Data protection

Introduction:
This Privacy Policy describes how the International Chemistry Tournament 2025 (“IChTo 2025”) website collects, uses, and protects your personal data. IChTo 2025 is hosted by the University of Bucharest, and the University serves as the data controller for any personal information processed through this site. We are committed to protecting your privacy in compliance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and applicable Romanian data protection. This policy is aligned with the University of Bucharest’s general data protection policy and follows principles of transparency and accountability.

Data Controller and Contact Information

The data controller responsible for your personal data is University of Bucharest, the host of IChTo 2025. The University’s address is 90 Panduri Street, Sector 5, 050663, Bucharest, Romania. If you have any questions or requests regarding your personal data, you may contact the University’s Data Protection Officer (DPO) at dpo@unibuc.ro​. This dedicated email can be used for inquiries about data use or to exercise your rights under GDPR (explained below). You can also reach out via postal mail to the above address (attn: Data Protection Officer).

What Data We Collect

We collect personal data that you provide directly and data collected automatically as you use our site:

• Information You Provide: When you interact with our site (for example, by filling out a contact form or registering for our newsletter), you may provide personal details such as your name, email address, school/affiliation, and the content of your message or inquiry. We collect and store this information so we can respond to you or fulfill the purpose of the form. For instance, if you contact us with a question, we will collect whatever information you include (like your email and question) in order to reply.
• Newsletter Subscription: If you subscribe to the IChTo 2025 newsletter, we collect your email address (and optionally your name or other details if provided) to send you periodic updates about the tournament. You will have had to explicitly opt-in (consent) to receive these communications by signing up. We keep track of your subscription status (subscribed/unsubscribed) and basic info to personalize the emails (for example, addressing you by name if provided).
• Automatically Collected Data: When you visit our site, certain technical information is collected automatically by virtue of your browsing. This includes data like your IP address (which can indicate your general location, e.g. city or country), your browser type and version, the device you are using (desktop, mobile, etc.), operating system, and the pages you visit on our site with timestamps. We also collect information about how you navigate the site (e.g., which links you click, how long you stay on a page) through analytics tools. In addition, we use cookies and similar technologies that may collect unique online identifiers (like cookie IDs) and other information as described in our Cookie Policy. This automatically collected data helps us ensure the site works properly and to analyze usage patterns.
• Cookies and Tracking Technologies: Our site uses cookies (small text files stored on your device) to remember your preferences and to facilitate analytics and security features. For example, we use cookies to keep you from seeing the same consent banner repeatedly and to enable Google Analytics (which tracks site usage statistics). Some cookies are placed by third parties on our behalf (such as Google’s cookies for analytics or security, and Facebook’s cookie for our social media integration). These technologies may collect information about your browsing behavior on our site. We provide full details in our Cookie Policy, which you can find on our site, including a list of the cookies in use and their purposes.

We do not seek to collect any sensitive personal data through this website (such as racial or ethnic origin, political opinions, health information, etc.), and we ask that you do not provide such information in the contact forms. The site is intended for a general audience interested in the IChTo competition, which primarily includes high school students, teachers, and science enthusiasts. If you are under 16 years of age, please obtain permission from a parent or guardian before providing any personal data (for example, by signing up for the newsletter), in accordance with GDPR requirements for minors.

How We Use Your Data

We use the collected data for the following purposes:

• To Respond to Inquiries: If you contact us via a form or email, we use your provided information (like your name, email address, and the content of your inquiry) to reply to you and address your questions or requests. For example, if you ask about how to register a team, we will use your email to send you registration information. We will only use this information to communicate with you about your inquiry and related matters.
• Newsletter Communication: If you subscribed to the IChTo 2025 newsletter, we will use your email address to send you periodic newsletters or announcements about the tournament (such as important dates, new updates, results, or other relevant news). You will only receive these communications if you have opted in. Each email will include an option to unsubscribe if you no longer wish to receive the newsletter. We manage our mailing list using a third-party service (MailerLite), as described below, and they also have access to your email strictly for sending out our communications.
• Website Functionality and User Experience: Automatically collected data and certain cookies help our website operate correctly and improve your browsing experience. For instance, some cookies remember if you’ve already seen the cookie consent banner, so it won’t pop up every time (improving usability). Some technical data (like browser type or device information) helps us ensure the site displays correctly on different devices. If you adjust any preferences on the site (for example, choosing a language, if that feature exists), we would use a cookie or similar to remember your choice – this is also part of functionality.
• Analytics and Improvement: We analyze aggregate data about how visitors use our site in order to improve the website’s content, structure, and performance. For example, we use Google Analytics to collect information such as which pages are most visited, how long users stay on pages, what site referred them (e.g., a search engine or a link from another site), and at what times our site gets the most traffic​. We look at this data in aggregate (e.g., total number of visitors in a month, average time on page) to understand our audience’s interests and to identify any usability issues. This helps us improve content (for example, if we see many people visiting a “Schedule” page, we ensure that page is accurate and prominent) and ensure important information is easy to find. Analytics also help us measure the success of outreach efforts (like if we post a link on social media, we can see if people clicked it). We use Google Analytics cookies for this purpose, which collect information in an anonymous form. (See Analytics Cookies in the Cookie Policy for more detail.)
• Security and Spam Prevention: We use tools like Google reCAPTCHA on our web forms to protect against spam submissions and malicious bots. reCAPTCHA analyzes user behavior (for example, how you move your mouse or whether you’re ticking a box) to determine if you’re a human. In doing so, it may collect hardware and software information, such as device and application data, and send that data to Google for assessment. We use the information from reCAPTCHA solely to keep our site and communications secure from abuse. Additionally, our web server logs (which record IP addresses and browsing timestamps) are monitored to detect and prevent malicious activities like hacking attempts or denial-of-service attacks. This kind of data use is essential for maintaining the integrity and security of the website.

We will not use your personal information for purposes other than those listed above without obtaining your consent or having another lawful basis. In particular, we do not use the data collected on this site for any kind of automated decision-making or profiling that produces legal effects or similarly significant effects on you. Any analytics or statistics we derive do not have an impact on any individual’s access to our services; they are purely for our internal improvement.

Legal Basis for Processing

Under GDPR, we must have a valid legal basis to process personal data. Depending on the context, one or more of the following legal bases apply to our processing activities:

• Consent: We rely on your consent for certain types of data processing. Notably, our newsletter mailing is based on consent – we only send you emails if you have subscribed (consented) to receive them. Likewise, non-essential cookies (such as analytics or marketing cookies) are deployed only if you consent via the cookie banner or settings on our site. You have the right to withdraw your consent at any time. For example, you can unsubscribe from the newsletter using the link provided in each email (or by contacting us), and you can adjust your cookie preferences to revoke consent for analytics/marketing cookies. Withdrawing consent will stop the processing of your data for the future, but it won’t affect the lawfulness of processing already done while consent was in effect.
• Legitimate Interests: We process certain data under the lawful basis of legitimate interests pursued by us (as the website operator and event organizer). This applies when we use data in ways that you might reasonably expect and that have minimal privacy impact, and when our interests are not overridden by your fundamental rights. For instance, when you send us a message through the contact form, we have a legitimate interest in processing your contact details and message to respond to you (even if you didn’t explicitly “consent” to that – you initiated the communication, so it’s within expectation to reply). Similarly, ensuring our site’s security via reCAPTCHA or server logs is within our legitimate interests (to protect our service and users). We believe our use of Google Analytics can also be considered a legitimate interest in understanding and improving how our site is used; however, because analytics can be invasive, we choose to ask for consent for analytics cookies in line with EU ePrivacy directives. In any case where we rely on legitimate interests, we balance our interest against your rights and freedoms to ensure we’re not being intrusive. You have the right to object to processing based on legitimate interests (see “Your Rights” below).
• Legal Obligation: In certain situations, we may need to process or disclose personal data to comply with a legal obligation. For example, Romanian law might require us to retain certain business correspondence or to provide information to authorities if properly requested (such as for an investigation). While these cases are not common for a simple event website, we include this basis for completeness. If a lawful request is made by law enforcement or a court (and it’s verified and necessary), we may process personal data as required to comply. Additionally, as a public educational institution, the University of Bucharest has to adhere to public transparency and record-keeping laws that might involve processing data (e.g., keeping records of official communications).

In summary, consent is used for newsletter and optional cookies, legitimate interest for routine site operations (answering queries, securing the site, basic analytics), and legal obligation if we’re ever compelled by law to do something with the data. If you have questions about the legal basis for a specific processing activity, feel free to contact us (see the Data Controller contact above).

How We Share and Disclose Data

We treat your personal data with care and confidentiality. We do not sell your personal information to third parties. However, we do share data in certain necessary contexts as outlined below:

• Within the University and Organizing Team: Your information may be shared internally among organizers of IChTo 2025 and relevant staff of the University of Bucharest who need it to perform their duties. For example, if you ask a question about local accommodations for the tournament, we might share your inquiry with a committee member handling event logistics to get you the correct answer. All University staff and volunteers involved are bound by data protection rules and confidentiality obligations.
• Service Providers (“Processors”): We use trusted third-party companies to help us operate this website and the associated services (like email newsletters). These providers act on our behalf (as “processors”) and only process your data under our instructions and for our purposes. Key service providers we use are:
  • MailerLite: We use MailerLite for managing our email newsletter subscription list and sending out our newsletter emails. When you subscribe to the newsletter, your email address (and any other details you gave for that purpose) are stored in MailerLite’s systems. MailerLite is a GDPR-compliant email service provider based in the EU (MailerLite’s primary servers are in European data centers)​mailerlite.com. This means that your data is kept secure and under European data protection standards. MailerLite will not use your email for their own purposes; they only hold it so that we can create mailing campaigns. If you unsubscribe, MailerLite will update our mailing list to ensure you no longer receive emails. (They may keep an “unsubscribed” marker or log, as required by law, to prove we’re not emailing you anymore.)
  • Google Services: We rely on Google for certain site functionalities:
    • Google Analytics: Google provides the analytics platform we use to gather website statistics. In this role, Google acts as a data processor processing data on our behalf to compile aggregate insights. The data collected (website usage info, truncated IP addresses, etc.) may be stored on Google’s servers (which could be in the EU or the United States). We have configured Google Analytics to anonymize IP addresses (masking a portion of each visitor’s IP) to enhance privacy. Google is contractually obligated by its data processing terms with us to only use the analytics data for our purposes, and Google will not share it or use it for advertising (as long as we don’t link Analytics with advertising features, which we have not). We do not send Google any personal identifiers like names or emails through Analytics. (However, Google may independently collect some device identifiers via cookies.) We have accepted the EU Standard Contractual Clauses with Google to cover any data transfers out of the EEA.
    • Google reCAPTCHA: Google’s reCAPTCHA service is embedded on our forms to block spam. When it runs, it collects data (as described earlier) and Google uses that data to determine if the interaction is likely from a human. In this context, Google might act as an independent controller for the security data (since Google has its own interest in improving anti-bot detection beyond just our site). The information (such as IP and behavior patterns) is shared with Google as part of this functionality. We deem this necessary for protecting our site. Google’s privacy policy covers how they handle reCAPTCHA data. We ensure we have a legitimate interest basis (security) or consent (via accepting our terms) for this transfer of data.
    • Because Google LLC is based in the U.S., any data that goes to Google (Analytics or reCAPTCHA) may be transferred to the U.S. However, Google has committed to GDPR compliance and, as noted, we rely on mechanisms like Standard Contractual Clauses to lawfully transfer data.
  • Facebook: We have integrated the Facebook Pixel on our site for promotional and analytics purposes related to Facebook. The Facebook Pixel is a piece of code provided by Meta (Facebook’s parent company) that we’ve added to our pages. It enables us to understand actions taken on our site and later use that to create better outreach on Facebook (for instance, to show advertisements about IChTo to people who visited our site). The Pixel triggers a cookie (_fbp) that identifies your browser/device to Facebook​. Data collected through the Pixel (such as the fact you visited a certain page on our site) is sent to Facebook. In this arrangement, Facebook acts as a separate data controller (Facebook uses the data for its own analytics and ad targeting services, according to its Data Policy). We do not receive personal data from Facebook about you; we see only aggregated analytics (e.g., “50 people visited from Facebook this week” or “10 people clicked on our Facebook ad and then visited the site”). We have accepted Facebook’s terms for using the Pixel, which include commitments to GDPR compliance. We ensure that the Pixel is only activated if you consent to Marketing Cookies via our cookie banner, given that it’s not strictly necessary. If you don’t consent, the Pixel doesn’t run and no data is shared with Facebook from our site for that session.
• Other Third Parties: Aside from the above service providers, we generally do not share data with anyone else. The only exceptions would be if you specifically ask us to share information or if sharing is necessary to fulfill your request. For example, if you asked us to connect you with another competition or sponsor, we might forward your inquiry to them with your permission. Additionally, if IChTo 2025 is part of a larger network of competitions, we might share high-level stats or non-personal info with them, but not personal data without consent.
• Compliance with Law: We may disclose personal information outside of the above scope if required to do so by law or a legal process. For example, if we receive a court order or an official request from law enforcement pertaining to data on our site, we will evaluate it and comply if legally obligated. We will strive to limit the disclosure to what is strictly necessary. Also, if necessary to enforce our website’s Terms and Conditions or to protect the rights, property, or safety of the University, IChTo, our users, or others, we may disclose information to legal advisors or authorities. This kind of sharing is rare and would only occur under appropriate circumstances.
• International Aspects: Because some of our service providers (like Google and Facebook) are international companies, data shared with them may involve international transfers (explained more in the next section). We ensure that such transfers are safeguarded.

Importantly, we do not sell your personal data to marketing companies or unrelated third parties. Any data sharing is either with your knowledge and consent (using a service you opted into) or for the limited purposes stated above. All third-party service providers we engage have data protection agreements in place with us, and they are not allowed to use your data for anything other than providing services to us.

International Data Transfers

The University of Bucharest and IChTo 2025 are based in Romania (EU), and we strive to store and process data within the European Union whenever possible. However, some of the tools and services we use involve transferring data to other countries. GDPR and EU law require that when personal data is transferred outside the European Economic Area (EEA) to a country that doesn’t have an EU adequacy decision, certain safeguards must be in place.

Here’s what you should know about our data transfers:

• MailerLite (EU-based): Our newsletter subscriber data is handled by MailerLite, whose servers are located in the EU (e.g., Germany or the Netherlands)​. This means your subscription info is not routinely transferred outside the EU. MailerLite is based in Lithuania (EU) and is fully compliant with GDPR. So, in this case, your data stays within a jurisdiction with strong data protection laws.
• Google (U.S. & Global): Google Analytics and reCAPTCHA may involve data transfer to the United States (where Google’s parent company is headquartered) or other countries where Google maintains data centers. While the U.S. does not currently have an “adequacy” ruling from the EU, Google has adopted Standard Contractual Clauses (SCCs) in its data processing terms to provide a legal mechanism for such transfers. Additionally, as of 2025, an EU-US Data Privacy Framework is in the process of being implemented, which companies like Google might participate in to further legitimize data flows. We also leverage settings like IP anonymization to reduce the scope of personal data sent to Google. Overall, while analytics data may go to the U.S., we have taken steps to ensure compliance through contractual safeguards​.
• Facebook (U.S. & Global): Data collected via Facebook Pixel is transferred to Facebook’s servers which may be in the U.S. or other locations. Facebook, like Google, typically relies on Standard Contractual Clauses for EU-US data transfer and has stated its commitment to GDPR compliance. When you consent to marketing cookies, you are acknowledging that your data will be shared with Facebook in the U.S. under those safeguards. Facebook has its own robust security measures and is subject to agreements and legal requirements to protect EU data.
• Email and Communications: If you email us or we email you, those communications may travel and be stored globally. For instance, if you use Gmail or another email provider outside the EU, our replies to you will inherently involve international transfer because your email account is hosted outside Romania. Similarly, the University’s email servers are likely EU-based, but some routing could go through global internet infrastructure. This is generally unavoidable in internet communications and is covered by implied consent when you correspond with us.

Whenever personal data is transferred out of the EU, we ensure at least one of the following safeguards is in place: (1) transferring to countries with an EU adequacy decision (ensuring an equivalent level of data protection), (2) using Standard Contractual Clauses or equivalent legal instruments with the recipient, (3) the provider is certified under a recognized framework (like the EU-US Data Privacy Framework or Swiss-US framework, if applicable), or (4) we rely on a specific derogation under Article 49 of GDPR (for example, explicit consent or necessary transfer for contract performance), though we try to avoid the need for derogations by using the first three measures.

Your International Rights: Regardless of where your data is processed, we extend the same GDPR-level rights and protections described in this policy. If a service provider cannot or does not comply with these standards, we will not use them for personal data. You can request more information on our data transfer safeguards by contacting our DPO.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal or contractual requirements. Different types of data may be kept for different durations:

• Contact Form Submissions: If you contact us through the website (or via email), we will retain your message and our response for a certain period. Generally, we keep routine correspondence for up to one year. This allows us to refer back in case you follow up or if we need to remember what was communicated (for example, if you later say “as I mentioned in my email last month…” we have that context). In some cases, we may retain communications longer than a year if they contain important information (e.g., details about an upcoming event arrangement or an incident report). Emails to official University addresses might be archived as per University policy, but they remain protected. We will periodically review stored communications and securely delete those that are no longer needed.
• Newsletter Data: If you sign up for our newsletter, we will keep your email on our mailing list until the end of the IChTo 2025 event and any immediate post-event announcements, or until you choose to unsubscribe — whichever comes first. After the tournament concludes, we may send a wrap-up newsletter and possibly an invitation to stay tuned for future events. At that point, we might either ask you to re-confirm subscription for future IChTo news or remove the mailing list and all data related to it. If you unsubscribe from the newsletter at any time, we will immediately stop sending you emails. Your email might be retained on a “do not contact” list (to ensure we honor the unsubscribe) or in our campaign logs for record-keeping, but it will no longer be actively used except as needed to ensure compliance with your opt-out. Typically, MailerLite and similar services retain unsubscribed contacts (with minimal data) to prevent accidental re-addition; we abide by their retention protocols which are in line with GDPR (they won’t send anything, and you can request complete deletion if needed).
• Cookies and Analytics Data: Cookies have varying lifespans. Some (like session cookies or security cookies) expire as soon as you close your browser. Others persist: for example, the Google Analytics _ga cookie typically lasts 2 years, _gid lasts 24 hours, _gat lasts 1 minute​, and Facebook’s _fbp cookie lasts up to 3 months. We respect those expiration times set by the cookie provider. You can also clear cookies manually from your browser at any time, which effectively “resets” those identifiers. In terms of analytics data stored by us: we don’t personally store raw analytics on our own servers; rather, the data is in Google Analytics dashboards. We have set our Google Analytics data retention period to 14 months for user-level data (the shortest option that still allows year-over-year analysis). This means that data associated with identifiers like cookies or device IDs is automatically deleted from Analytics after 14 months. Aggregate reports (which have no personal identifiers) may be kept longer within Google Analytics. We might download some aggregate reports or graphs to include in internal reports or event evaluations (e.g., “we had X unique visitors from Y countries”), and those could be kept as long as relevant for historical record. However, those reports won’t contain personal data. As for server logs (which include IP addresses), these are usually rotated and deleted within a few weeks to a few months on our web hosting system, unless needed for investigation of security incidents. ReCAPTCHA-related data isn’t something we store; it’s handled by Google in real-time and not provided back to us in identifiable form.
• Event Participant Data: While general visitors don’t provide this via the site, if you register for the competition or submit personal data as part of participation, that data will be used for organizing the event. For example, team registration might include student names, ages, and contact info for team leaders. Such data is outside the immediate scope of this website Privacy Policy (it would be covered by competition-specific forms and notices), but generally, participant data is kept for the duration of the competition and a certain period after for record-keeping (e.g., keeping a list of winners for historical archives or alumni outreach). We ensure that competition registration data is handled in accordance with GDPR as well, likely under the University’s educational purpose. If any participant data does overlap with the website (say, if an online form on the site collects it), the retention will be clearly communicated at collection. Typically, non-selected or non-participating applications might be deleted after the event, whereas lists of actual participants and results might be archived indefinitely for historical record (names of winners, etc., are often published permanently as part of competition results).

In all cases, when data is no longer needed, we will either delete it or anonymize it (so it can no longer be linked to an individual). For example, we might keep an anonymized statistic that “200 teams registered” but not keep the personal details of each registration beyond the necessary time.

Please note that backup systems might retain copies of data for a bit longer even after deletion (e.g., if the server is backed up weekly, a contact form entry you sent might linger in a backup file for some additional weeks before those backups cycle out). However, we ensure such backups are secure, and we will not restore or use deleted data except if required for system recovery (in which case, if data resurfaces, we would re-delete it).

If you have specific questions about our retention of a particular piece of data (for instance, “I emailed you last year, can you remove my email and message now?”), you can contact us and we will assist in accordance with applicable law.

Your Rights

As an individual whose personal data is processed by the University of Bucharest through the IChTo 2025 website, you have a number of rights under GDPR. We are committed to upholding these rights. Below is an overview of your rights and what they mean:

• Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to access that personal data and certain information about it​. This is often called a “Data Subject Access Request.” In practice, this means you can ask us to provide you with a copy of the personal information we have about you (for example, any contact info or messages you sent us, any email on our newsletter list, etc.), as well as an explanation of why we have that data, how it’s used, who it’s shared with, and how long we plan to keep it. We will provide this information free of charge, usually within one month of receiving your request (we might take up to two months more for complex requests, but we would inform you if that’s the case). Please note, the more specific you can be about what data you want (e.g., “newsletter subscription and any emails I sent”), the easier it will be for us to fulfill your request quickly.
• Right to Rectification: If you believe that any personal data we hold about you is incorrect or incomplete, you have the right to request that we correct (rectify) it. For example, if you subscribed to the newsletter with a typo in your name or if you change your email address, you can ask us to update our records. We strive to keep data accurate, and in many cases you can rectify data yourself (for instance, by re-submitting a correct entry or by using an “update preferences” link for newsletters). But you can always reach out to us and we will correct any inaccuracies promptly.
• Right to Erasure: This is sometimes known as the “right to be forgotten.” You have the right to request the deletion of your personal data in certain circumstances​. For instance, if the data is no longer necessary for the purpose it was collected, if you have withdrawn your consent and no other legal basis exists, or if you object to processing and we have no overriding legitimate grounds, or if we unlawfully processed your data, you can ask that it be erased. In practical terms: if you want us to delete information you provided, such as removing you from the newsletter and deleting your email from our database entirely, you can request that. We will honor such requests to the extent required by law. Sometimes we might have to retain minimal information to honor your request (e.g., keeping your email on a suppression list to ensure we don’t re-add it), or we might refuse deletion if an exemption applies (for example, if you were a competition winner and the results are part of public record, we might not erase your name from the results posted online, but we’d discuss that with you). We will clearly explain the outcome of an erasure request to you.
• Right to Restrict Processing: You have the right to request that we limit the processing of your data in certain situations​. This means we would store your data but temporarily halt any other processing. You might exercise this right if, for example, you contest the accuracy of your data (you’d want us to pause processing until we fix it), or you objected to our processing (and we’re evaluating that objection), or if our use is unlawful and you don’t want full erasure, or if we no longer need the data but you need us to keep it for a legal claim. When processing is restricted, we will not use or share the data except for storage and to the extent necessary (e.g., to establish a legal claim or with your consent). We’d inform you before lifting any restriction.
• Right to Data Portability: You have the right, in certain cases, to receive the personal data you have provided to us in a structured, commonly used, machine-readable format and to have that data transmitted to another controller. This typically applies to data processed by automated means under consent or contract. In our context, data portability could apply if you, say, provided a set of personal info to register for an account (if we had accounts) or subscribed to a service. Since our site’s services are limited (newsletter subscription being the main “service”), the most likely scenario for portability is if you wanted a copy of your subscription info or messages to use elsewhere. If applicable, we can provide your data in formats like CSV or JSON that are machine-readable. Portability complements your access right – it’s specifically so you can reuse your data across different services. (For example, if you had a profile on one platform and wanted to import it to another. Our site doesn’t really have user profiles, though.)
• Right to Object: You have the right to object to certain types of processing of your personal data. You can object to processing based on legitimate interests or public interest grounds, and we must stop such processing unless we have compelling legitimate grounds that override your rights or if we need to continue processing for the establishment, exercise, or defense of legal claims. In practice: if we are processing your data under the “legitimate interest” basis (like responding to an inquiry or doing analytics), you can object to that. For instance, you might object to your page visit being included in Google Analytics data. If you object, we will evaluate whether our interest in analytics is overridden by your rights; given that we voluntarily ask consent for analytics, you effectively already have a way to “object” by opting out of cookies. Another example: you can object to any direct marketing we do (which is actually covered by consent anyway). If you were to object to something like receiving event notifications beyond what you signed up for, we would cease immediately. Note that objecting may mean we have to limit or stop providing a service (e.g., if you object to us processing your email, we can’t send you the newsletter or even a response, ironically). We will clearly communicate with you to find a reasonable solution. Also, under GDPR, if data is processed for scientific/historical research or statistics (which we do only in aggregate), you have a right to object to that too, unless it’s in public interest.
• Right to Withdraw Consent: If we are processing any of your data based on consent, you have the right to withdraw that consent at any time​. This is straightforward: for the newsletter, you can unsubscribe (withdraw consent to emails); for cookies, you can change settings to withdraw consent to analytics/marketing cookies; if we ever asked for consent for something else, you can similarly notify us that you withdraw it. Once consent is withdrawn, we will stop the processing that was based on it. As mentioned, withdrawal doesn’t affect the legality of what we did before withdrawal. There is no penalty or consequence to withdrawing consent – it’s your right. However, if the service relies on that consent (e.g., receiving newsletters), you will no longer receive that service after withdrawal.
• Right to Lodge a Complaint: We strive to address all your concerns directly, but if you believe we have not complied with data protection laws, you have the right to file a complaint with a supervisory authority. The University of Bucharest falls under the jurisdiction of the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP). You can contact this authority at http://www.dataprotection.ro/ or by other means as listed on their website​. The authority can advise you on your rights and will investigate your complaint. If you reside in another EU country, you can also contact your home country’s data protection authority (they will coordinate with the Romanian authority under the GDPR’s cooperation mechanism). Lodging a complaint does not prejudice any other legal rights or remedies you have.

We would appreciate the chance to deal with your concerns before you approach a regulator, so please feel free to reach out to us or our DPO with any issues, and we will do our best to resolve them amicably and swiftly.

Exercising Your Rights: You can exercise these rights by contacting us (preferably in writing so we can keep track) via the DPO email (dpo@unibuc.ro) or through any contact method provided. To ensure we respect your privacy, we may need to verify your identity before fulfilling certain requests (for example, we might ask you to send an email from the address you want to access or provide proof of identity for a serious request). This is to prevent unauthorized access to your data by someone else. We will respond to your request as soon as possible, typically within one month. If for some reason we cannot fulfill your request (either due to a legal exception or technical impracticality), we will explain the reason to you. For example, if you requested complete erasure of all your data, but you’re currently a contestant in the tournament, we might need to retain some data until the event is over due to contractual necessity – we would discuss and clarify that.

We do not generally charge a fee for these requests. However, GDPR allows a reasonable fee or refusal if requests are manifestly unfounded or excessive (like repetitive requests). We’ve never had to consider that, and we’ll try to be accommodating and fair in all cases.

Your rights are very important to us, and our goal is to ensure you feel in control of your personal information.

Data Security

We take appropriate technical and organizational measures to secure your personal data and protect it against unauthorized access, alteration, disclosure, or destruction. We understand that the trust you place in providing data to us (even something as basic as an email address) requires us to be vigilant about security.

Technical Measures: Our website is served over HTTPS, meaning that data transmitted between your browser and our site is encrypted using TLS. This helps prevent eavesdropping on the information you submit (for example, the content of a contact form or your login to the newsletter preferences). We ensure that our server and content management system (CMS) are kept updated with security patches to protect against known vulnerabilities. The site is hosted on infrastructure that is maintained by the University of Bucharest or a reliable hosting provider, with firewalls and monitoring in place. We use security plugins and configurations (such as reCAPTCHA and brute-force protections) to defend against malicious attacks. Any stored data (like database entries for form submissions or subscriber lists) is protected behind authentication and not publicly accessible.

Organizational Measures: Access to personal data is limited to people who need to process it for the purposes described. For example, only specific authorized members of the IChTo organizing team or University IT staff can access the website’s backend or the MailerLite account. Those individuals have unique credentials and are trained to handle data confidentially. The University’s data protection policy mandates confidentiality and proper handling of personal data by employees and collaborators​.

. We ensure that anyone with sustained access to personal data (like the person managing the newsletter) is aware of GDPR obligations and has committed to respecting them.

We have procedures to deal with any suspected data breach. This includes identifying and containing the breach, assessing risk to individuals, and notifying affected parties and authorities as required by law. For instance, if our newsletter database were compromised, we would promptly investigate and, if the breach is likely to result in a high risk to individuals (e.g., exposure of emails and any associated names), we would inform those individuals and the Romanian DPA within the timeline mandated (GDPR requires reporting certain breaches within 72 hours to authorities).

No Guarantee: While we are serious about security, it’s important to acknowledge that no website or internet transmission is 100% secure. There is always some residual risk in sending information online. We continuously evaluate new technologies and threats, and improve our safeguards over time. We also rely on users to play a role: for example, if you suspect any vulnerability or encounter something odd (like you receive an email that looks phishy or you notice a misconfiguration on our site), please let us know so we can address it.

Third-Party Security: Where we use third-party services (MailerLite, Google, Facebook), we choose reputable companies and review their security practices as described in their documentation. MailerLite, for instance, has an ISO 27001 certified data center and robust security measures. Google and Facebook invest heavily in security as well. However, we cannot control their systems. We have contractual assurances from them regarding data protection, but if they were ever to suffer a breach, we would follow their guidance and take appropriate actions on our end as well.

In summary, we aim to prevent data loss, misuse, and unauthorized access through a combination of technology (encryption, access controls, backups) and human practices (training, policies, audits). If you have specific questions about our security measures, feel free to contact us.

Links to Other Websites

Our website may contain links to external sites or resources that we think might be useful or interesting to our visitors (for example, links to partner organizations, sponsors, academic resources, or news articles about IChTo). This Privacy Policy applies only to our website (the IChTo 2025 site on unibuc.ro domain). Once you click a link to another website and leave our domain, we no longer control what happens with your data, and their own privacy policies will apply.

We provide these links for convenience and informational purposes. However, we are not responsible for the content, security, or privacy practices of those external websites​. We encourage you to read the privacy policy of every site you visit, especially if you provide personal information there. For example, if we link to a scientific article on a university’s site and you decide to sign up on that site, you should check how they handle your data.

We do not share your personal data with external sites (unless explicitly noted, like submitting a form that sends data to a partner, which we aren’t doing currently). But if you go to a third-party site, they might independently collect information about you through cookies or other means. (For instance, clicking a YouTube video link will subject you to YouTube’s cookies and privacy rules.)

That said, we aim to only link to reputable sites. If you find that one of our external links is problematic (like it’s broken, or it’s pointing to a site with concerning practices), please let us know so we can review it.

Updates to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, to keep up with legal requirements, or to improve clarity. When we make changes, we will:

• Post the updated Privacy Policy on this page with a new “Last updated” date.
• If the changes are significant, we may also provide a more prominent notice (such as a banner on our website or an announcement via email/newsletter if appropriate) to inform you of the update. For example, if we were to start collecting additional types of personal data or using data in a new way not covered by this version of the policy, we would highlight that change.

Your continued use of the IChTo 2025 website after any changes to this Privacy Policy constitutes acceptance of those changes. We encourage you to review this page periodically to stay informed about how we are protecting your information. For major changes, we might directly seek your consent again if required (for instance, if a new feature collects data under a consent basis).

If you do not agree with the changes to the policy, you should contact us and/or discontinue use of the site before the changes take effect, and you can request that we remove your data as per your rights above.

Contact: If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at dpo@unibuc.ro or reach out to the IChTo 2025 organizing committee via the contact information on our website. We value communication with our community and will be happy to clarify anything.

Thank you for taking the time to read our Privacy Policy. We hope it gives you a clear understanding of how your data is handled on the IChTo 2025 website. Your privacy is important to us, and we are committed to safeguarding it.

Last updated: April 11, 2025

Introduction:
This Cookie Policy explains how the IChTo 2025 website uses cookies and similar technologies, what types of cookies we use, and how you can manage your preferences. We want to be transparent about our use of cookies so that you can make informed decisions. By using our site, you can choose which optional cookies to allow, and you can change your settings at any time through our cookie consent tool or your browser settings.

What are cookies?
Cookies are small text files that websites store on your device (computer, tablet, smartphone) when you visit them. Cookies serve a variety of functions: they can enable core site functionality, remember user preferences (like language or login status), collect analytics data, or be used for marketing purposes (like tracking across sites for advertising). Cookies set by the website you’re visiting are called first-party cookies. Cookies set by other domains (for example, by a third-party analytics or advertising provider) are called third-party cookies. In addition to cookies, there are similar technologies like web beacons (pixel tags), local storage, and scripts that perform a similar role – for simplicity, we refer to all of these as “cookies” or “cookie technologies” in this policy.

When you first visited our site, you should have seen a cookie banner explaining that we use cookies and giving you the option to accept or reject certain categories of them. No cookies beyond the strictly necessary ones are set unless you agree. Below, we categorize the cookies we use and provide details about each category, including examples of specific cookies.

Strictly Necessary Cookies

Strictly necessary cookies are essential for the basic functioning of our website. These cookies enable core features such as security, network management, and accessibility. Without them, the site would not perform as expected. They do not collect information about you that could be used for marketing or remembering where you’ve been on the internet. For this reason, strictly necessary cookies are typically exempt from consent requirements – they are placed by default to ensure the service you requested (browsing the website) works properly.

On our site, strictly necessary cookies include:

• Cookie Consent and Preference Cookies: When you set your cookie preferences on our site (for example, choosing which categories of cookies to accept or reject on the cookie banner), our site needs to remember those choices so it doesn’t ask you again every time and so it respects your preferences moving forward. We use a GDPR-compliant cookie consent tool that sets cookies like cookielawinfo-checkbox-necessary, cookielawinfo-checkbox-functional, cookielawinfo-checkbox-analytics, cookielawinfo-checkbox-performance, and cookielawinfo-checkbox-others. Each of these cookies simply stores a “yes” or “no” value to indicate whether you have allowed that category​. They have a typical lifespan of around 11 months (so that once you’ve set your preferences, they persist for about a year)​. We also use viewed_cookie_policy, which records that the cookie banner was shown and your overall consent state (this prevents the banner from popping up repeatedly)​. These cookies do not contain personally identifying information; they just remember your settings. If you were to delete them or block them, the site wouldn’t remember your preferences and you’d likely see the consent banner each visit.
• Security and Session Management Cookies: We utilize certain cookies to maintain website security and manage session state. For example, wordpress_test_cookie is set by our content management system (WordPress) to check if your browser accepts cookies at all​. It doesn’t hold any user info and is deleted when you close your browser. It’s purely a functional check — when you log in to WordPress (for site admins) it helps ensure the login process can proceed. Regular visitors might still see this cookie being set and immediately removed, as WordPress tests cookie capability on any login page. Additionally, if there were any login-protected areas on the site (primarily for admins, not for public users), cookies like wordpress_logged_in_<hash> or wp-settings-<uid> would be strictly necessary to keep those users logged in and to remember their admin preferences​. These are only relevant to site maintainers, not general visitors, but we mention them for completeness. They expire when the browsing session ends or after a short period of inactivity (or in the case of wp-settings, around 1 year, but those apply to admin users customizing their dashboard).
• reCAPTCHA Cookies (Security): We have Google reCAPTCHA implemented on our forms to distinguish human users from bots. reCAPTCHA sets several cookies as part of its process (_GRECAPTCHA and others with names like SID, HSID, APISID, SIDCC, etc., which are tied to Google domains) to provide its spam-filtering functionality. These cookies are considered strictly necessary for security because without them, the form could be abused by spammers or malicious scripts. For instance, _GRECAPTCHA is a cookie set by the Google.com domain to store the reCAPTCHA response, and it lasts for the duration of the session or a bit longer. Some of the Google security cookies (like SID and HSID) may last longer (they can persist for months or years) as they contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time – these help prevent fraudulent use of login information and protect user data from unauthorized parties. If you are not logged into a Google account, these cookies might not identify you personally; they just serve to identify that a particular browser/computer is deemed low-risk by reCAPTCHA. We treat these as necessary because they are solely there to ensure that interactions with our site are from legitimate users. Blocking them might result in the contact form or other protected features not working (you may be unable to submit if reCAPTCHA cannot validate you). Data from these cookies may be sent to Google for analysis (as described in our Privacy Policy and Google’s privacy policy), but it is used only for fraud and abuse prevention.

These strictly necessary cookies are automatically placed when you visit our site or engage with relevant features. While you can technically block them via your browser settings, we advise against blocking strictly necessary cookies because doing so may cause parts of the site to break or not function optimally. For example, if you blocked our preference cookies, the site would continually ask for cookie consent because it can’t remember your choice; if you block reCAPTCHA cookies, you might not be able to submit forms; if you blocked session cookies, features for logged-in organizers would fail (not relevant to normal visitors, but indicates how core functionality relies on them).

We do not use strictly necessary cookies for any purpose other than providing you with the service and functions you request. They are not used for analytics or advertising.

Functional Cookies

Functional cookies enable enhanced functionality and personalization on our website. These cookies are not strictly required for the site to work, but they improve your experience by remembering choices you’ve made and providing more personal features. They may be set by us or by third-party services that we have integrated into our pages.

Examples of what functional cookies might do include: remembering your language or region selection, keeping track of preferences (like font size for accessibility, if we had such a feature), or enabling embedded content like videos or social media feeds to display correctly. If you do not allow functional cookies, some of these features (if present) may not function properly.

On the IChTo 2025 site, our use of functional cookies is relatively limited, because our site is straightforward and informational. However, we do have one notable feature that involves a functional cookie:

• Social Media Integration (Facebook Page Widget): We have a Facebook Page plugin embedded on our site (for example, a section that shows the latest posts from our official Facebook page or a “Like” button). This integration sets a cookie named _fbp on our domain​. The _fbp cookie is placed by Facebook’s scripts when they load on our site. According to Facebook, this cookie is used to store and track visits across websites that use Facebook Pixel or Facebook social plugins. In our case, we are using it primarily to display our Facebook content (making it a functional aspect, as it helps the widget know you’ve visited and possibly tailor content or just function). The University of Bucharest categorizes the _fbp cookie under functional cookies for the operation of the Facebook page widget​. This cookie typically has a lifespan of a few months (commonly around 3 months). It doesn’t contain personal data like your name, but it does have a unique identifier that Facebook uses to recognize your browser. This could potentially be used by Facebook to provide analytics to us or to inform their advertising system (see Marketing section), but on our site, we consider its primary role to be functional – ensuring the Facebook feed displays correctly and maybe identifying if you’ve liked our page already (to show an appropriate button state). If you disallow functional cookies, the Facebook widget might not load, or it might not remember your interactions (for example, if you clicked “Like” through our site’s plugin, it might not stick).
• Embedded Media/Maps: Currently, we do not have other embedded third-party media on the site beyond the Facebook plugin. But if in the future we embedded, say, a YouTube video or a Google Map, those services might set their own cookies to manage functionality (like remembering your volume level or that you’re logged into YouTube, or for Google Maps, to remember preferences and perform geolocation). Such cookies would be considered functional (and possibly also fall under marketing/analytics per those providers’ use). We would update this policy and list them if that occurs.

Functional cookies on our site are by default disabled until you allow them. If you choose to enable functional cookies (via our consent banner or settings), you’re allowing these additional features to run. If at any time you disable functional cookies, features like the Facebook feed may stop working or appear with degraded functionality.

To reiterate, these cookies are intended to make your experience better but are not critical. We do not use functional cookies to track you for advertising — any data collected might incidentally be used by the third-party that provides the feature (like Facebook may observe that you loaded our page widget). We recommend enabling functional cookies if you enjoy the enhanced experience (e.g., seeing social media updates directly on our site), but the choice is yours.

Performance Cookies

Performance cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us understand which pages are popular, how users navigate through the site, and if there are any errors being encountered. All information these cookies collect is aggregated and anonymous; they do not collect personal information. These cookies are essentially there for statistical analysis that benefits the site’s improvement.

In our implementation, performance cookies are closely tied to what we also call analytics cookies (discussed in the next section). You can think of performance cookies as a subset of analytics cookies focused on site performance metrics and usage.

By analyzing data from these cookies, we can, for example:

• Determine the number of visitors and see how that changes over time.
• See which sources are bringing visitors (e.g., search engines, social media, referral links).
• Understand if certain pages are rarely visited (perhaps indicating they are hard to find or not of interest).
• Monitor page load times or technical issues (some analytics can show if users leave quickly, possibly due to slow performance or errors).
• Detect patterns like a lot of traffic from a particular country, which might encourage us to provide additional info or support for that audience.

The main tool we use for performance analysis is Google Analytics. When enabled, Google Analytics sets cookies that gather information about your visit. The specific cookies set and their functions include:

• _ga: As described below in Analytics, it distinguishes users by assigning a unique ID. This helps count how many unique visitors we get (performance metric). It persists for 2 years if not deleted​.
• _gid: Also distinguishes users on a shorter-term basis (day-to-day). Persists for 24 hours​.
• _gat (or _gat_gtag_UA_xxx): Used to throttle request rate – ensuring the analytics collection doesn’t overwhelm either your browser or our server. Persists for 1 minute​.
• There may be other performance-related cookies or storage used by Google Analytics (like collect as a pixel request, or performance timing APIs) but they don’t store info on your device beyond these cookies.

By looking at the data from these cookies, we can gauge site performance. For instance, Google Analytics provides a “Behavior Flow” that shows how users typically move from one page to another – if we see many users dropping off on a particular page, we might examine that page for performance issues or confusing content. It also alerts us to technical issues if any (like a spike in exit rate on a page may suggest something’s wrong there).

If you do not allow performance cookies, we will not be able to use Google Analytics to see how your visit went, and thus our aggregated statistics become a bit less accurate. That’s perfectly okay – it will not affect your experience on the site, but it could slightly affect our ability to improve the site for the future. We appreciate when users allow these cookies because the insights gained really help us enhance the content and layout, but it’s ultimately your choice.

In sum, performance cookies do not identify you personally – they operate with anonymized IDs and aggregate data. They are used solely for the purpose of evaluating and improving our site’s performance and content delivery. We treat them as optional; they will only be set if you opt in.

(Note: Our performance cookies are essentially the same as our analytics cookies. The next section on Analytics Cookies will give more detail on Google Analytics. There might be overlap in description, but we separate the categories as an organizational matter because some policies differentiate the two. In practical terms, if you accept “Analytics/Performance” cookies on our site, you are enabling Google Analytics.)

Analytics Cookies

Analytics cookies are used to understand how visitors interact with our website. They collect information about your visits such as which pages you go to, how long you stay, how you got here, and what you click on. The purpose is to help us analyze and improve our web presence. These cookies are similar to performance cookies, and indeed we consider our Google Analytics cookies to cover both performance and analytics functions.

The primary analytics tool we use is Google Analytics. When you consent to analytics cookies, the following cookies (as mentioned) may be set by Google Analytics on our behalf:

• _ga: This cookie is used to distinguish unique users by assigning a randomly generated number as an identifier. It is included in each page request and helps us count how many people visit our site and understand if a visitor is new or returning. The _ga cookie has a lifespan of 2 years​.
• _gid: This cookie also identifies unique visitors but on a shorter time frame. It groups user activity within a 24-hour window (essentially reset each day). It helps us see daily user counts and how many pages a person visited during that day. The _gid cookie expires after 24 hours​.
• _gat (or gat_gtag_UA[PropertyID]): This cookie is used to throttle the request rate to Google’s servers. In high traffic situations, it prevents too many analytics hits from being sent in rapid succession. It contains the Google Analytics property ID of our site (UA-XXXX) and has a short life of 1 minute​. It doesn’t store user data; it’s more of a regulator.
• AMP_TOKEN (if applicable): If we were using Google’s AMP (Accelerated Mobile Pages) and analytics, this would contain a token to retrieve a client ID from the AMP Client ID service. We likely are not using AMP for our site, so you may not see this.
• gac<property-id>: This cookie might appear if we integrate Google Ads with Google Analytics. It stores campaign information in order to link ad clicks to site actions. For example, if someone clicked a Google ad for IChTo and then visited our site, this could help Analytics attribute that visit to the ad campaign. We will mention more in Marketing Cookies, but this could be present. It typically lasts 90 days.

(These Google Analytics cookie lifespans are approximately: _ga persists for about 2 years, _gid for 24 hours, and _gat for 1 minute​.)

The information from analytics cookies is sent to Google Analytics servers (which may be outside your country, as discussed in the Privacy Policy). Google Analytics then compiles reports for us. The kind of data we see includes: total number of users in a given period, demographic estimates (if available, like approximate geolocation by country – note: we have not enabled more granular demographics or interest tracking), user flow through the site, time spent on pages, bounce rates (percentage who leave after one page), etc.

Importantly, we have enabled IP anonymization in Google Analytics. This means Google truncates your IP address before using it, so the last few digits are removed, making it harder to identify you or your exact location. For example, if your IP is 192.168.1.123, it might be anonymized to 192.168.1.0. This is a privacy measure to ensure we don’t collect full IP addresses in Analytics.

We also honor the “Do Not Track” setting of your browser to the best of our ability – if we detect it, our policy is to treat it as an opt-out of analytics. Additionally, you can separately opt out of Google Analytics by using their opt-out browser add-on if you wish, regardless of our site’s settings.

Analytics cookies could be considered as creating a profile of site usage, but in our configuration we do not use them for advertising or sharing with other entities. The data stays in our Google Analytics account. We do not attempt to identify individuals via analytics; we look at aggregated trends. For example, we might see that our site had 10,000 pageviews in a month and that 30% of them were for the “Problems” page. This tells us something useful (the problems are of high interest). We do not see that “User X did A, B, C” in any personally identifiable way.

If you do not allow analytics cookies, Google Analytics will not be activated and we will simply not have a record of your visit in our stats. That’s absolutely fine — it will not impact your ability to use the site at all. It only means our statistics might undercount by one. Many users choose to disable analytics cookies for privacy reasons and we respect that completely.

In summary, analytics cookies help us improve the site by providing insight into user behavior and site performance. They work anonymously and are fully optional. We ask for your consent for these cookies explicitly when you first visit. If you decline, they will stay off. If you accept but later change your mind, you can always clear your cookies or use our cookie settings tool to disable analytics.

Marketing Cookies

Marketing cookies are used to track visitors across websites and deliver content (especially advertisements) that is more relevant to the user’s interests. These cookies can remember that you visited our site and then use that information to help us show you outreach messages or ads on other platforms, or measure the effectiveness of our marketing efforts. Marketing cookies often involve uniquely identifying your browser and device.

On the IChTo 2025 site, we use a few marketing-oriented tools, specifically the Facebook Pixel and (potentially) Google Ads conversion tracking. These set cookies that allow us to connect your visit on our site with our campaigns on those external platforms.

