PRIVACY POLICY
The purpose of the privacy policy is to inform how the personal data of data subjects are collected and processed, to explain how long data subjects are stored, to whom the subjects are provided, what rights data subjects have, and where to inquire for their implementation or other issues related to the processing of personal data.
Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Union (hereinafter – the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.
AB „Žemprojektas“ follows the following main data processing principles:
– personal data are collected only for clearly defined and legitimate purposes;
– personal data are processed only lawfully and fairly;
– personal data is constantly updated;
– personal data are stored securely and for no longer than required by the purposes for which the data are processed or by law;
– personal data are processed only by those Hotel employees who have been granted such a right in accordance with their work functions or by duly authorized data processors.
1. DEFINITIONS
1.1. Data controller – AB “Žemprojektas” (hereinafter – the Hotel), legal entity code 133381912, registration address Gedimino str. 47, Kaunas, Lithuania.
1.2. Data subject – any physical person whose data is processed by the Hotel. The Data Controller collects only the data of the data subject that is necessary for the performance of the Hotel’s activities and / or visits, use, browsing of the Hotel’s websites, Facebook page, etc. (hereinafter referred to as the Website). The Hotel ensures that the personal data collected and processed will be secure and used only for the specific purpose.
1.3. Personal data – shall mean any information relating directly or indirectly to a data subject whose identity is known or can be directly or indirectly established by reference to the data concerned. Processing of personal data means any operation on personal data (including the collection, recording, storage, editing, modification, granting of access, submission of requests, transmission, archiving, etc.).
1.4. Consent means any voluntary and deliberate consent by which the data subject consents to the processing of his or her personal data for a specific purpose.
1.5. Cookies – The Hotel’s website uses small pieces of textual information that are automatically generated when browsing the website and stored on a computer or other device used by the data subject (website visitor). Cookies are used for the purpose of improving the browsing experience for website visitors, analysing website traffic and behaviour on the website.
2. SOURCES OF PERSONAL DATA
2.1. Personal data are provided by the data subject himself. The data subject contacts the Hotel, uses the services provided by the Hotel, leaves comments, asks questions, contacts the Hotel for information, etc.
2.2. Personal data is obtained by the data subject visiting the Hotel website. The data subject fills in the forms contained in it or for a relevant reason leaves his / her contact details, etc.
2.3. Personal data is obtained from other sources. Data are obtained from other institutions or companies, publicly available registers, etc.
3. PROCESSING OF PERSONAL DATA
3.1. By providing personal data to the Hotel, the data subject agrees that the Hotel will use the collected data to fulfil its obligations to the data subject in providing the services that the data subject expects.
3.2. The Hotel processes personal data for the following purposes:
3.2.1. Provision of Hotel services. This purpose processes the following data:
name (s), surname (s), date of birth, identity document number, nationality of the accommodated person and country of ID issue, identity address, date of arrival, departure, accompanying spouse and / or names and surnames of the minor child/children, number of adults and children who will use the hotel services, food needs, bank account details, bank, service provision price, car registration number, power of attorney data (if the hotel services are ordered by a legal entity representative), signature.
3.2.2. Execution and continuity of hotel operations. This purpose processes the following data:
For the purpose of concluding and executing contracts, personal data of suppliers (natural persons) may be processed: name (s), surname (s), personal identification code or date of birth, place of residence (address), telephone number, e-mail address, place of work, duties, bank current account and bank where this account is located, date, amount, currency and other data provided by the person himself, which the Hotel receives in accordance with the law in the course of the Hotel`s activities and / or which the Hotel is obliged to manage by law and / or other legislation. i.e., data contained in the business certificate (type of activity, group, code, name, periods of activity, date of issue, amount), number of the individual activity certificate, data or the data subject is a VAT payer, etc. data necessary for the proper performance of the contract and / or legal obligations.
3.2.3. Administration of the database of CVs of job candidates. This purpose processes the following data:
name (s), surname (s), date of birth (age), address of residence, contact details (telephone number, e – mail address), information on the candidate’s education (educational institution, period of education, education obtained and / or) qualification), information on in-service training (training received, certificates obtained), information on the candidate’s work experience (workplace, period of work, position, responsibilities and / or achievements), information on language skills, IT skills, driving skills, other competencies; other information you provide in your CV, cover letter or other application documents, employers; recommendations, feedback: persons recommending or providing feedback to the candidate, their contacts, recommendations or the content of the feedback.
3.2.4. Administration of inquiries, comments and complaints. This purpose processes the following data:
Name (s), surname (s), e-mail address, telephone number, text of the message, comment, feedback or complaint.
