Vivago.ro
RO Register

GDPR - Personal Data Protection

Last updated: 06.05.2026

1. Our Commitment

Imavision Media&Development SRL is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679.

2. Your Rights

Under GDPR, you have the following rights:

Right of Access (Art. 15)

You have the right to obtain confirmation that your data is being processed and to access this data, as well as information about the processing.

Right to Rectification (Art. 16)

You can request correction of inaccurate data or completion of incomplete data.

Right to Erasure (Art. 17)

You can request deletion of personal data under certain conditions (e.g., data is no longer necessary for the initial purpose, you withdraw consent).

Right to Restriction of Processing (Art. 18)

You can request restriction of processing in specific cases (you contest data accuracy, processing is unlawful, etc.).

Right to Data Portability (Art. 20)

You have the right to receive personal data in a structured, commonly used, and machine-readable format.

Right to Object (Art. 21)

You can object to data processing based on legitimate interest or for direct marketing.

3. How to Exercise Your Rights

To exercise any of the above rights, send a request to:

We will respond to your request within a maximum of 30 calendar days from receipt. In complex cases, the deadline may be extended by an additional 60 days, with prior notification.

4. Account Deletion Request

For complete deletion of your account and associated data, you can:

  • Access the "Profile" section in your account
  • Send an email to contact@vivago.ro with the subject "Data deletion request"

Note: Certain data may be retained according to legal obligations (tax data - 5 years, contractual data - 3 years after contract termination).

5. Supervisory Authority

If you believe your rights have been violated, you have the right to file a complaint with:

National Supervisory Authority for Personal Data Processing (ANSPDCP)
Website: www.dataprotection.ro

6. Security Measures

We implement the following technical and organizational measures:

  • SSL/TLS encryption for all communications
  • Password hashing with secure algorithms (bcrypt)
  • Role-based restricted access to personal data
  • Encrypted and regular backups
  • Continuous monitoring of data access
  • CSRF protection and rate limiting

7. Breach Notification

In the event of a personal data security breach, we will notify ANSPDCP within a maximum of 72 hours and data subjects without undue delay, in accordance with Art. 33 and 34 GDPR.