Search
Search
Top
  >  Privacy & Cookie Policy

Privacy & Cookie Policy

Last updated: May 2025 · Effective from: May 2025
Applicable law: Swiss FADP / nDSG · EU GDPR · ePrivacy Directive

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

CONTENTS

  1. Who we are
    2. Scope and applicable law
    3. What personal data we collect and why
    4. Legal bases for processing
    5. Cookies and similar technologies
    6. Online marketing and advertising
    7. Apps and embedded content
    8. Third-party services and data processors
    9. International data transfers
    10. How long we keep your data
    11. Your rights
    12. Data security
    13. Children’s privacy
    14. Changes to this policy
    15. Contact

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. WHO WE ARE

This privacy policy applies to all websites operated by Mihaela Canja, trading as On My Way, a sole proprietor based in Canton Zug, Switzerland. This currently includes:

– onmyway-travel.com – English-language site, international audience
– onmyway.ro – Romanian-language site

The same controller, the same data practices, and the same policy apply across both domains. Where language-specific redirects are in place, visitors are directed to the appropriate version of the site but remain covered by this single policy.

Controller: Mihaela Canja / On My Way
Email: contact@onmyway.ro
Websites: onmyway-travel.com · onmyway.ro

As the operator of these websites, I am the data controller responsible for your personal data as described in this policy.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. SCOPE AND APPLICABLE LAW

This policy applies to all personal data processed in connection with this website and my associated activities as a travel content creator.

Because I am based in Switzerland and this website is accessible to visitors worldwide – including from EU/EEA member states and Romania – two data protection frameworks apply simultaneously:

– Swiss Federal Act on Data Protection (FADP / nDSG), in force since 1 September 2023, which governs the processing of personal data of persons in Switzerland and of Swiss residents wherever they are.

– EU General Data Protection Regulation (GDPR) (Regulation 2016/679), which applies to the extent that I offer content or services to individuals located in the EU/EEA and process their personal data. Romania is an EU member state; my Romanian-speaking audience is therefore covered by the GDPR.

Where the GDPR and the Swiss FADP overlap (which is most of the time), you benefit from whichever standard is higher. Where there are differences, I apply both sets of obligations. Switzerland is recognised by the EU as an adequate country for data transfers.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. WHAT PERSONAL DATA WE COLLECT AND WHY

3.1 – When you visit this website

When you browse onmyway-travel.com, our hosting provider and analytics tools automatically collect standard technical data, including your IP address (anonymised where possible), browser type and version, device type, pages visited, time and date of visit, and referring URL. This data is used to keep the site running securely, to understand how visitors use the site, and to improve content.

3.2 – When you subscribe to the newsletter

If you sign up to receive my newsletter, I collect your email address, and optionally your first name. This data is used exclusively to send you the newsletter you requested. You can unsubscribe at any time via the link in every email.

3.3 – When you contact me

When you use a contact form or email me directly, I collect the information you provide (name, email, and the content of your message). This data is used solely to respond to your enquiry and is not added to any marketing list without your explicit consent.

3.4 – When you comment on the blog

If the blog uses a comment function, I collect your name, email address (not displayed publicly), and the content of your comment. Your IP address may also be collected for spam prevention purposes.

3.5 – Social media and embedded content

This site may embed content from or link to third-party platforms including Instagram, Facebook, and YouTube. When you interact with embedded content, those third parties may collect data about you according to their own privacy policies. I do not control that processing. Please review the relevant policies:
– Instagram/Meta: https://privacycenter.instagram.com
– Facebook: https://www.facebook.com/privacy/policy
– Google/YouTube: https://policies.google.com/privacy

3.6 – Affiliate links

Some links on this blog are affiliate links. When you click an affiliate link, the destination website may set cookies to track whether a purchase results from that click. I do not receive your personal data from this tracking – I receive only an aggregated commission report. Please review the privacy policy of any affiliate platform you transact with.

3.7 – Brand partnerships and press enquiries

If you are a brand, PR agency, or tourism board contacting me about collaboration, I process the contact and business information you provide in order to evaluate and fulfil the professional enquiry. This data is not shared with third parties unrelated to the collaboration.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. LEGAL BASES FOR PROCESSING

Under both the GDPR (Article 6) and the Swiss FADP, every act of personal data processing requires a valid legal basis. The bases I rely on are:

Processing activity → Legal basis

Website analytics and technical logs → Legitimate interests (Art. 6(1)(f) GDPR) – operating and improving the website securely

Newsletter subscription and sending → Consent (Art. 6(1)(a) GDPR) – freely given, specific, informed, and withdrawable at any time

