Escape the routine and unwind in the mountains:
Whitsun Package
Escape the routine and unwind in the mountains:
Whitsun Package
Terms & Conditions

General Conditions

Website owner

Hotel Sinaia is owned by Olala! which consists of the companies listed in Annex I, which may act as controllers or processors of your personal data, as applicable.

Trade name: SINAIA S.A.
Address: BLD CAROL I NO. 8, Sinaia, Prahova
Email: legal@olala.com

General conditions of use

The website https://www.hotelsinaia.ro aims to inform the general public about the activities this organization carries out and the products and services it provides as part of its activities.

Use of any of the features on this website entails full and express acceptance of the terms and conditions set out herein, notwithstanding any particular conditions that might be applied to any of the specific services offered on the website.

Users are not obliged to provide any information about themselves to visit the website. However, while making use of the website, they may be asked to fill in forms that require them to provide some personal data. This data will be used to process and send off users' requests. It will also be used to send users information about the company and its services by any means of communication, should users so wish. By sending the form, users explicitly agree to receive this information; if users do not want to receive this information, they should go to unsubscribe form asking to be removed from our mailing list.

Any users who refuse to provide their personal data will not be able to access the service in question.

Hotel Sinaia reserves the right to alter and update the information on its website, and/or the way in which this information is laid out and presented, in any way and at any time, without the need for any prior warning.

In order to ensure the information on the website is always up to date, the website contents may be altered, corrected, removed or added to at any time. Users should check that the contents are up to date and correct by referring to official sources.

Intellectual and industrial property and frames

All the components of the website, as well as its structure, design, source code, logos, brands and any other distinctive signs and symbols that appear on it, are the property of Hotel Sinaia or its partners and are protected by the corresponding intellectual and industrial property rights.

These intellectual and industrial property rights also cover the images and other graphical material on the website.

Hotel Sinaia expressly prohibits framing, or third-party use of any mechanisms that alter the design, original configuration or contents of the website.

The use of contents should respect their individual licensing. Their use, production, distribution, public communication, transformation or any other similar or analogous activity is totally prohibited, unless express prior authorization is obtained from Hotel Sinaia.

Full or partial reproduction of the texts and contents on the website shall be authorized only under the concurrence of the following conditions:

  • The integrity of the contents, documents and graphics is maintained.
    Hotel Sinaia is explicitly mentioned as the source and origin of the contents, documents and graphics.
  • The purpose for the use of the contents, documents and graphics is compatible with the purposes of the website and/or Hotel Sinaia activity.
  • No commercial use is made of the contents, documents and graphics. Their distribution, public communication, transformation or decompilation is strictly prohibited.

Any other use requires express prior authorization from Hotel Sinaia.

If third-party products and services are cited, Hotel Sinaia recognizes the right holders' corresponding intellectual and industrial property rights, and their mere mention or appearance on the website in no way implies any rights thereto, liability therefor or backing, sponsorship or recommendation thereof.

Hotel Sinaia states its respect for third parties' intellectual and industrial property rights. Should any third party consider that the website is violating any of their rights, they should contact Hotel Sinaia.

Price and deadline of validity of the offer

The prices indicated for each product do not include the Value Added Tax (VAT) as well as the TOURIST RATE that is not included in the price of the reservation. It is calculated and informs the customer of the exact amount at the time of booking. The prices applicable to each property are those published on the website, THE USER assumes that the economic valuation of some of the services may vary in real time. Prices may change daily while not making the reservation.

Liability

Hotel Sinaia does not guarantee that its website is free from errors or that its contents are duly updated, although Hotel Sinaia will always do the utmost to avoid and correct any errors and update information.

Access to the Hotel Sinaia and any use of the information contained thereon is users' exclusive responsibility.

Olala! shall not be liable for the information and contents stored on places including, but not limited to, forums, chatrooms, blogs, comments, social media or any other medium that enables third parties to publish contents independently of the Hotel Sinaia website.

Notwithstanding, and in accordance with the provisions of the LSSI, Hotel Sinaia makes itself available to all users, authorities and security forces and will actively cooperate to remove or block any contents that might contravene applicable legislation, third parties' rights or public morals or public order. Any users who consider that the website contains any contents that might be classified as such should contact Hotel Sinaia.

Hotel Sinaia shall not be liable for any replies made through any of the email addresses that appear on its website and in no case shall any legal effects be derived therefrom.

Links or hyperlinks

The links on the website may lead to third-party website contents. The purpose of these links is solely to help users find online resources that might be of interest to them. These third-party websites do not belong to Hotel Sinaia. Hotel Sinaia does not check the contents of these third-party websites and therefore accepts no liability for the contents, information or services that appear on them. The links are provided purely for informative purposes only and in no way imply any relationship between Hotel Sinaia and the persons or owners of information on third-party websites. Hotel Sinaia shall not be liable for the proper operation of the linked webpage or any damage that might result from accessing them.

Links to the Hotel Sinaia website should respect the following conditions:

  • Setting up a link on a webpage shall not imply any kind of agreement, contract, sponsorship or recommendation by Hotel Sinaia of the webpage in question.
  • The webpage containing the hyperlink shall not contain any illegal, discriminatory contents or any other contents that go against the principles of the General Data Protection Regulation (GDPR).
  • Hotel Sinaia may request that a link to its website be taken down, without the need to give any reason whatsoever. In such a case, the webpage containing the link shall take it down as soon as it is instructed to do so by Hotel Sinaia.
  • Hotel Sinaia shall not be in any way liable for guaranteeing the clarity, accuracy, reliability, correctness or morality of the contents or services offered by setting up the hyperlink. Users shall be solely responsible for the consequences, damages or other actions that might occur by accessing the website from the said hyperlink.
  • The webpage containing the hyperlink may not contain any brand, trade name, logo, slogan or any other distinctive sign or symbol belonging to Hotel Sinaia except those that form part of the hyperlink itself.

Personal data protection

For more information about how your data is processed, please see our Privacy Policy.

Whistleblowing

Whistleblowing channels are a safe digital space for all employees, external staff and guests to express their concerns anonymously and without fear of retaliation.

Applicable law and jurisdiction

Should any questions or differences of opinion arise concerning the terms and conditions of this Legal Notice, or concerning any other matter related to the services offered on this website, applicable law shall apply. Should any questions or differences of opinion arise concerning the use of the website or the services offered on it, Hotel Sinaia and the user hereby agree to submit themselves to the jurisdiction and authority of the courts of law of the city where the user is resident, provided that this city is in Romania and the user is acting as a consumer; otherwise, Hotel Sinaia and the user hereby agree to submit themselves to the jurisdiction and authority of the courts of law of the city of Bucharest, Romania.

Double booking disclaimer

While we make every effort to avoid double bookings, it may occur on rare occasions. In the event of a double booking, we reserve the right to offer alternative accommodations of similar standard and location. We cannot be held responsible for any costs or damages incurred as a result of a double booking.

Robbery inside the property disclaimer

The property takes reasonable precautions to ensure the safety and security of its guests and their belongings. However, the property shall not be held liable for any theft or loss of personal items while on the premises. We strongly recommend that guests take necessary precautions to secure their valuables and report any suspicious activity to the staff immediately.

Relocations & right of admission

We would like to inform you that Hotel Sinaia reserves the right of admission to our properties. While we strive to provide comfortable and enjoyable accommodations for all guests, there may be circumstances where we need to exercise our discretion in granting access to our premises.

We kindly request all guests to adhere to our terms and conditions, which include but are not limited to:

  • Providing accurate and valid identification during the reservation process and check-in.
  • Adhering to our house rules and policies, including occupancy limits, quiet hours, and any specific regulations pertaining to the property.
  • Conducting oneself in a respectful and responsible manner, ensuring the well-being and comfort of fellow guests and neighbours.

We appreciate your understanding and cooperation in maintaining a pleasant environment for all guests. If you have any questions or concerns, please do not hesitate to contact our amazing Customer Care team. We look forward to welcoming you in one of our accommodations soon!

 

Privacy policy regarding the processing of personal data

Last updated: 18.12.2025

1. GENERAL INFORMATION

Privacy and the protection of personal data is one of the primary concerns of SINAIA S.A., headquartered at BLD CAROL I NO. 8, Sinaia, Prahova, with website www.hotelsinaia.ro, acting as a personal data controller.
This Privacy Policy aims to inform data subjects about how their personal data is processed in the context of:

  • use of the Operator's website;
  • provision of hotel services;
  • management of reservations;
  • communication with clients and potential clients.

The processing of personal data is carried out in accordance with the provisions of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), as well as applicable national legislation.

2. CATEGORIES OF PERSONAL DATA PROCESSED

2.1. If you are a client or making a reservation

If you make a reservation or use the hotel services provided by the Operator, the following categories of personal data may be processed:

  • first and last name;
  • email address;
  • phone number;
  • reservation and stay details (length of stay, room type, number of guests);
  • special requests voluntarily communicated by the data subject (e.g. accommodation preferences);
  • data resulting from correspondence with the Operator regarding the reservation or hotel services;
  • billing data, to the extent that it allows the identification of a natural person.

Payment data is processed exclusively by authorized payment service providers; the Operator does not store bank card details.

2.2. If you request offers or information
If you submit offer requests or other information inquiries, the following may be processed:

  • first and last name;
  • email address;
  • phone number;

the content of the request and data provided directly in that context.

2.3. If you participate in campaigns, contests, or events

If you participate in promotional campaigns, contests, or events organized by the Operator, the data necessary for carrying out that activity may be processed, as indicated in the applicable regulations.

2.4. Sensitive data provided voluntarily

In specific situations, the data subject may voluntarily provide information regarding:

  • health status;
  • disabilities;
  • special regimes (e.g. dietary),

exclusively for the purpose of adapting hotel services. The Operator does not systematically request such data.

2.5. Data collected through the website

The Operator's website may include contact or information request forms. In this context, data provided directly by the data subject through those forms may be processed.

Data collected through cookies and similar technologies is governed separately by the Cookie Policy, a separate document.

To the extent that hotel services are provided to minors or reservations are made on behalf of minors, the Operator may process their personal data exclusively through their legal representatives, in accordance with the law and the guarantees provided by Regulation (EU) 2016/679.

3. PURPOSES AND LEGAL BASES FOR PROCESSING

3.1. If you are a client or making a reservation

The Operator processes your personal data for the following purposes:

For the performance of the contractual relationship, namely:

  • receiving and managing reservations;
  • providing hotel services;
  • communicating with you during your stay;
  • handling requests related to the reservation or accommodation.

Legal basis:

Processing for this purpose is based on the contract between you and the Operator, or on pre-contractual steps taken at your request, pursuant to Art. 6(1)(b) GDPR. Providing personal data is necessary for the performance of the contract. Refusal to provide such data may result in the inability to deliver hotel services.

If you make a reservation on behalf of another person, you declare that you have informed that person about the processing of their personal data and that you are entitled to provide this data to the Operator.

For compliance with legal obligations, including:

  • fiscal and accounting obligations;
  • archiving obligations;
  • other obligations imposed by applicable legislation.

Legal basis:

Processing is necessary for compliance with a legal obligation, pursuant to Art. 6(1)(c) GDPR. Providing data for this purpose is mandatory. Refusal may prevent the Operator from fulfilling its legal obligations and, consequently, from providing its services.

For marketing activities and commercial communications, namely sending, via remote communication means (email, SMS), information about the Operator's services, offers, and promotions.

Legal basis:

Processing for this purpose is based on your consent, pursuant to Art. 6(1)(a) GDPR, if you choose to provide it. You may withdraw your consent at any time:

  • via the unsubscribe option available in each commercial communication;
  • or by submitting a request to the Operator.

Providing data for this purpose is voluntary. Refusing or withdrawing consent will have no negative consequences for you.

When subscribing to the newsletter, your email address is used solely for sending commercial and informational communications about the Operator's services and offers, based on the data subject's consent. Data is processed for this purpose until consent is withdrawn. Data subjects may unsubscribe at any time via the unsubscribe mechanism included in each communication.

For promotional campaigns, contests, or events, if you participate in such activities organized by the Operator.

Legal basis:

Processing is based on:

  • performance of the campaign/event rules (Art. 6(1)(b) GDPR);
  • your consent (Art. 6(1)(a) GDPR), as applicable.

For adapting hotel services, in specific situations where you voluntarily provide information regarding:

  • health status;
  • disabilities;
  • special regimes (e.g. dietary).

Legal basis:

Processing of such data is based on the explicit consent of the data subject, pursuant to Art. 9(2)(a) GDPR. The Operator does not systematically request such data and does not use it for other purposes.

3.2. If you request offers, information, or contact us

If you contact us via the website, email, or other channels, the Operator processes your personal data for:

  • Handling requests, questions, complaints, or information inquiries.

Legal basis:

Processing is based on pre-contractual steps or the Operator's legitimate interest in responding to received requests, pursuant to Art. 6(1)(b) and (f) GDPR. Providing data for this purpose is voluntary. Refusal may result in the inability to handle your request.

3.3. Analytics and statistics

Website traffic analysis and the use of cookies for statistical or marketing purposes are governed exclusively by the Cookie Policy, a separate document available on the website. The use of electronic communication means and online technologies is carried out in compliance with applicable legislation on the confidentiality of electronic communications and digital services, including relevant European regulations.

4. DURATION OF DATA PROCESSING

The Operator will process your personal data for the period necessary to achieve the processing purposes mentioned in this Policy, in compliance with the storage limitation principle under Regulation (EU) 2016/679.

The duration of data processing and storage is determined based on:

  • the nature of the relationship between the data subject and the Operator;
  • the specific purposes of the processing;
  • the legal obligations applicable to the Operator.

In this regard:

data processed for the purpose of providing hotel services and managing reservations is retained for the duration of the contractual relationship and thereafter, in accordance with the archiving periods provided by applicable national legislation;

data processed for financial and accounting purposes is retained in accordance with applicable fiscal and accounting legislation;

data processed for the purpose of offers is retained for the period necessary to handle the request and document the commercial relationship;

data processed in the context of promotional campaigns is retained for the duration of those campaigns and thereafter, to the extent required by applicable legal obligations.

Where data processing is based on the data subject's consent (e.g. for marketing purposes), data will be processed until consent is withdrawn. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

Upon expiry of the applicable retention periods, personal data will be deleted or anonymized in accordance with the Operator's internal procedures and legal requirements.

5. DISCLOSURE OF PERSONAL DATA

To fulfill the processing purposes described in this Policy, the Operator may disclose your personal data to contractual partners, third parties, or entities that support the Operator in carrying out its activities, as well as to public authorities, in accordance with the law.

Personal data may be disclosed, in a limited and controlled manner, to the following categories of recipients:

  • IT service providers, technical maintenance, and hosting;
  • online reservation system providers;
  • marketing and communication service providers, exclusively where the data subject has given consent;
  • external consultants (legal, fiscal, accounting, GDPR);
  • internal and external auditors;
  • entities within the group to which the Operator belongs, exclusively for internal administrative purposes;
  • central or local public authorities, where disclosure is required by law or necessary for the exercise or defense of a right;
  • the website hosting service provider (Cyber Folks), with servers located in the European Union (Poland).

Personal data is disclosed to third parties only to the extent necessary to achieve the purposes for which it was collected, and in compliance with legal obligations regarding confidentiality and data security.

6. TRANSFER OF PERSONAL DATA

Personal data processed by the Operator may be transferred and stored outside Romania, exclusively to member states of the European Union or the European Economic Area, under adequate security conditions.
Currently, certain data is processed through providers whose servers are located in other member states of the European Economic Area (for example, in connection with the use of the online reservation system).

The website uses an online reservation system managed through an external platform, whose servers are located in the European Union (Poland). Access to data processed through this system is limited to the platform provider and authorized staff of the Operator, depending on their roles.

The Operator does not transfer personal data to countries outside the European Union / European Economic Area.

7. SECURITY OF PERSONAL DATA

The Operator attaches great importance to the security of personal data and implements appropriate technical and organizational measures, in accordance with Art. 32 of Regulation (EU) 2016/679, taking into account the nature of the data processed, the purposes of processing, and the associated risks. The measures adopted aim to protect personal data against unauthorized access, disclosure, alteration, accidental or unlawful loss or destruction.

7.1. Organizational measures

To ensure an adequate level of security, the Operator applies, among others, the following organizational measures:

  • establishing internal policies and procedures for the protection of personal data;
  • limiting access to personal data exclusively to authorized personnel, based on their duties;
  • regular staff training on confidentiality obligations and data protection;
  • working exclusively with suppliers and partners that provide sufficient guarantees regarding the implementation of adequate security measures;
  • periodic risk assessments related to data processing and updating of security measures, where necessary.

7.2. Technical measures

The Operator uses appropriate technical measures to protect personal data, including but not limited to:

  • logical access control to IT systems;
  • use of authentication and authorization mechanisms;
  • protection of IT infrastructure against unauthorized access;
  • use of backup and data recovery solutions;
  • ensuring the security of electronic communications;
  • separation of working environments, where applicable.

