosed in the framework of a particular inquiry in accordance with Union or national law are not considered as recipients; the processing of such data by those public authorities shall comply with the applicable data protection rules in accordance with the purposes of the processing;
consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which the data subject signifies his or her agreement, by a statement or by an unambiguous action, to the processing of personal data relating to him or her.
Rights of website users
www.cursuri.bestoryteller.co, as a personal data controller, has implemented technical and organisational measures to ensure that the rights of users of the sites (data subjects under the GDPR) are respected, namely:
The right of access means the right of the data subject to obtain confirmation from the controller whether or not personal data concerning him or her are being processed and, if so, access to those data and information on how the data are processed.
The right to data portability refers to the right to receive personal data in a structured, commonly used and machine-readable format and the right to have such data transmitted directly to another controller, if technically feasible.
The right to object refers to the right of the data subject to object to the processing of personal data when the processing is necessary for the performance of a task carried out in the public interest or in the legitimate interest of the controller. Where the processing of personal data is for the purpose of direct marketing, the data subject shall have a prior right to object to the processing at any time.
The right to rectification refers to the correction, without undue delay, of inaccurate personal data stored. The rectification must be communicated to each recipient to whom the data have been transmitted, unless this proves impossible or involves disproportionate (demonstrable) efforts.
The right to erasure (“right to be forgotten”) means the right of the data subject to request the erasure of personal data without undue delay if one of the following grounds applies: they are no longer necessary for the purposes for which they were collected or processed; he/she withdraws his/her consent and there is no other legal basis for the processing; he/she objects to the processing and there are no overriding legitimate grounds; the personal data have been unlawfully processed; the personal data must be deleted for compliance with a legal obligation; the personal data have been collected in connection with the provision of information society services.
The right to restriction of processing may be exercised if the data subject disputes the accuracy of the data, for a period that allows the accuracy of the data to be verified; the processing is unlawful and the data subject objects to the erasure of the personal data and requests restriction instead; if the controller no longer needs the personal data for the purpose of the processing, but the data subject requests it for the establishment, exercise or defence of legal claims; if the data subject has objected to the processing for the period of time during which it is verified whether the legitimate rights of the controller prevail over those of the data subject.
The collection and processing of personal data obtained through the website is carried out in compliance with the provisions of Regulation 679/2016. For any information or requests based on the right of data subjects under the GDPR, you can contact cursuri.bestoryteller at the email address: email@example.com
Purposes and legal grounds of processing. Categories of personal data collected and processed by cursuri.bestoryteller
By completing any form made available on the website you express your express consent to the collection and processing of personal data by cursuri.bestoryteller, both manually and automatically, for the purpose of being contacted by cursuri.bestoryteller regarding your request, in accordance with the provisions of Regulation No 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR.
If you do not agree to your data being processed, you have the right and the freedom not to fill in the available forms and not to access the website.
When completing the forms available on , cursuri.bestoryteller will collect personal data, providing information on the purpose of collection of each personal data that is requested.
cursuri.bestoryteller may also receive and store on its servers information relating to the IP address and cookie information of the requested site. You have the option to set your internet browser to reject certain cookies. In this case, however, there will be a negative impact on your navigation on the cursuri.bestoryteller websites.
For newsletter subscribers who no longer wish to receive information by email, it is necessary to send an email to: and your data will be deleted from our newsletter database.
Personal data protection. Data retention period
cursuri.bestoryteller will not disclose personal data collected through the cursuri.bestoryteller websites, except to authorized employees and contractors/partners who are authorized persons to whom such data are necessary to process them on behalf of cursuri.bestoryteller, to provide services available on the cursuri.bestoryteller website, or where disclosure is a legal obligation of cursuri.bestoryteller or its employees or contractors/partners.
cursuri.bestoryteller has implemented the necessary organisational and security measures to protect against unauthorised access, use, alteration or destruction of personal data in accordance with the provisions of the GDPR.
cursuri.bestoryteller, together with its collaborators, has taken responsibility for implementing appropriate technical and organisational measures to protect the confidentiality and security of personal data.
cursuri.bestoryteller grants access to personal data to authorised employees and contractors/partners (authorised persons) only in accordance with the stated purpose of data collection. All employees, collaborators and service providers of cursuri.bestoryteller, who come into contact with personal data, must act in accordance with the principles of privacy and personal data security policies and procedures by signing privacy statements and agreements with respect to such data.
The personal data of users of the cursuri.bestoryteller websites are retained for a period of between 3 and 10 years (depending on the purpose for which the personal data was collected), and users are informed each time they provide their personal data of the exact retention period.
Information on the National Authority for the Supervision of Personal Data Processing (A.N.S.P.D.C.P.)
In case you consider that your rights provided for in Regulation No 679/2016 have been violated, you have the possibility to address ANSPDCP by filing a complaint.
The contact details of ANSPDCP are the following: