1. General provisions
1.2. We strive to ensure that users of our services, and others whose personal data we process, have full confidence in our services and are informed in a transparent manner about how we process their data. In this Policy, you will find information about how we collect and use (or wish to collect and use) your personal data.
1.3. We follow the following data processing principles in our activities:
1.3.1. Personal data must be processed in a lawful, fair and transparent manner vis-à-vis the data subject (principle of lawfulness, fairness and transparency);
1.3.2. Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes; further processing of data for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes (purpose limitation principle);
1.3.3. Personal data must be adequate, relevant and not excessive in relation to the purposes for which they are processed (principle of data minimization);
1.3.4. Personal data must be accurate and, where necessary, kept up to date; all reasonable steps must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (principle of accuracy);
1.3.5. Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods if the personal data are processed solely for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes, subject to appropriate technical and organizational measures to protect the data subject’s rights and freedoms (retention limitation principle);
1.3.6. Personal data must be processed in such a way as to ensure adequate security of personal data through appropriate technical or organizational measures, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (principle of integrity and confidentiality);
1.3.7. We are responsible for complying with the above principles and must be able to demonstrate that they are complied with (accountability principle).
1.4. This Policy is based on Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation, BDAR). the Law on Legal Protection of Personal Data (hereinafter – ADTAĮ), other legal acts of the European Union and the Republic of Lithuania. The terms used in the policy are understood as they are defined in the BDAR and the ADTA.
2. Collection, processing, storage of personal data
2.1. By submitting your personal data, you agree and do not object to our processing for the purposes, means, and procedures provided for in this Policy and the legislation.
2.2. It is very important that you read the Policy carefully, because when you visit our services, this Policy will apply directly to the collection, processing and, in the cases provided for in the Policy, the transfer of your personal data to the data recipients.
2.3. If you do not agree to this Policy and the processing of personal data described in it, please do not use our services.
2.4. You are responsible for ensuring that the information you provide is accurate, correct and complete. The entry of obviously incorrect data is considered a violation of the Policy. If the provided data changes, you must inform us. Under no circumstances shall we be liable for any damage caused to you and / or third parties as a result of your incorrect or / or incomplete personal data or your failure to supplement and / or change the data as a result of changes.
2.5. The entities to whom we may disclose your personal data are described under each of the data processing activities described below.
3. Processing of personal data for the purpose of selecting candidates for employment
3.1. In the event that you decide to contact us to participate in the recruitment process, we will process the personal data provided by you as a candidate for the purposes of recruitment.
3.2. The legal basis for the processing of personal data is Article 6 (1) (a) (your consent to the provision of your personal data) and (b) (processing for pre-contractual purposes) of the BDAR.
3.3. In the event that the legal acts of the Republic of Lithuania provide for additional restrictions on what information about candidates may be processed, we ensure that only the personal data of you as a candidate (s) authorized to be processed will be processed.
4. Processing of personal data for the purpose of providing services
4.1. Upon your stay at the hotel, we will collect and process your personal data in order to i) record your arrival at and departure from the hotel; ii) assign you a room lock card; iii) Obtain a credit card guarantee or hotel deposit to secure payment for your stay; iv) manage (and archive) your hotel registration card; v) assess your suitability for room refurbishment and manage this process if applicable; vi) process the payment for your stay; vii) create, print, or send an invoice for your stay; and viii) pay a commission to your travel agent (if applicable).
If you have booked a room at our hotel but have not arrived on the notified arrival date – without canceling the reservation – we will process your personal data in order to i) cancel your stay and any other booking you have made and ii) process, process and deduct any outstanding but unpaid payments .
We provide accommodation and other related services and must therefore use your personal data for the following purposes related to the provision of services:
4.1.1. Confirmation of credit card authorization or hotel reservation to secure payment. The legal basis for the processing of personal data for this purpose is Article 6 of the BDAR. Paragraph 1 (b) (performance of the contract or necessary steps before the conclusion of the contract);
4.1.2. Management (and archiving) of hotel guest registration cards. The legal basis for the processing of personal data for this purpose is Article 6 of the BDAR. Paragraph 1 (b) (performance of the contract or necessary pre-contractual actions) and point (c) (performance of a legal obligation on the hotel as data controller);
4.1.3. Customer profile administration. The legal basis for the processing of personal data for this purpose is Article 6 of the BDAR. Paragraph 1 (b) (performance of the contract or necessary steps before the conclusion of the contract);
4.1.4. Organization of customer use of the pool and sauna. The legal basis for the processing of personal data for this purpose is Article 6 of the BDAR. Paragraph 1 (b) (performance of the contract or necessary steps before the conclusion of the contract);
4.1.5. Conclusion and execution of cooperation agreements with clients. The legal basis for the processing of personal data for this purpose is Article 6 of the BDAR. Paragraph 1 (b) (performance of the contract or necessary steps before the conclusion of the contract).
4.2. In the event that your personal data is necessary for us for the performance of the contract or for the performance of a legal obligation applicable to us, the provision of personal data is necessary, failing which we will not be able to provide you with our services.
4.3. For the above purposes, the following personal data received directly from customers or from third parties – online booking channels used to make the reservation, travel agents, employers or other persons ordering the services provided by the Hotel to the data subject (different data processing depending on the purpose):
4.3.2. Last name;
4.3.3. Date of birth;
4.3.4. Post number;
4.3.5. Bank card type, number and expiration date;
4.3.6. Residential adress;
4.3.9. Phone number;
4.3.10. Visit information (arrival and departure dates);
4.3.11. Other information required to provide specific services.
4.4. After summarizing certain personal data of clients (country of residence, reason for visit), they are submitted to the Department of Statistics under the Government of the Republic of Lithuania on a quarterly basis, thus fulfilling the legal obligation of the Hotel under the Law on Official Statistics.