Responding to contact enquiries → Legitimate interests / pre-contractual steps (Art. 6(1)(b) and (f) GDPR)

Comments on the blog → Consent (Art. 6(1)(a) GDPR)

Non-essential cookies and tracking → Consent (Art. 6(1)(a) GDPR) – obtained via cookie banner before any non-essential cookies are set

Strictly necessary cookies → Legitimate interests (required for the website to function)

Professional/brand enquiries → Legitimate interests / pre-contractual steps (Art. 6(1)(b) and (f) GDPR)

Where I rely on legitimate interests, I have assessed that those interests are not overridden by your rights and freedoms. You have the right to object to processing based on legitimate interests at any time (see Section 11).

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. COOKIES AND SIMILAR TECHNOLOGIES

5.1 – What cookies are

Cookies are small text files placed on your device when you visit a website. They can be session cookies (deleted when you close your browser) or persistent cookies (stored for a defined period). Similar technologies include web beacons, pixels, and local storage objects.

5.2 – Categories of cookies used on this site

Strictly necessary – Essential for the website to function (e.g. security, load balancing, remembering cookie preferences). Consent required: No.

Analytics / performance – Understand how visitors use the site (e.g. Google Analytics, where used with IP anonymisation). Consent required: Yes.

Functional – Remember preferences (e.g. language, region) to improve experience. Consent required: Yes.

Marketing / advertising – Track visits across sites to deliver relevant ads (only if applicable). Consent required: Yes.

Affiliate tracking – Set by affiliate platforms when you click a referral link. Consent required: Yes (set by third parties).

5.3 – Your cookie choices

When you first visit this site, a cookie banner will ask for your consent before any non-essential cookies are set. You can:
– Accept all cookies
– Accept only necessary cookies
– Customise your preferences by category

You can withdraw or change your consent at any time by clicking the “Cookie Settings” link in the website footer, or by clearing your browser cookies and revisiting the site.

You can also control cookies through your browser settings. Please note that blocking all cookies may affect how this site functions. For more information on managing cookies, visit allaboutcookies.org.

5.4 – Google Analytics

This site uses Google Analytics to understand visitor behaviour. I have enabled IP anonymisation so that no full IP address is stored by Google. Data collected is used in aggregate form only. Google processes data under its own privacy policy: https://policies.google.com/privacy. You may opt out using the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. ONLINE MARKETING AND ADVERTISING

We and our advertising partners have an interest in targeting specific groups with relevant advertising. For this purpose, we and our advertising partners may use cookies and similar technologies that can record the content you accessed or interactions within this online service offer. This allows us and our advertising partners to display advertisements that we think will interest you – on this website, but also on other websites that display advertising from us or our partners.

If you consent to the use of marketing cookies, you will be shown corresponding personalised advertising. If you do not consent to these cookies, you will still see advertising, but it will not be tailored to your interests. You will not be denied access to any content as a result of declining marketing cookies.

We only activate marketing and advertising tools after obtaining your explicit consent via the cookie banner. You may withdraw that consent at any time via the Cookie Settings link in the footer of this website.

Where advertising partners process data in connection with this website, they do so under their own privacy policies. We do not share personally identifying information (such as your name or email address) with advertising networks.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. APPS AND EMBEDDED CONTENT

This website may embed content from or link to third-party applications and platforms – for example, video players, maps, booking widgets, or social media feeds. When such content is embedded and loaded in your browser, the provider of that content may process certain data about you, such as your IP address, browser type, and interaction data, in accordance with their own privacy policy.

Where embedded content or third-party scripts are non-essential, they will only be loaded after you have given your consent via the cookie banner.

If we make available any dedicated application for installation on mobile devices (an “app”) in the future, the operator of the relevant app store (e.g. Apple App Store or Google Play) will process certain data for its own purposes and according to its own data protection rules at the point of installation. When you use such an app, we would process data you provide (including, as applicable, your name, email address, or other personal data) as well as device and usage data – such as a unique device identifier, IP address, operating system information, and behavioural data – for the purposes described in Section 3 of this policy. Any such app will be accompanied by a specific privacy notice at the point of download.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. THIRD-PARTY SERVICES AND DATA PROCESSORS

I use a small number of carefully selected third-party services to run this website. Where these services process personal data on my behalf, they act as data processors and are bound by data processing agreements consistent with GDPR and FADP requirements.

