GDPR Compliance
Last updated: April 27, 2026
Rezervatio.AI complies with EU Regulation 2016/679 (GDPR) and Romanian Law no. 190/2018.
Roles in Data Processing
- For caller (End Customer) data: we act as a data processor (Art. 28 GDPR). The controller is the User's business that uses the Platform.
- For our Users' data (account, billing): we are the controller.
Key guarantees
- End-to-end encryption for all data in transit
- Servers located exclusively in the European Union
- Multi-factor authentication (MFA) available
- Daily backup and disaster recovery plan
- DPIA (Data Protection Impact Assessment) performed in accordance with Art. 35 GDPR
- Notification of security incidents to ANSPDCP within a maximum of 72 hours
Your Rights (Art. 15-22 GDPR)
You have the right to: access, rectification, erasure, restriction, portability, objection, withdrawal of consent.
To exercise your rights: privacy@rezervatio.ai
Response time: maximum 30 calendar days (Art. 12(3) GDPR)
Response time: maximum 30 calendar days (Art. 12(3) GDPR)
Data Processing Agreement (DPA)
For active B2B customers, the complete and digitally signable DPA is automatically provided at onboarding and available at any time in the dashboard, "Legal Documents" section.
Complaint
You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (ANSPDCP):
Website: anspdcp.ro
Email: anspdcp@dataprotection.ro
Email: anspdcp@dataprotection.ro
Data Protection Officer
Email: privacy@rezervatio.ai
EU · GDPR Compliant