3.2.5. Sale of gift vouchers. This purpose processes the following data:
name (s), surname (s), information about the service / product indicated in the gift voucher, e-mail address, telephone number, gift voucher expiration date, payment data, name of the coupon recipient, name of the employee who sold.
3.2.6. Direct marketing. This purpose processes the following data:
name (s), surname (s), date of birth, e-mail address, telephone number.
3.2.7. For the purpose of ensuring the security of hotel staff, other data subjects and property (video surveillance). This purpose processes the following data:
Video image. Video surveillance systems do not use facial recognition and / or analysis technologies, and the video data captured by them is not grouped or profiled according to a specific data subject (person). The data subject shall be informed about the video surveillance by means of information signs with the video camera symbol and the hotel details, which shall be provided before entering the monitored area and / or premises. The field of surveillance of video cameras does not include premises where the data subject expects absolute protection of personal data.
3.2.8. Cookie management. More about this in COOKIE POLICY
3.2.9. For other purposes for which the Hotel has the right to process the personal data of the data subject, when the data subject has given his / her consent, when the processing is necessary in the legitimate interest of the Hotel or when the processing is required by the relevant legislation.
4. PROVISION OF PERSONAL DATA
4.1. The hotel undertakes to respect the confidentiality of data subjects. Personal data may be disclosed to third parties only if this is necessary for the conclusion and performance of the contract for the benefit of the data subject or for other legitimate reasons.
4.2. The Hotel may provide personal data to it`s data controllers who provide services to the Hotel and process personal data on behalf of the Hotel. Data controllers have the right to process personal data only in accordance with the instructions of the Hotel and only to the extent necessary for the proper performance of the obligations set forth in the contract. The hotel shall use only those data controllers who sufficiently ensure that the appropriate technical and organizational measures are implemented in such a way that the processing complies with the requirements of the Regulation and that the rights of the data subject are protected.
4.3. The Hotel may also provide personal data in response to requests from a court or public authority to the extent necessary for the proper implementation of applicable legislation and instructions from public authorities.
4.4. The Hotel guarantees that personal data will not be sold or rented to third parties.
5. PROCESSING OF PERSONAL DATA OF MINORS
5.1. Persons under the age of 14 may not provide any personal data through the Hotel website. If a person is under the age of 14, the written consent of one of the representatives (father, mother, guardian (s)) regarding the processing of personal data is required to use the Hotel`s services before providing personal information.
6. TERM OF STORAGE OF PERSONAL DATA
6.1. Personal data collected by the Hotel is stored in printed documents and / or in the Hotel`s information systems. Personal data shall be processed no longer than is necessary for the purposes of the processing or no longer than required by the data subjects and / or provided for by law.
6.2. While the data subject may terminate contract and waive the Hotel`s services, but the Hotel must continue to store the data subject`s data due to possible future claims or legal claims until the data retention periods expire.
7. RIGHTS OF THE DATA SUBJECT
7.1. Right of access to data processing.
7.2. Right of access to processed data.
7.3. Right to request rectification of data.
7.4. Right to request erasure of data („Right to be forgotten“). This right shall not apply if the personal data requested to be deleted are also processed on another legal basis, such as processing necessary for the performance of the contract or the performance of an obligation under the applicable law.
7.5. Right to restrict data processing.
7.6. Right to object to data processing.
7.7. Right to data portability. The right to data portability must not adversely affect the rights and freedoms of others. The data subject shall not have the right to data portability in respect of personal data which are processed manually in structured files, such as paper files.
7.8. The right to request that a decision based on automated data processing, including profiling, not be limited.
7.9. The right to submit a complaint regarding the processing of personal data to the State Data Protection Inspectorate.
8. The Hotel must enable the data subject to exercise the above-mentioned rights of the data subject, except in cases established by law, when it is necessary to ensure state security or defence, public order, prevention, investigation, detection or prosecution of criminal activities, important state economic or financial interests, official or the prevention, investigation and detection of breaches of Professional ethics, the protection of the rights and freedoms of the data subject or of any other person.
9. PROCEDURE FOR EXERCISE OF RIGHTS OF THE DATA SUBJECT
9.1. The data subject may, in order to exercise his rights, apply to the Hotel:
9.1.1. by submitting a written request in person, by post, through a representative or by electronic means – by e-mail. mail: info@neringahotels.lt;
9.1.2. orally – by phone: +370 682 38948;
9.1.3. in writing to: Pamario str. 13, Neringa, Lithuania.
9.2. In order to protect the data from unauthorized disclosure, the Hotel must verify the identity of the data subject upon receipt of a request from the data subject to provide data or exercise other rights.
