Privacy Policy

Welcome to MimzSubvert ("we," "our," or "us"). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website mimzsubvert.com and use our eco-tourism services in Romania.

This policy applies to all information collected through our website, mobile applications, and any related services, sales, marketing, or events. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access our website or use our services.

Personal Data

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, mailing address
• Booking Details: Tour preferences, travel dates, group size, special requirements
• Payment Information: Credit card details, billing address (processed securely through third-party payment processors)
• Communication Records: Messages, feedback, and correspondence with our team
• Emergency Contacts: Information provided for safety during eco-tours

Automatically Collected Data

• Usage Data: Pages visited, time spent, click patterns, device information
• Technical Data: IP address, browser type, operating system, referring URLs
• Location Data: General geographic location (with consent)
• Cookies: Small data files stored on your device to enhance user experience

We use the information we collect for various purposes, including:

• Service Provision: Processing bookings, coordinating tours, providing customer support
• Communication: Sending confirmations, updates, safety information, and newsletters
• Safety & Security: Ensuring participant safety during eco-tours and wilderness activities
• Improvement: Analyzing website usage to enhance user experience and services
• Marketing: Sending promotional materials about new tours and conservation initiatives (with consent)
• Legal Compliance: Meeting regulatory requirements and protecting our rights
• Research: Conducting environmental research and conservation efforts (anonymized data only)

We may share your personal information in the following circumstances:

• Service Providers: Third-party companies that assist in operations (payment processors, booking systems, communication platforms)
• Partners: Local guides, accommodation providers, and conservation organizations involved in your tour
• Emergency Situations: Authorities and medical professionals when necessary for safety
• Legal Requirements: When required by law, court order, or government regulations
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: When you have given explicit permission for specific sharing

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

We implement comprehensive security measures to protect your personal information:

• Encryption: SSL/TLS encryption for data transmission and storage
• Access Controls: Restricted access to personal data on a need-to-know basis
• Regular Updates: Security patches and system updates to prevent vulnerabilities
• Monitoring: Continuous monitoring for unauthorized access attempts
• Staff Training: Regular privacy and security training for all team members
• Data Backup: Secure backup systems to prevent data loss

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

Under GDPR and other applicable privacy laws, you have the following rights regarding your personal data:

• Access: Request copies of your personal information
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal information ("right to be forgotten")
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to data processing for direct marketing or legitimate interests
• Withdraw Consent: Revoke consent for data processing at any time

To exercise these rights, please contact us at [email protected] or use our contact form. We will respond to your request within 30 days.

We use cookies and similar technologies to enhance your browsing experience:

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us understand how visitors use our website
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality. Our cookie consent banner allows you to manage your preferences easily.

We retain your personal information for different periods depending on the purpose:

• Booking Records: 7 years for legal and tax compliance
• Marketing Communications: Until you unsubscribe or object
• Website Analytics: 26 months for Google Analytics data
• Support Tickets: 3 years for quality and training purposes
• Payment Information: As required by payment processors and regulations

After the retention period, we securely delete or anonymize your personal information unless longer retention is required by law.

As MimzSubvert operates internationally and uses global service providers, your personal information may be transferred to and processed in countries outside Romania and the European Union. We ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes and codes of conduct

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided personal information, please contact us immediately. We will delete such information promptly.

For family tours involving minors, we require parental consent and emergency contact information for safety purposes.

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting a notice on our website
• Sending an email notification to registered users
• Updating the "Last updated" date at the top of this policy

Continued use of our services after changes constitute acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Romanian Data Protection Authority (ANSPDCP) if you believe your privacy rights have been violated.