• Facebook Pixel (_fbp & fr cookies): We have embedded the Facebook Pixel on our site to help us reach people on Facebook who have shown interest in IChTo. The Pixel triggers the _fbp cookie on our domain (first-party)​. Additionally, when the Pixel sends data to Facebook, Facebook may set a third-party cookie called fr on the .facebook.com domain in your browser. The fr cookie contains an encrypted Facebook user ID and browser ID and is used by Facebook to deliver personalized advertising to you on Facebook and other websites that include Facebook social plugins. In essence, if you have a Facebook account and are logged in, or even if not, Facebook uses the _fbp and fr cookies to recognize you as someone who visited our site. This allows us (via Facebook) to later show you, for example, an announcement or reminder about IChTo on your Facebook feed. It also allows us to measure how effective our Facebook outreach is (e.g., did people who saw a Facebook post click through to our site?). The _fbp cookie on our site is set to last for a certain period (approx. 3 months if not cleared), and the fr cookie typically lasts 3 months as well. These cookies track your browser’s activity for the purpose of advertising. The data collected (like which pages you visited on our site, your Facebook ID if available, etc.) is sent to Facebook, who holds it under their Data Policy. We do not see individual-level data; we get aggregated reports like “100 people clicked on your Facebook ad and visited the site.” The Facebook Pixel is only activated if you consent to marketing cookies. If you opt out of marketing cookies, the Pixel will not run, _fbp won’t be set, and Facebook will not receive Pixel data from your visit.
• Google Ads (DoubleClick IDE & others): We may use Google Ads to run campaigns promoting IChTo (for instance, to attract participants). If so, we might have a Google Ads conversion tracking tag on our site, which would set a cookie named IDE on the .doubleclick.net domain (which is Google’s advertising domain) and possibly a cookie named ANID or DSID. The IDE cookie is used by Google’s DoubleClick to record and report your actions after you interact with our ads (e.g., if you clicked an IChTo ad on Google and then performed some action on our site, this cookie helps tie that together). IDE typically lasts about 13 months in the EU​. The DSID cookie is used to link your activity across devices if you’re logged into Google, ensuring we don’t double-count conversions across phone vs computer; it lasts a shorter time (2 weeks)​. Another Google cookie that might appear is 1P_JAR, which is used to gather site statistics and track conversion rates (its presence could be due to Google services; it often lasts around a month). Also, NID is a Google cookie that stores user preferences and sometimes is present if you interact with services like reCAPTCHA or maps; NID lasts about 6 months and, while not directly an “ad” cookie, it can serve ads personalization. By consenting to marketing cookies, you allow these Google advertising cookies to function during your visit. They tell Google Ads if a user from an ad campaign took an action (like visited certain pages). This helps us measure ROI of ads (e.g., “X people who clicked our Google ad ended up registering interest via the contact form”).
• Other Third-Party Marketing Cookies: Currently, aside from Facebook and Google, we do not employ other advertising networks on our site. We do not display any third-party ads on the site (like banners for unrelated products). Marketing cookies we use are solely to promote IChTo itself on platforms like Facebook/Instagram or Google’s networks. If in the future we partner with a sponsor that might have a presence, we would update our policy accordingly, but as of now, your data isn’t being shared with any ad networks beyond the ones mentioned.

Consent and Control: Marketing cookies are disabled by default on our site. They will only be set if you opt in to them via the cookie consent banner or settings. If you opt out (or simply never opt in), none of these marketing scripts will run. That means:

• Facebook Pixel will not load, and we will not send any visit data to Facebook.
• Google Ads tags will not fire, and no DoubleClick cookies (IDE, DSID, etc.) will be written by our site.

If you do opt in but later change your mind, you can use our cookie settings tool to disable marketing cookies (and we will stop using them on your visits), and you can clear existing cookies from your browser to remove those that were set.

Privacy Implications: Marketing cookies do track your browsing to some extent. For instance, Facebook will know that a user of a certain browser (possibly linked to your Facebook ID) visited our pages. They could use this to show you IChTo-related ads, but also, theoretically, it contributes to Facebook’s broader knowledge of browsing habits (which they use to refine their advertising systems). Similarly, Google’s advertising cookies will note that you visited pages related to IChTo (chemistry competition content). Google might then use that info to show you relevant ads elsewhere (like maybe an ad for a chemistry textbook, who knows, though Google’s use of conversion cookies is primarily to measure, not to profile, since profiling comes more from your search and general browsing data which is separate).

We want to assure you that we (IChTo organizers) do not get personal data from these cookies. We don’t know who you are just from you visiting our site, even with marketing cookies on. We only see the aggregate outcomes, like how many conversions an ad got. The trade-off with marketing cookies is mostly between you and those big platforms (Facebook/Google) which already likely have data if you use them. If you are uncomfortable with that cross-site tracking, it’s perfectly reasonable to keep these cookies disabled. Our site content is fully accessible without them; you just might not see our event promotions on other platforms targeted specifically to you.

Managing Marketing Preferences: In addition to our site controls, you can usually manage ad preferences directly with platforms:

• Facebook: in your Facebook account settings, you can opt out of seeing targeted ads based on data from partners (which would include pixel data) by adjusting Ads Preferences (under “Ad settings” -> “Data about your activity from partners”). You can also clear and block cookies like _fbp and fr via your browser.
• Google: you can visit Google Ad Settings to control personalized ads. Also, using a browser plugin like the DoubleClick opt-out extension or general ad blockers can block these cookies outright.

Remember, marketing cookies are about outreach. They help us spread the word about IChTo to interested people. But if you’re already on our site, you likely know about the tournament, so advertising to you might not be necessary – in fact, if you opt out, you might just not see our reminders on social media, meaning you’ll need to keep up-to-date via our site or mailing list instead. There’s no impact on your ability to compete or engage with IChTo content by disabling marketing cookies.

Managing Cookies (Preferences and Opt-Out)

We want to give you control over how cookies are used when you visit our site. When you first visited, you had the opportunity to accept or reject different categories of cookies. You can change your preferences at any time. Here’s how:

On Our Website (Consent Tool):

• Review/Change Preferences: If you want to adjust which cookies are enabled, look for a “Cookie Settings” or “Privacy Settings” link on our site (often found in the footer or as a widget). Clicking this will bring up our cookie consent management pop-up again, where you can toggle cookie categories (Necessary, Functional, Performance, Analytics, Marketing) on or off as you wish, then save your preferences.
• Withdraw Consent: If you previously gave consent for certain cookies and have changed your mind, you can use the same settings interface to disable those categories. Once you save that, our site will stop setting those cookies on your browser. To fully ensure removal, you might also want to delete the cookies that were already set (because our site won’t magically pull them off your browser; it just won’t refresh them or use them going forward). See below for how to delete cookies in your browser.
• Banner Reappearance: If you’ve cleared cookies entirely, our site will treat you as a new visitor and show the banner again at next visit so you can make a fresh choice. We intentionally don’t make it pop-up on every single page load once you’ve set a preference, as that would be annoying, but you can always find the settings link to change your mind proactively.

Using Your Browser Settings:
All major web browsers let you manage cookies:

• You can block all third-party cookies (cookies from domains other than the one in the address bar). This can strike a balance: it would, for instance, block Facebook and Google cookies on our site (since those are third-party), while still allowing first-party necessary cookies. Most browsers have this as an option in the privacy settings.
• You can block all cookies from specific sites or all sites. Note that blocking all cookies might break login-based sites or some features, including parts of our site that rely on cookies.
• You can delete cookies at any time. It’s a good habit to occasionally clear cookies if you want to “reset” your online trackers.
• Many browsers offer a “Do Not Track” setting and private/incognito modes to reduce tracking.

Instructions for Popular Browsers:

• Chrome: Go to Settings > Privacy and Security > Cookies and other site data. Here you can choose to allow all, block third-party, or block all cookies. You can also see all cookies and site data and remove specific ones. To clear cookies, go to Privacy and Security > Clear browsing data and select “Cookies and other site data.”
• Firefox: Go to Options > Privacy & Security. Under Cookies and Site Data, you can manage data (clear cookies) or set Enhanced Tracking Protection to Standard/Strict/Custom (custom allows you to block all cookies or just third-party trackers). Firefox also has a handy “Shield” icon in the address bar on sites to show what’s being blocked.
• Safari (Mac/iOS): On Mac, go to Safari > Preferences > Privacy. You can block all cookies (not usually recommended broadly) or remove specific cookies via “Manage Website Data...”. On iOS, go to Settings > Safari, where you can clear history and website data, and under Advanced > Website Data, you can remove cookies for specific sites.
• Edge (Chromium-based): Go to Settings > Cookies and site permissions > Manage and delete cookies and site data. You have options to block third-party cookies or all cookies. Clearing cookies is under Privacy, search, and services > Clear browsing data.
• Internet Explorer: (If anyone still uses it) go to Internet Options > Privacy, and you can set the slider to different levels or use Advanced settings to override automatic cookie handling.

Opt-Out Mechanisms for Analytics/Ads:

• Google Analytics Opt-Out: Google provides a browser add-on for Chrome, Firefox, Safari, and Edge that prevents Google Analytics from collecting data on any sites you visit. You can get it by visiting Google Analytics Opt-out Browser Add-on and installing it. With this installed, you don’t even have to rely on cookie settings; it ensures no data from your browser is sent to Google Analytics (effectively it tells the GA script to not execute).
• Industry Ad Opt-Out: There are industry groups like the Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA) that provide centralized opt-out pages. On these pages, you can opt out of targeted ads from participating companies (which include many major ad networks). For example, the NAI opt-out page allows you to opt out of many or all member cookies in one go. In Europe, the EDAA offers YourOnlineChoices.eu where you can manage preferences for various ad companies. Keep in mind: these typically work by setting an “opt-out cookie” on your browser. If you clear cookies, you erase the opt-out and would need to do it again.
• Facebook and Google Ad Preferences: As noted, go to Facebook’s ad preferences and Google’s ad settings to directly control how those individual companies use data for ads. For Facebook, disabling “data from partners” will stop them from using our Pixel data to target you (though it might also reduce personalization of other ads you might find relevant). For Google, turning off “Ad Personalization” will mean Google doesn’t use your info to tailor ads on Google services and on partners’ websites.

Consequences of Disabling Cookies:

• Necessary cookies: If you somehow disable these (via browser settings), expect that parts of our site might not function. For instance, try blocking all cookies and then submitting our contact form (with reCAPTCHA) – likely it won’t submit properly. Or our site might not remember that you closed a pop-up or set a preference.
• Functional cookies: Disabling them might mean a less convenient experience (e.g., needing to manually refresh social media content or losing some nice-to-have features), but nothing critical.
• Performance/Analytics cookies: We won’t know you came or what you did, which is fine. Our improvement efforts will rely on less data.
• Marketing cookies: You’ll simply see more general ads rather than ones about IChTo or related to your interests. Or you might not see our event promoted on Facebook/Google at all (which might be fine if you already know about us).

We have designed our site to be fully usable even if you reject all but the necessary cookies. You should not encounter content that is gated behind accepting cookies (aside from possibly the inconvenience of a cookie banner reappearing if it can’t remember you said no – which is a necessary cookie issue ironically).