7.3. Security in relation to suppliers and external platforms

In the context of using external providers (e.g. IT providers, external reservation platform, marketing service providers), the Operator:

ensures that they comply with applicable data protection requirements;

limits their access to personal data strictly to what is necessary for fulfilling contractual obligations;

implements appropriate contractual measures to protect the confidentiality and security of data.

7.4. Security incident management

The Operator has internal procedures for identifying, reporting, and managing security incidents that may affect personal data. In the event of a security incident that poses a risk to the rights and freedoms of data subjects, the Operator will act in accordance with applicable legal obligations, including, where applicable, notifying the competent authority and informing the data subjects, under the conditions set out in the GDPR.

7.5. Access restrictions and the principle of confidentiality

Access to personal data is granted exclusively to authorized personnel and is limited to what is necessary for the performance of specific duties. All persons who have access to personal data are subject to confidentiality obligations.

7.6. Updating security measures

The Operator periodically reviews the implemented security measures and adapts them, where necessary, to ensure an adequate level of protection in line with evolving risks, technologies used, and applicable legal requirements.

8. YOUR RIGHTS

In accordance with Regulation (EU) 2016/679 on the protection of personal data, as a data subject you are entitled to the following rights, which may be exercised under the conditions and limitations provided by law:

Right to information

You have the right to be informed about the personal data processing activities carried out by the Operator, including the purposes of processing, legal bases, categories of data processed, recipients, and retention periods, as described in this Privacy Policy.

Right of access

You have the right to obtain confirmation from the Operator as to whether your personal data is being processed and, if so, access to that data and information regarding: the purposes of processing; the categories of data; the recipients or categories of recipients; the period for which data is stored or the criteria used to determine it.

Right to rectification

You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you, or the completion of incomplete data. The Operator will communicate the rectification to each recipient to whom the data was disclosed, unless this proves impossible or involves disproportionate effort.

Right to erasure ("right to be forgotten")

You have the right to request the erasure of personal data, without undue delay, in the following situations: the data is no longer necessary for the purposes for which it was collected or processed; you have withdrawn consent and there is no other legal basis for processing; you object to processing and there are no overriding legitimate grounds; the data has been unlawfully processed; the data must be erased to comply with a legal obligation. In certain situations, the Operator may anonymize the data and use it thereafter exclusively for statistical purposes.

Right to restriction of processing 

You have the right to request restriction of processing in the following cases: you contest the accuracy of the data, for the period necessary for verification; processing is unlawful and you oppose erasure; the Operator no longer needs the data, but it is necessary for the establishment, exercise, or defense of legal claims; you have objected to processing, pending verification of whether the Operator's legitimate interests override yours.

Right to data portability

You have the right to receive the personal data you have provided to the Operator in a structured, commonly used, and machine-readable format, and to request its transmission to another controller, to the extent that the conditions provided by law are met.

Right to object

You have the right to object at any time to: processing based on the Operator's legitimate interest, on grounds relating to your particular situation, unless the Operator demonstrates compelling legitimate grounds that override your interests; processing for direct marketing purposes, in which case processing will cease immediately, without justification and at no cost.

Right to withdraw consent 

Where processing is based on consent, you have the right to withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

Right not to be subject to automated individual decision-making 

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

Right to lodge a complaint 

You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP) or to address the competent courts if you believe your rights have been violated.

9. CONTACT AND EXERCISE OF RIGHTS

To exercise the rights listed in Chapter 8, or for any questions regarding this Privacy Policy, data subjects may contact the Operator or the Data Protection Officer (DPO) at the following contact details:

Data Protection Officer (DPO):

Entity name: Consultanta GDPR Timisoara (ITSC ASRO 2017 S.R.L.)

Contact person: Gîdea George Alexandru

Email: dpo@gdpr-timisoara.ro

If you wish to submit your request by post, it may be sent to the attention of the Data Protection Officer (DPO) of SINAIA S.A. at the following address: Bulevardul Carol I nr. 8, Sinaia, Prahova County.

The Operator will respond to data subjects' requests within the applicable legal timeframe, generally within one month of receipt, with the possibility of extending this period under the conditions provided by Regulation (EU) 2016/679.

To protect personal data, the Operator may request additional information necessary to confirm the identity of the data subject.