Privacy Policy

HR3 Intelligence
A brand operated by VSG IMOVISION SRL
Last updated: 18.02.2026

1. Identity of the Data Controller

This website and the services offered under the HR3 Intelligence brand are operated by:

VSG IMOVISION SRL
Registered in Romania
Trade Register No.: J2019001073164
VAT ID (CUI): 40863744
Registered Office: Romania
Email: contact@hr3intelligence.com

VSG IMOVISION SRL acts as the Data Controller within the meaning of Article 4(7) of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).

2. Scope of Application

This Privacy Policy applies to:

• Visitors of www.hr3intelligence.com

• Representatives of hospitality businesses submitting requests

• Clients receiving HR3 strategic services

HR3 Intelligence operates strictly on a Business-to-Business (B2B) basis. The website is not directed at consumers.

3. Categories of Personal Data Collected

We may process the following categories of data:

3.1 Business Identification Data

• Full name

• Job title

• Company name

• Business email address

• Business phone number

3.2 Hotel Operational Data

• Hotel name

• Location

• Number of rooms

• Number of reviews

• Average rating

• Monthly check-ins

• Performance indicators

3.3 Technical & Usage Data

• IP address

• Browser type

• Device information

• Referrer URL

• Pages visited

• Interaction timestamps

3.4 Communication Data

• Email correspondence

• Form submissions

• Service-related communication

We do not intentionally collect special categories of personal data under Article 9 GDPR.

4. Legal Basis for Processing (Article 6 GDPR)

We process personal data based on:

4.1 Contractual Necessity – Article 6(1)(b)

Processing required to:

• respond to service requests,

• prepare proposals,

• deliver HR3 reports,

• manage contractual relationships.

4.2 Legitimate Interest – Article 6(1)(f)

Processing necessary for:

• B2B communication,

• fraud prevention,

• website security,

• business development activities directed to professional representatives.

Legitimate interest assessments are performed where applicable.

4.3 Consent – Article 6(1)(a)

For:

• analytics cookies,

• optional marketing communications (if applicable).

Consent may be withdrawn at any time.

4.4 Legal Obligation – Article 6(1)(c)

For compliance with:

• accounting obligations,

• tax regulations,

• regulatory requirements.

5. Purpose of Processing

Personal data is processed strictly for:

• Strategic performance assessment

• Preparation and delivery of the HR3 Recovery Architecture

• Client communication

• Invoicing and financial compliance

• Website analytics (consent-based)

• Security monitoring

We do not sell personal data.

We do not engage in automated decision-making with legal or similarly significant effects (Article 22 GDPR).

6. Data Minimization & Accuracy

In accordance with Article 5 GDPR:

• We collect only data necessary for defined purposes.

• Clients are responsible for ensuring accuracy of submitted data.

• We may request corrections where inaccuracies are identified.

7. Data Retention

Data is retained as follows:

• Client contractual data: up to 5 years (accounting/legal requirements)

• Proposal data (non-converted leads): up to 24 months

• Analytics data: per configured retention (typically 14 months)

• Communication records: up to 5 years

Data is securely deleted after retention periods expire.

8. Data Recipients & Processors

We may engage GDPR-compliant service providers including:

• Website hosting providers

• Cloud storage providers

• Email service providers

• Analytics platforms

All processors act under Article 28 GDPR Data Processing Agreements.

We do not authorize processors to use data for independent purposes.

9. International Data Transfers

Where personal data is transferred outside the EU/EEA, safeguards are implemented in accordance with Chapter V GDPR, including:

• European Commission adequacy decisions

• Standard Contractual Clauses (SCCs)

10. Security Measures (Article 32 GDPR)

We implement appropriate technical and organizational measures, including:

• HTTPS encryption

• Access controls

• Role-based authorization

• Data minimization protocols

• Secure hosting infrastructure

• Regular monitoring of systems

While no system is fully immune from risk, we apply industry-standard safeguards.

11. Data Subject Rights

Under GDPR, data subjects have the right to:

• Access (Article 15)

• Rectification (Article 16)

• Erasure (Article 17)

• Restriction of processing (Article 18)

• Data portability (Article 20)

• Objection (Article 21)

• Withdraw consent (where applicable)

Requests may be submitted to contact@hr3intelligence.com.

We respond within one month in accordance with Article 12 GDPR.

12. Supervisory Authority

Data subjects have the right to lodge a complaint with:

The Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
or the relevant supervisory authority within the EU.

13. Automated Processing & Profiling

HR3 Intelligence may use analytical tools to model rating projections.
However:

• No automated decision-making with legal effects is performed.

• No profiling for behavioral advertising is conducted without consent.

14. Children’s Data

Our services are not directed to individuals under 18 years of age.
We do not knowingly collect data from minors.

15. Policy Updates

We reserve the right to update this Privacy Policy to reflect:

• legal changes,

• regulatory developments,

• service modifications.

The latest version is always available on this website.

HR3 Intelligence provides strategic B2B advisory services exclusively to hospitality businesses. This website is not intended for consumer transactions. Consumer protection regulations applicable to B2C services do not apply.