If you have any trouble or questions about managing cookies on our site, please contact us. We can assist or provide specific guidance. We value your right to privacy and want you to feel comfortable with how your data is being handled while you browse our site.

Summary: Cookies are there to make our site function correctly (necessary cookies), to remember your choices (functional), to help us improve (performance/analytics), and to assist in promoting IChTo (marketing). You have full control over the non-essential ones. We hope this explanation clarifies what each type does. We appreciate your engagement, whether you allow all cookies or none – the important thing is you get the information you need about IChTo 2025!

For further information on how we handle any data collected (via cookies or otherwise), please refer to our Privacy Policy. And for any concerns regarding cookies that we haven’t addressed here, feel free to reach out.

Happy browsing!

Last updated: April 11, 2025

Introduction
Welcome to the official website of the International Chemistry Tournament 2025 (“IChTo 2025”), hosted by the University of Bucharest. These Terms and Conditions (“Terms”) govern your use of this website (including all content and services offered through it). By accessing or using the IChTo 2025 website, you agree to abide by these Terms. If you do not agree with any part of these Terms, please do not use the website.

Throughout these Terms, the terms “we”, “us”, or “our” refer to the IChTo 2025 Organizing Committee and the University of Bucharest (as the hosting institution). The terms “you” or “user” refer to any person accessing or using the website. These Terms are written in a straightforward manner to be easily understood by our international high school audience and others. If you have any questions about these Terms, please contact us using the information provided at the end of this document.

Please note that these Terms apply only to the use of this website. The International Chemistry Tournament itself has its own rules and regulations (available in the IChTo 2025 Rule Book) that govern the competition. In the event of any conflict between these Terms and the official competition rules regarding competition matters, the competition rules will prevail for those matters.

1. Intellectual Property and Use of Content

All content and materials on this website are protected by intellectual property laws and are the property of the International Chemistry Tournament 2025 organizers, the University of Bucharest, or other rightful owners. This includes (but is not limited to) the website design, text, graphics, logos, images, audio or video clips, downloads (PDFs and documents), and the compilation of information on the site. For example, the IChTo 2025 Rule Book, the IChTo 2025 Problem Set, the IChTo 2025 Preliminary Programme, and all problems, solutions, and official guidelines provided on the site are copyrighted materials. We (or the original authors/creators) retain all rights to these materials.

Permitted Use: You are welcome to browse the site and use the materials for personal and educational purposes related to IChTo. For instance:

• Students and mentors may download the problem set or rule book for the purpose of preparing for the competition.
• You may print pages or save copies of documents for reference.
• Sharing links to our site or to our official PDFs is allowed and encouraged to spread information about the competition.

However, this permitted use does not transfer any ownership of the content to you. The copyright and intellectual property rights remain with the original owners.

Restrictions: Unless you have our explicit prior permission, you agree not to:

• Reproduce or Distribute: Do not copy, redistribute, or republish our website content elsewhere (whether online or offline) beyond brief excerpts for commentary or news reporting with attribution. For example, you should not upload our problem set PDF to another website or file-sharing platform for public download. Instead, direct people to our official site.
• Modify or Create Derivatives: Do not modify our materials or create derivative works based on them for public use. For instance, you shouldn’t take our problems and publish them in a modified form as your own product. (Note: If you are a teacher using problems for practice in class, that’s fine – but you can’t publish them in a book without permission.)
• Commercial Use: Do not use content from our site for commercial purposes. Our materials are provided for free to participants and interested parties. You cannot sell our content or use it in a manner that generates profit. For example, you cannot print our rule book and sell copies, or charge for a seminar that simply presents our problem set without adding original educational value (presenting and discussing them in a classroom setting is fine; charging people just to hand them our content is not).
• Trademarks and Logos: The logos of IChTo and the University of Bucharest, as well as any branding elements on the site, are protected. You may not use the IChTo 2025 logo or University logo without permission in a way that suggests endorsement or affiliation. For instance, you cannot put our logo on merchandise or on a website of your own without our consent.
• Copyright Notices: Do not remove any copyright, trademark, or other proprietary notices from materials you download or print. If a PDF has a footer that says “© 2025 IChTo” for example, that should remain intact if you share the PDF with someone privately.

Academic and Press Usage: If you are an educator, participant, or journalist:

• Educators and students can use the materials for learning, teaching, or training purposes. We simply ask that you acknowledge IChTo 2025 as the source.
• If you quote or reference our problems or text in any publication or article, please credit the “International Chemistry Tournament 2025” and (if online) link to our site. This is both legally respectful and helpful to spread correct information.
• Media outlets may use information from our site (such as competition results or descriptions) in news coverage. We encourage press to get in touch for any needed clarifications or high-quality logos if needed for publication.

User-Submitted Content: If our website eventually allows users to submit content (for example, a comment section or forum), any content you submit must be your own or used with permission, and by submitting it, you typically grant us a right to display and use it on the site. (Right now, our site doesn’t have public forums, so this is more of a general note.)

Violating the above intellectual property provisions could result in legal action. We prefer to resolve things amicably — often a polite request to take down improperly used content will be our first step. So, when in doubt, just ask us for permission. We often grant educational or non-commercial requests if they align with our mission.

2. Acceptable Use of the Website

To ensure a positive and safe experience for everyone, we expect users of our site to adhere to basic rules of conduct. By using our site, you agree not to misuse it. Specifically:

• Do Not Engage in Malicious Activities: You must not attempt to harm this website or its users. This includes no hacking, no introduction of viruses, malware, or any other harmful code, no denial-of-service (DoS) attacks, and no attempts to bypass security measures. In short, any behavior that could compromise the integrity or security of the website is strictly prohibited.
• No Unauthorized Access: You agree not to access (or attempt to access) any part of the site that you are not authorized to use. For example, do not try to enter secure areas, admin sections, or databases if you’re not an authorized admin. Similarly, do not use someone else’s credentials (if any were ever issued, like for an online registration system) to log in.
• No Fraud or Deception: Do not use this site to impersonate any person or entity, or to falsely state or otherwise misrepresent yourself. For example, don’t send us messages pretending to be someone you’re not, and don’t register multiple fake identities if registration features exist. If there are any interactive features like comments or forms, do not input information that you know is false or misleading.
• Respect Others: If the site allows communication (such as commenting on news posts or contacting other participants through a forum), you must not post or transmit any content that is unlawful, harmful, defamatory, abusive, harassing, vulgar, obscene, invasive of another’s privacy, or otherwise objectionable. Keep it respectful and relevant. Since our audience includes minors, absolutely avoid any inappropriate or adult content.
• No Spam: Do not use any forms or potential interactive features to send spam or unsolicited promotions. For example, don’t repeatedly submit the contact form with advertising messages or irrelevant content. Also, do not scrape email addresses or information from the site to send spam to others.
• Use for Intended Purpose: Only use the site as it’s meant to be used. For instance, if we have a registration form for teams, that form is meant for genuine team sign-ups. You should not use it to send random messages or anything beyond its scope. Similarly, do not use site search or other tools in a way that burdens the site (e.g., automating queries excessively).
• Competition Integrity: If we have any online components (like an online problem submission or scoring system), using the site to cheat or gain unfair advantages in the competition is forbidden. (The competition rules cover integrity in detail; this just extends to any site usage related to that.)

We monitor the site and reserve the right to restrict or terminate access (temporarily or permanently) to any user who violates these acceptable use standards. For example, if someone launches an attack or is scraping content aggressively, we might block their IP. In severe cases, we might involve law enforcement authorities and provide logs or evidence of misconduct.

Remember, using the site respectfully ensures it remains available and helpful for everyone – including you.

3. User Registration and Accounts

Our website primarily provides information, and we do not currently have a general user account system for browsing content. However, there may be specific areas or services (such as registration forms for teams or judges, or a mailing list sign-up) that require you to provide information or create some form of account. The following terms apply to any such interactions:

• Eligibility: If we offer account creation or registration (for example, for team leaders to register teams or for participants to submit certain info), you must ensure that you are eligible to do so. Typically, only designated team leaders or national representatives should register teams, etc., as per competition rules. You should be of sufficient legal age to enter information online (if under the age of digital consent in your country (e.g., 16 in the EU), you should have permission from a parent/guardian or have them supervise). By registering, you confirm that you have the right, authority, and capacity to do so and that all information you provide is truthful.
• Provide Accurate Information: When filling out any registration or sign-up form, you agree to provide current, complete, and accurate information. For example, if a form asks for your name, school, and contact email, you should not falsify those. Do not register under someone else’s name or provide an email that isn’t yours. If information changes (like your email or affiliation), and the system allows updates, please update it. If not, inform us of changes if they are relevant (especially for competition registration details).
• Account Security: If an account (with login credentials) is created for you (for instance, a team leader might get an account to manage team info), you are responsible for keeping your login details confidential. Do not share your username or password with anyone who is not authorized. If you believe your account has been compromised, you should notify us immediately at the contact info given. You should also log out after finishing an account session, especially on public or shared computers. Use a strong password to protect your account.
• One Account per User: Unless explicitly allowed, you should not create multiple accounts for the same person or entity. Also, do not attempt to register on behalf of someone else unless you are authorized (e.g., a teacher registering on behalf of students, which is usually fine if that’s how the competition is structured). Avoid duplicate registrations — if you’re unsure if a submission went through, contact us rather than making multiple accounts.
• Compliance with Competition Rules: Any user accounts or registrations related to tournament participation must strictly follow the competition’s official rules and guidelines. For example, if the rules say each country can register one team, only the official representative should register that team. If any information is found to violate eligibility criteria (say, an ineligible participant registers), we reserve the right to remove or void that registration.
• No Transfer of Accounts: If for some reason you have an account, you cannot transfer it to another person without our approval. For example, if a team leader changes, we prefer you contact us to update the info, rather than just giving your login to the new person (for transparency and security).

We may cancel or suspend accounts that violate these terms or that have been inactive for a long time (for instance, a registration system account after the event is over might be deactivated). We also reserve the right to delete any user-provided data from the site once it’s no longer needed (see Privacy Policy for data handling).