9.3. The Hotel’s response shall be provided to the data subject no later than one month from the date of receipt of the data subject’s request, taking into account the specific circumstances of the processing of personal data. This period may be extended by a further two months, if necessary, depending on the complexity and number of applications.
10. RESPONSIBILITY OF THE DATA SUBJECT
10.1. The data subject must:
10.1.1. inform the Hotel of any changes in the information and data provided. It is important for the hotel to have correct and valid data subject information.
10.1.2. provide the necessary information to enable the Hotel to identify the data subject at the request of the data subject and to ensure that it is in real communication or cooperation with the specific data subject (provide an identity document or legal or electronic means to properly identify the data subject). This is necessary for the protection of the data subject’s data and those of other persons, so that the information disclosed about the data subject is provided only to the data subject, without prejudice to the rights of other persons.
11. FINAL PROVISIONS
11.1. By providing personal data to the Hotel, the data subject agrees to this Privacy Policy, understands It`s provisions, and agrees to abide by it.
11.2. The Hotel reserves the right to unilaterally change this Privacy Policy at any time during the development and improvement of the Hotel. The Hotel has the right to change the Privacy Policy unilaterally, partially, or completely by notifying about it on the website www.neringahotels.lt
11.3. Additions or changes to the Privacy Policy take effect from the date of their publication, i.e., from the day they are posted on the website www.neringahotels.lt
COOKIE POLICY
AB “Žemprojektas” (hereinafter – the Company) takes care of the security of your data. We are committed to protecting and responsibly processing your personal data. In this document, we provide information on how we process your personal data using cookies.
Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Union (hereinafter – the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.
1. USE OF COOKIES
1.1. Cookies used on the company’s website – small pieces of textual information that are automatically created while browsing the website and are stored on a personal computer or other device you use. Cookies are used for the purpose of improving the browsing experience for website visitors, analysing website traffic and behaviour on the website.
1.2. The Company uses cookies on the Website for the purpose of improving and enhancing the experience of website visitors.
1.3. The following types of cookies may be used on the company’s website:
1.3.1. Technical cookies – help the website visitor to display the website and its content, help to ensure the functionality of the website. Technical cookies are necessary for proper functioning of the website.
1.3.2. Functional cookies – used to help the website visitor to use the Company’s website, to remember the choices and preferences made while browsing. Functional cookies are not necessary for the website to be fully functional, but they add functionality and improve your experience of using the Company’s website.
1.3.3. Analytical Cookies – Used to obtain information about how website visitors use the Company’s website. This is necessary for optimization and improvement of the Company’s website. With the help of analytical cookies, we can collect data about the web pages you have viewed, the pages from which you came, which e-mails you have opened and responded and date and time information. It also means that we may use information about you and how you use this site, such as the frequency of visits, the number of clicks on a particular page, the search terms used, and more.
1.3.4. Commercial cookies (targeted or promotional cookies) – used to provide personalized advertising to a visitor to the Company’s website. This is called “remarketing”, which is based on browsing activity, such as the products and / or services you search for or view.
1.4. Access to visitors statistics on the Company’s website is available to the Company’s employees, who are responsible for analyzing this data and improving the website.
1.5. Technical records may also be accessed by Company partners who provide content management tools on the Company’s website.
1.6. The Google Analytics tool is provided by Google Inc., a U.S. company, so it also has access to the statistics collected by the Google Analytics tool. Google Inc. is committed to the EU-US Privacy Policy, which ensures that your service provider complies with all EU privacy standards. This provider is also subject to contractual privacy obligations. You can read about it by clicking the link below: https://www.google.com/analytics/terms/dpa/dataprocessingamchange_20160909.html
1.7. You can find more information about cookies at: AllAboutCookies.org
1.8. If you do not agree that we use cookies, you have the opportunity to change the settings of your web browser and control the amount of cookies. Useful links to opt out of cookies can be found below:
For Chrome: https://support.google.com/chrome/answer/95647?hl=en
For Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies
For Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
For Edge browser: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy
2. USE OF SOCIAL NETWORKS
2.1. All information you provide on social media (including messages, use of the Like and Follow, and other communications) is controlled by the appropriate social network manager.
2.2. Our Company currently has an account on the social network Facebook, the privacy policy of which is available at https://www.facebook.com/privacy/explanation
2.3. Our Company currently has an account on the social network Instagram, the privacy policy of which is available at https://help.instagram.com/744883853679902
2.4. We encourage you to read third-party privacy notices and contact service providers directly if you have any questions about how they use your personal information.