5. Processing of personal data for video surveillance purposes
5.1. We perform video surveillance in the hotel and in the area around the hotel (Liepojos St. 7A, Klaipeda). Information about video surveillance will be provided to you in notifications before entering the video surveillance field.
5.2. The legal basis for the processing of personal data is Article 6 (1) (f) BDAR (legitimate interest in ensuring the safety of guests and Hotel staff staying in the Hotel, maintaining public order in the Hotel and protecting guests and Hotel property).
5.3. We may provide video data to a pre-trial investigation body, prosecutor or court for administrative, civil, criminal cases in their possession, as evidence or in other cases provided by law.
6. Processing of personal data for the purpose of debt management
6.1. If you, as our contractual customer, delay paying for the services we provide, we may be forced to process the following personal data received from you for debt management purposes:
6.1.3. Phone number;
6.1.5. Other data necessary in this context.
6.2. The legal basis for the processing of personal data is Article 6 of the BDAR. Paragraph 1 (f) is our legitimate interest in receiving payment for services rendered.
6.3. We may transfer your data, which we process for this purpose, to third parties – courts, bailiffs, and we process it with the help of companies providing IT services to us and lawyers acting as data processors.
7. Processing of personal data for accounting purposes
7.1. In case you use our services, we process the following personal data of yours for accounting purposes:
7.2. The legal basis for the processing of personal data is Article 6 of the BDAR. Paragraph 1 (b) – performance of the contract with you as a consignor and point (c) – performance of our legal obligation to keep proper accounts.
7.3. We do not pass on your data that we process for this purpose to third parties.
8. Procedures and terms of personal data storage
8.1. When processing and storing your personal data, we implement organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as against any other unlawful processing.
8.2. We apply different retention periods for personal data depending on the purpose for which your specific personal data is processed.
8.3. We apply the following terms of personal data retention:
|Number.||Purpose of the processing of personal data||The retention period|
|1||Selection of job candidates||Until the end of the job selection.|
|2||Accounting||10 years from the date of issue of the accounting document|
|3||Confirmation of credit card authorization or hotel reservation to secure payment||1 month after receipt of data|
|4||Video surveillance||Up to 1 month|
|5||Management (and archiving) of hotel guest registration cards||5 years from the date of the client’s departure from the hotel|
|6||Guest debt management||1 year from the date of payment of the debt|
|7||Conclusion and execution of cooperation agreements with clients||5 years from the end of the business relationship|
8.4. Exceptions to the above retention periods may be made to the extent that such deviations do not infringe your rights as a data subject, comply with legal requirements and are properly documented.
8.5. In the event that certain of your personal data will be required for the purpose of making, enforcing or defending legal claims, we will protect them to the extent necessary to achieve such purposes through judicial, administrative or extrajudicial proceedings.
9. Your rights
9.1. You have the right at any time, upon request, to access the personal data we process and find out how it is processed, to request the correction of incorrect, incomplete, inaccurate personal data, to request a suspension other than storage, to process your personal data if the data is processed. non-compliance with legal requirements.
9.2. To the extent that the processing of personal data is based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of the processing of data prior to withdrawal.
9.3. You can exercise your rights by submitting a written request by e-mail. by mail email@example.com, by sending a request by mail Liepojos str. 7A, Klaipeda, or by direct arrival at the specified address.
10. Contact information and submission of complaints
10.1. If you have any questions regarding the protection of personal data, please contact us by e-mail. email firstname.lastname@example.org or directly to the hotel.
10.2. If you are not satisfied with our response or believe that we process your data without complying with legal requirements, you have the right to lodge a complaint with the State Data Protection Inspectorate of the Republic of Lithuania as a supervisory authority.
12. Processing of personal data by third parties
12.1. In certain cases, we may disclose your information to entities other than those described above:
12.1.1. To not break the law or in response to a mandatory court order (e.g., upon receipt of a court order to provide data);
12.1.2. To confirm the legitimacy of your actions;
12.1.3. To protect your rights, property or ensure their safety;
12.1.4. In other cases with your consent or legitimate request.
12.2. Any personal data you provide to us may be transferred to the competent authorities in the cases directly provided for by law.
12.3. Links to our accounts on social networks. Third-party terms and conditions may apply to your use of third-party services, such as your visit to our Facebook social network. It is therefore recommended to consult the terms and conditions applicable to the use of the following third parties:
12.3.1. The Data Policy is available on the social network Facebook at https://www.facebook.com/policy.php.
13. Final provisions
13.1. The law of the Republic of Lithuania shall apply to legal relations related to this Policy.
13.2. We shall not be liable for damages, including damages resulting from disruption of the use of the Website, loss of or damage to data resulting from the actions or omissions of you or third parties acting on your knowledge, including incorrect data entry, other errors, intentional damage, other improper Internet use of websites. We are also not liable for any disruption of connection and/or use of the Websites and/or any damage caused by them as a result of acts or omissions of third parties not related to us, you, or other data subjects, including power outages, internet access, etc…
13.4. This Policy shall be reviewed and, if necessary, updated at least every two years. Additions or changes to the policy take effect from the date of their publication.
13.5. If you use the Websites and our services after the Policy Update, we will consider that you have no objection and are aware of the changes made.