4. Limitation of Liability

Use at Your Own Risk: The information and materials on this website are provided for general informational purposes regarding IChTo 2025. While we strive for accuracy and timeliness, the website is provided on an “as is” and “as available” basis. You agree that your use of the site is at your own risk. We (IChTo organizers and the University of Bucharest) make no guarantees or warranties of any kind, express or implied, about the website’s operation or the accuracy, completeness, or suitability of the information, content, or materials found on it.

Specifically, we do not warrant that:

• The site will be available at all times, or that it will be free from errors or omissions.
• The site (or the server that makes it available) is free of viruses or other harmful components, though we certainly try our best to keep everything clean and secure.
• The information on the site will meet your expectations or requirements (for example, if you rely on an old schedule that we forgot to update, we apologize, but we disclaim liability – always double-check the latest info or contact us if unsure).

No Guarantee of Results or Outcomes: Using our site or resources does not guarantee any particular outcome in the competition or otherwise. For instance, reading the problem set doesn’t guarantee you solve it or win a prize. Also, if there are interactive features (like an online submission), we do not guarantee that using them will result in any particular action unless explicitly stated.

Third-Party Information: Sometimes, our site might include content or references provided by third parties (like guest contributors or external data), or link to external sites. We generally verify what we post, but we aren’t responsible for any third-party content (as covered in Section 5). You acknowledge that reliance on any information from the site is at your own discretion.

Limitation of Liability: To the fullest extent permitted by applicable law, in no event shall the University of Bucharest, the IChTo 2025 organizing committee, or any of our officers, members, staff, students, or affiliates be liable for any direct, indirect, incidental, special, consequential, or exemplary damages arising out of or in connection with your use of (or inability to use) this website or the information it contains. This includes, but is not limited to, damages for lost opportunities, lost data, or other intangible losses.

Some examples:

• If the site is down and you miss a deadline or information (always try to have alternate communication with us for important matters, like via email or official letters).
• If there’s a typo or error on the site that causes confusion or some minor cost (like you booked a flight on a wrong date due to a schedule error – we will try to help, but we cannot assume liability for such personal decisions).
• If your computer is affected by using our site (again, unlikely because we don’t have unusual downloads, but theoretically if a file was corrupted or something).
• If someone misinterprets content on our site and it leads to some form of damage.

If despite the above, we are found liable for any claim, then (to the extent permitted by law) our liability shall be limited to the amount of any fees you have paid (if any) to us for use of the website or related services, or 50 Euros (whichever is less). Given that access to the site is free, essentially, our liability is extremely limited.

Consumer Rights: We understand some jurisdictions don’t allow certain liability limitations. Nothing in these Terms is intended to exclude or limit liability that cannot be excluded by law (for example, we don’t exclude liability for our own intentional fraudulent misrepresentation, or for death or personal injury resulting from our proven negligence, etc., if those laws apply). These Terms are primarily about typical situations, not extreme ones.

Indemnity: You agree to indemnify and hold harmless the University of Bucharest and IChTo 2025 organizers from any claim, demand, losses, or damages (including legal fees) arising out of or related to your breach of these Terms or your violation of any law or the rights of a third party in relation to your use of the site. Essentially, if you do something that causes us harm (for instance, you hack the site and cause damage, or you post unlawful content that we get sued for), you’ll cover those costs.

We maintain this site in good faith and with due diligence. Our aim is never to mislead or harm our users. These disclaimers and liability limits are just standard protection. We appreciate your understanding.

5. External Links and Third-Party Content

Our website contains links to external websites and resources that are not operated by us. For example, we might link to:

• The University of Bucharest’s main website or departmental pages.
• Websites of international partner competitions or organizations in chemistry.
• News articles, sponsors’ websites, or educational resources relevant to IChTo.
• Social media platforms (like our official Facebook page, etc.).

When you click on a third-party link and leave our site, you should be aware that our terms and policies no longer govern. The external site’s own terms of use and privacy policy will take effect. We do not have control over the content or security of those external sites.

No Endorsement or Responsibility: A link to an external site is not an endorsement, guarantee, or recommendation by us for the information, products, or services on that site. We provide these links for convenience or reference. For instance, if we link to a sponsor’s site, it’s to acknowledge them, not to vouch for every piece of content on their site. We are not responsible or liable for any content, advertising, products, or other materials on or available from external sites​.  If an external site causes you any issue (like misinformation or technical trouble), you must address that with the operators of that site.

Safety and Security: We do our best to ensure that links we provide are safe at the time of posting. However, we cannot continuously monitor every external link’s content or security. Websites can change. So when visiting external links, especially ones not widely known, use standard caution (as you normally would on the internet). If you find any external link on our site that appears broken or leads to inappropriate content, please notify us so we can review and possibly remove it.

Third-Party Content on Our Site: Occasionally, we might host or embed third-party content (like an embedded YouTube video, a Twitter feed, or documents from Google Drive). This content is provided by the third-party and we embed it for your ease of access. While we select such content carefully, the third-party provider may collect data (as with YouTube’s cookies or Twitter’s widget) and have their own terms. By interacting with embedded third-party content, you might be subject to those third parties’ terms of use. For example, watching an embedded YouTube video is subject to YouTube’s Terms of Service.

In summary, while using our site you might navigate to or see content from other websites. We’re not accountable for those external sites. However, we aim to curate helpful and relevant external resources for our users. Always feel free to do your own due diligence when using external links.

6. Changes to Content and Terms

Updates to Website Content: We reserve the right to update, change, or remove content on this website at any time without prior notice. The IChTo event is dynamic; for example, schedules might change, new information might become available, or errors might be corrected. We will make efforts to ensure critical updates (like a deadline change) are clearly communicated (perhaps via a news post or highlighted on the homepage) in addition to simply editing a page. However, the onus is on users to check for the latest information. We suggest paying attention to dates on announcements and maybe subscribing to our newsletter or social media for important news.

We are not liable if outdated information is acted upon by users, but we will try to minimize any confusion. Always look for the “last updated” note on pages or documents, if provided.

Changes to Terms and Conditions: We may modify these Terms from time to time, especially if the scope of the website changes or if there are changes in law that we need to address. If we do, we will post the revised Terms on this page with a new “Last updated” date. For significant changes, we might also provide a more prominent notice (such as a banner on the site or a notification via email if appropriate).

It’s your responsibility to review these Terms periodically to ensure you are aware of any changes. By continuing to use the site after changes have been posted, you signify your acceptance of the updated Terms. If you do not agree to the revised Terms, please discontinue use of the site.

For example, if we add a new feature that has its own rules, we’ll update these Terms to include that. If we drastically change our approach to user accounts or introduce e-commerce (just hypothetically), we’d definitely revise this document.

Continued Applicability: Even if we don’t enforce a provision of these Terms right away, it doesn’t mean we waive our right to do so later. (E.g., if someone breaches and we don’t act immediately, we still can act later.)

7. Governing Law and Jurisdiction

These Terms and any dispute or claim arising out of or related to them (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of Romania. Essentially, because the site is maintained by the University of Bucharest and the event is hosted in Romania, Romanian law applies to these Terms.

If you are accessing the site from outside Romania, you are responsible for compliance with any local laws. However, these Terms aim to be globally understandable and fair.

In the unlikely event of a dispute that we cannot resolve amicably, you agree that the courts of Romania (specifically, courts in the city of Bucharest, Romania) will have exclusive jurisdiction to settle any such dispute. This does not limit any mandatory rights you might have as a consumer under your local laws, but it sets the expected legal forum.

We truly hope never to have disputes escalate to courts; open communication can solve most issues. But this clause is standard to clarify legal venue.

8. Miscellaneous

• Entire Agreement: These Terms (along with any other policies explicitly referenced, like our Privacy Policy and Cookie Policy) constitute the entire agreement between you and us regarding use of this website. They supersede any prior agreements or communications related to the website. This means that any promise, representation, or understanding not included in these Terms is not legally binding. (Of course, this is separate from any actual competition participation agreements, which are a different matter.)
• Severability: If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, that provision will be severed (removed) to the minimum extent necessary, and the remaining provisions will continue in full force and effect. In other words, just because one part is struck down, the rest remains valid.
• No Waiver: If we fail to insist on strict performance of any part of these Terms or fail to exercise any right or remedy to which we are entitled, this shall not constitute a waiver of such rights or remedies. For example, if you breach these Terms and we don’t take action immediately, we still can take action later or enforce those terms in the future.
• Headings: The headings used in this document (like “Acceptable Use” etc.) are for convenience and organization only. They do not have legal effect and will not affect the interpretation of the Terms.
• Translations: These Terms are provided in English (which is the working language of IChTo). If we provide translations to other languages (for convenience to participants), the English version will prevail in case of any conflict in interpretation.
• Contact and Notices: Any notices or communications regarding these Terms should be sent to us using the contact information provided in Section 9 below. We will typically communicate official notices to you via website announcements or via email if you’ve provided one and it’s relevant (for instance, a note about Terms changes).

9. Contact Information

This website is operated by the International Chemistry Tournament 2025 Organizing Committee at the University of Bucharest. If you have any questions, concerns, or feedback regarding these Terms or the website in general, please feel free to contact us:

• Organizing Committee – IChTo 2025
  University of Bucharest, Faculty of Chemistry (Attn: IChTo 2025)
  Strada Dumbrava Roșie 23, Sector 2, Bucharest, 020462, Romania
• Website Contact Form: You can also send us a message through the contact form on the “Contact Us” page of this website.

We will do our best to respond promptly to any communication. If you are writing about an issue with the Terms or the website, please include as much detail as possible so we can assist you.

Thank you for reading these Terms and Conditions. By following them, you help ensure that the IChTo 2025 website remains a helpful resource for everyone. We appreciate your cooperation and wish you a great experience with the International Chemistry Tournament 2025!

Last updated: April 11, 2025