Service → Purpose → Location → Privacy policy

FastComet → Website hosting → USA / EU → https://www.fastcomet.com/privacy-policy
Google Analytics → Website analytics → USA → https://policies.google.com/privacy
Newsletter platform → Email list management and sending → USA → [Update with your provider’s URL]
Affiliate platforms (e.g. Booking.com, Amazon Associates) → Affiliate tracking when you click links → Various → See each platform’s own policy
Meta / Instagram → Embedded content and social plugins → USA → https://www.facebook.com/privacy/policy

Note: Update the list above to reflect the exact services you use. Remove entries that don’t apply and add any missing services.

I do not sell your personal data to any third party. I do not share your data with advertisers in a way that identifies you individually.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. INTERNATIONAL DATA TRANSFERS

Some of the third-party services listed above are based in the United States or other countries outside the EU/EEA and Switzerland. When your data is transferred to these countries, I ensure appropriate safeguards are in place:

– EU adequacy decisions: Switzerland is recognised by the EU as an adequate country. For transfers from the EU to the USA, I rely on services that use Standard Contractual Clauses (SCCs) approved by the European Commission.

– Swiss FADP transfers: For transfers from Switzerland, I use services that meet the FADP’s requirements for cross-border data transfers (Art. 16 FADP), which may include adequacy decisions issued by the Swiss Federal Council, or equivalent contractual guarantees.

You can request information about the specific safeguards in place for any transfer by contacting me at contact@onmyway.ro.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. HOW LONG WE KEEP YOUR DATA

Newsletter subscriber data → Until you unsubscribe, plus 30 days for deletion to propagate. Suppression list kept to prevent accidental re-subscription.

Contact form / email enquiries → Up to 2 years from last correspondence, unless a longer retention is required for a professional engagement.

Website analytics data → As configured in the analytics platform (typically 14 months for Google Analytics). Aggregated, anonymised data may be retained indefinitely.

Blog comments → Until the comment is deleted or you request erasure.

Accounting and business records → 10 years, as required by Swiss law (Art. 958f CO / Obligationenrecht).

Server access logs → Up to 90 days for security purposes.

At the end of the applicable retention period, data is securely deleted or irreversibly anonymised.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. YOUR RIGHTS

Under both the GDPR and the Swiss FADP, you have the following rights in relation to your personal data:

– Right of access – request a copy of the personal data I hold about you.
– Right to rectification – ask me to correct inaccurate or incomplete data.
– Right to erasure – ask me to delete your data in certain circumstances (“right to be forgotten”).
– Right to restriction of processing – ask me to pause processing in certain circumstances.
– Right to data portability – receive your data in a structured, commonly used format (applies to data processed by consent or contract).
– Right to object – object to processing based on legitimate interests, including for direct marketing.
– Right to withdraw consent – where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
– Right not to be subject to automated decision-making – this site does not use automated profiling with legal or similarly significant effects.

HOW TO EXERCISE YOUR RIGHTS
Email me at contact@onmyway.ro with the subject line “Data Rights Request.” I will respond within 30 days (as required by both the GDPR and the FADP). I may need to verify your identity before acting on a request.

SUPERVISORY AUTHORITIES
If you believe I have not handled your data correctly, you have the right to lodge a complaint with the relevant supervisory authority:

– Switzerland: Federal Data Protection and Information Commissioner (FDPIC) – https://www.edoeb.admin.ch
– EU / Romania: Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) – https://www.dataprotection.ro
– EU (general): The supervisory authority in the EU member state where you reside or where the alleged infringement took place.

I would always appreciate the opportunity to address concerns directly before you contact a supervisory authority.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. DATA SECURITY

I take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:

– SSL/TLS encryption for all data transmitted to and from this website (HTTPS)
– Strong authentication and access controls for website administration
– Regular software and plugin updates to address security vulnerabilities
– Using reputable, contractually bound processors for data storage and transmission

When your data is transmitted via this website, it is protected during transmission using suitable encryption mechanisms. However, I can only secure areas that are within my control.

If you contact me by email, you do so at your own risk and agree that I may respond to you at the sender’s address via the same channel. Emails sent via the internet in unencrypted form may be accessed, viewed or manipulated by third parties, and data can be lost or intercepted in transit. If you wish to communicate sensitive information, please indicate this and we can discuss a more secure channel.

No method of transmission or storage over the internet is completely secure. In the event of a data breach that is likely to affect your rights and freedoms, I will notify you and the relevant supervisory authority as required by law.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. CHILDREN’S PRIVACY

This website is not directed at children under the age of 16. I do not knowingly collect personal data from children under 16 without verified parental consent. If you believe a child has provided me with personal data, please contact me at contact@onmyway.ro and I will take steps to delete it promptly.

