Legal
Privacy Policy
Last updated: May 30, 2025
TimișoaraMUN is committed to protecting your personal data privacy. This privacy policy explains what data we collect, how we use it, and your rights regarding your data.
1. Information We Collect
We collect the following types of information:
- Personal information: Name, email address, phone number, educational institution.
- Registration information: Committee and country preferences, previous MUN experience.
- Usage information: How you interact with our website and services.
2. How We Use Your Information
We use your information for:
- Processing your conference registration
- Communicating important conference information
- Improving our services
- Complying with legal obligations
3. Information Sharing
We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share information with:
- Our event hosting partners
- Service providers who assist us in organizing the conference
- Authorities, when required by law
GDPR and Personal Data Protection
Last update: April 9, 2026
We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable national law. This section explains exactly what we collect, why we collect it, how long we keep it, and how you can control your data.
Data We Collect
- Identity data: first name, last name, date of birth, nationality.
- Contact data: email address, phone number, city, country.
- Educational data: school/university, study level, graduation year.
- Application data: committee preferences, motivation answers, MUN experience.
- Operational data: attendance, committee assignment, participation records.
- Financial data: payment confirmations and transaction references.
- Health/restriction data (if provided): allergies, dietary restrictions, emergency details.
- Media data: photos, videos, audio recordings taken during official event activities.
Legal Basis for Processing
- Contract performance: to process applications, allocate roles, and run the conference.
- Legal obligation: accounting, compliance, and lawful reporting obligations.
- Legitimate interest: event security, quality assurance, and administrative management.
- Consent: optional communications, selected media usage, and special category data where required.
Consent and Participant Declarations
By submitting the registration form and attending TimișoaraMUN, participants acknowledge that personal data is processed for event organization and communication.
- Participants confirm that submitted information is accurate and up to date.
- Participants may withdraw optional consent at any time without affecting prior lawful processing.
- For participants under 18, parental/legal guardian written consent is required.
Photos, Videos, and Image Rights
- Official sessions and social activities may be photographed or recorded for documentation and promotion.
- Media may be published on the website, social media channels, reports, and promotional materials.
- We avoid using images in a way that is excessive, misleading, or harmful to participants.
- For close-up portrait removal requests, contact us and we will assess and respond promptly.
Note: Group photos from public conference moments may remain in archived documentation when required by legitimate organizational interest.
Data Sharing and International Transfers
- Data is shared only with partners/providers strictly necessary for event operations.
- We do not sell personal data and do not share it for unrelated third-party marketing.
- Where data is transferred outside the EEA, we apply appropriate GDPR safeguards.
- Authorities may receive data only when legally required.
Retention and Security
- We keep data only as long as needed for conference delivery, legal obligations, and legitimate records.
- Typical retention period: up to 5 years, unless a longer period is legally required.
- Security measures include controlled access, role-based permissions, and secure storage practices.
- If a data incident occurs, we follow GDPR notification and mitigation requirements.
GDPR Rights of Participants
You can request at any time: access, rectification, erasure, restriction, portability, objection, and withdrawal of consent for consent-based processing.
How to Exercise Your Rights
Send your request to contact@tm-mun.arpd.ro with enough details to identify your record. We aim to answer within one month, in accordance with GDPR.
Complaints
If you believe your data has not been handled correctly, you may also file a complaint with the competent data protection supervisory authority.
Contact
Email: contact@tm-mun.arpd.ro
Phone: +40 760 732 818