Family travel content on this blog depicts my own family with appropriate consent. It does not solicit data from children visiting the site.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. CHANGES TO THIS POLICY

I may update this Privacy & Cookie Policy from time to time to reflect changes in my practices, the services I use, or applicable law. The “Last updated” date at the top of this page will always reflect the most recent revision.

For significant changes, I will notify newsletter subscribers by email. Your continued use of this website after any update constitutes acceptance of the revised policy.

Previous versions of this policy are available on request.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  1. CONTACT

For any questions, requests, or concerns about this policy or the way I handle your data, please reach out:

Data controller: Mihaela Canja / On My Way
Email: contact@onmyway.ro
Websites: onmyway-travel.com · onmyway.ro

I aim to respond to all data-related enquiries within 30 days.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

© On My Way · onmyway-travel.com · onmyway.ro
This policy was last reviewed in May 2025 and reflects the requirements of the Swiss FADP (nDSG, in force September 2023) and EU GDPR (Regulation 2016/679).

Politica de cookies

  1. Introducere

Prezenta Politică privind fișierele cookies se aplică tuturor utilizatorilor paginii de internet https://onmyway.ro.

Informațiile prezentate în continuare au ca scop informarea utilizatorilor acestei pagini de internet cu privire la plasarea, utilizarea și administrarea cookie-urilor în contextul navigării utilizatorilor pe această pagină de internet.

  1. Ce sunt cookie-urile?

Folosim termenul „cookie”-uri pentru a ne referi la modulele cookie și la tehnologiile similare prin intermediul cărora pot fi colectate informații în mod automat.
Un „Internet Cookie” (termen cunoscut și sub denumirea de „browser cookie” sau „HTTP cookie” ori „cookie”) reprezintă un fișier de mici dimensiuni, format din litere și numere, care va fi stocat pe computerul, terminalul mobil sau pe alte echipamente ale unui utilizator prin intermediul cărora se accesează internetul.
Cookie-urile sunt instalate prin solicitarea emisă de un web-server către un browser (de ex.: Internet Explorer, Firefox, Chrome). Cookie-urile odată instalate au o durată de existență determinată, rămânând „pasive”, în sensul că nu conțin programe software, viruși sau spyware și nu vor accesa informațiile de pe hard driverul utilizatorului pe al cărui echipament au fost instalate. Un cookie este format din două părți: numele cookie-ului; și conținutul sau valoarea cookie-ului.
Din punct de vedere tehnic, doar web-serverul care a trimis cookie-ul îl poate accesa din nou în momentul în care un utilizator se întoarce pe pagina de internet asociată web-serverului respectiv.

  1. Pentru ce scopuri sunt utilizate cookie-urile prin intermediul acestei pagini de internet:

Cookie-urile sunt utilizate pentru a furniza utilizatorilor acestei pagini de internet o experiență mai bună de navigare și servicii adaptate nevoilor și interesului fiecărui utilizator în parte și anume pentru:

  • îmbunătățirea utilizării acestei pagini de internet, inclusiv prin identificarea oricăror erori care apar în timpul vizitării/utilizării acesteia de către utilizatori;
  • furnizarea de statistici anonime cu privire la modul în care este utilizată această pagină de internet
  • anticiparea unor eventuale bunuri, servicii sau tipuri de conținut care vor fi în viitor puse la dispoziția utilizatorilor prin intermediul acestei pagini de internet, în funcție de conținutul sau paginile

Pe baza feedback-ului transmis prin cookie-uri în legătură cu modul în care se utilizează această pagină de internet, putem adopta măsuri pentru ca această pagină să fie mai eficientă și mai accesibilă pentru utilizatori.
Astfel, utilizarea cookie-urilor permite memorarea anumitor setări/preferințe stabilite de către utilizatorii acestei pagini de internet, precum:

  • limba în care este vizualizată o pagină de internet;
  • postarea comentariilor pe site.

 

  1. Care este durata de viață a cookie-urilor?

Durata de viață a cookie-urilor poate varia semnificativ, depinzând de scopul pentru care este plasat. Există următoarele categorii de cookie-uri care determină și durata de viață a acestora:

  • Cookie-uri de sesiune– Un „cookie de sesiune” este un cookie care este șters automat când utilizatorul își închide browserul.
  • Cookie-uri persistente sau fixe– Un „cookie persistent” sau „fix” este un cookie care rămâne stocat în terminalul utilizatorului până când atinge o anumită dată de expirare (care poate fi în câteva minute, zile sau câțiva ani în viitor) sau până la ștegerea acestuia de către utilizator în orice moment prin intermediul setărilor browserului.
  1. Ce sunt cookie-urile plasate de terți? 

 

Anumite secțiuni de conținut de pe pagina de internet pot fi furnizate prin intermediul unor terți, caz în care aceste cookie-uri sunt denumite cookie-uri plasate de terți („third party cookie-uri”).
Terții furnizori ai cookie-urilor trebuie să respecte, de asemenea, regulile în materie de protecție a datelor personale conform legislației în vigoare. Aceste cookie-uri pot proveni de la urmatorii terți:

  • Google Analytics – pentru statistici anonime legate de traficul pe blog și analiza traficului
  • Facebook,
  • furnizori de servicii de publicitate,
  • rețele de marketing afiliat, cum ar fi (fără a se limita la): Profitshare.ro, 2Performant.ro, awin.com, Booking.com – acestea plasează cookie-uri pentru a ține evidența click-urilor de pe acest blog către unele magazine online, pentru ca noi să primim un comision din partea magazinelor respective în cazul finalizării unei achiziții în decurs de câteva zile.

 

  1. Ce cookie-uri sunt folosite prin intermediul acestei pagini de internet:

Prin utilizarea/vizitarea paginii de internet pot fi plasate următoarele cookie-uri:

  • Cookie-uri de performanță a paginii de internet;
  • Cookie-uri de analiză a utilizatorilor;
  • Cookie-uri pentru geotargetting;
  • Cookie-uri pentru publicitate;

Cookie-uri de performanță

Prin acest tip de cookie-uri sunt memorate preferințele utilizatorului acestei pagini de internet, astfel încât setarea din nou a preferințelor în cazul vizitării ulterioare a paginii de internet nu mai este necesară.

 Cookie-uri de analiză a utilizatorilor

Aceste cookie-uri ne informează dacă un anumit utilizator al paginii de internet a mai vizitat/utilizat această pagină de internet anterior. Aceste cookie-uri sunt utilizate doar în scopuri statistice.

Cookie-uri pentru geotargetting

Aceste cookie-uri sunt utilizate de către un soft care stabilește țara de proveniență a utilizatorului paginii de internet. În funcție de aceasta site-ul va fi prezentat în limba română sau engleză.

 Cookie-uri pentru publicitate

Aceste cookie-uri permit aflarea vizualizării de către un utilizator a unei reclame online, tipul acesteia și timpul scurs de la momentul vizualizării respectviului mesaj publicitar. Ca atare, astfel de cookie-uri sunt folosite pentru targetarea publicității online. Aceste cookie-uri sunt anonime, stocând informații despre contentul vizualizat, nu și despre utilizatori.

  1. Ce tip de informații sunt stocate și accesate prin intermediul cookie-urilor?

Cookie-urile păstrează informații într-un fișier text de mici dimensiuni care permit recunoașterea browserului. Această pagină de internet recunoaște browserul până când cookie-urile expiră sau sunt șterse.

  1. Particularizarea setările browserului în ceea ce privește cookie-urile

În cazul în care utilizarea cookie-urilor nu este deranjantă iar calculatorul sau echipamentul tehnic utilizat pentru navigarea pe această pagină de internet este folosit doar de către dumneavoastră, pot fi setate termene lungi de expirare pentru stocrarea istoricului de navigare.
În cazul în care calculatorul sau echipamentul tehnic utilizat pentru navigarea pe această pagină de internet este folosit de mai multe persoane, poate fi luată în considerare setarea pentru ștergerea datelor individuale de navigare de fiecare dată când browserul este închis.

  1. Cum pot fi oprite cookie-urile? 

Dezactivarea și refuzul de a primi cookie-uri pot face această pagină de internet dificil de vizitat, atrăgând după sine limitări ale posibilităților de utilizare ale acesteia.
Utilizatorii își pot configura browserul să respingă fișierele cookie sau să fie acceptate cookie-uri de la o pagină de internet anume.
Toate browserele moderne oferă posibilitatea de a schimba setările cookie-urilor. Aceste setări pot fi accesate, ca regulă, în secțiunea „opțiuni” sau în meniul de „preferințe” al browserului tău.
Totuși, refuzarea sau dezactivarea cookie-urilor nu înseamnă că nu veți mai primi publicitate online – ci doar ca aceasta nu va fi adaptată preferințelor și interesele dumneavoastră, evidențiate prin comportamentul de navigare.

Pentru a înțelege aceste setări, următoarele linkuri pot fi folositoare:

Pentru orice întrebări suplimentare cu privire la modul în sunt utilizate cookie-urile prin intermediul acestei pagini de internet, vă rugăm să vă adresați la: contact@onmyway.ro

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.