Privacy policy

Privacy Policy

SECTION 1. GENERAL PROVISIONS

1. This Privacy Policy (hereinafter – the Policy) regulates the principles and procedure of personal data processing conditions at K. Geco trade company, operating at Birutės al. 60, Palanga, company code 152621575 (hereinafter – Data Controller) and the operation conditions of the Data Controller’s website http://www.palangahotel.lt/ (hereinafter – the Website).
2. This Policy applies to persons, visiting the Company’s Website http://www.palangahotel.lt/, using its information and services.
3. For the purposes of this Policy, the concept of Data Subject covers any natural person, whose personal data is processed by K. Geco trade company.
4. By using the services and continuing browsing the Website, the Visitor (user of the Website) confirms that they have read this Policy, understand its provisions and agree to adhere to them.
5. The Data Controller ensures that upon adopting and implementing this Policy, he aims to implement the following key principles, related to personal data processing:

1. The personal data of the Data Subject is processed in a lawful, fair and transparent manner (the principle of lawfulness, fairness and transparency);
2. Personal data is collected for established, clearly defined and lawful purposes and will not be processed further in ways that are incompatible with those purposes;
3. Further personal data processing for archiving purposes for the benefit of the public interest or statistics is not regarded as incompatible with the primary purposes (the principle of the purpose limitation);
4. The personal data is adequate, suitable and complies with the purposes of its processing (the principle of data minimisation);
5. Efforts will be made to ensure that personal data is accurate and, where necessary, updated within a reasonable time of the change;
6. All reasonable steps will be taken to ensure that the personal data, which is inaccurate in terms of the purposes of its processing, is erased without delay or rectified within a reasonable time (the principle of accuracy);
7. Personal data will be stored in a form, which enables to identify the data subjects, no longer than necessary for the purposes of the personal data processing;
8. Personal data may be stored for longer periods if the personal data will be process only for archival purposes, the public interest or statistics, upon conducting appropriate technical and organisational measures, needed to protect the rights and freedoms of the Data Subject (the principle of data retention);
9. Considering the general type of the data, processed by the Data Controller, the Personal data is processed in a way to ensure appropriate personal data security in application of appropriate technical or organisational measures, including protection against personal data processing without a permission or illegal personal data processing, also from accidental loss, destruction or damage (the principle of uniformity and confidentiality);
10.  The Data Controller is responsible for following the above-mentioned principles and must be able to prove that they are adhered to (the principle of accountability).

1. This Policy has been compiled in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania (hereinafter – LPPD), and other legislation in fore in the European Union and the Republic of Lithuania. The concepts, used in the Policy are interpreted the same as they are defined in the GDPR and the LPPD.

SECTION 2. INFORMATION ON THE USE OF COOKIES

1. The Data Controller’s Website is using cookies in order to differentiate between various users of the website. Cookies enable the Data Controller to ensure a smoother user experience for the Website browsers and improve the Website itself.
2. Cookies are small text files, stored by the Person's browser or device (personal computer, mobile phone or tablet).
3. We are using Google Analytics website analysis service, which enables us to record and analyse the statistics of the use of the website. More information on Google Analytics and the information this tool enables to collect, is available here - https://support.google.com/analytics/answer/6004245?hl=lt.
4. This website uses Facebook cookies, you can get more information about cookies from Facebook https://www.facebook.com/policies/cookies.
5. If you wish to prevent Google Analytics from recording information on your web browsing, you can use Google Analytics Opt-out Browser Add-on.
6. Http://www.palangahotel.lt/ website uses the following cookies:

Mandatory cookies are required for the website to function and for you to use at least its minimum functions: to browse it, to agree or disagree with the use of cookies. These cookies cannot be disabled.

Functional cookies allow the site to remember your choices, settings that depend on how and what you see on the site, for example, which language version of the site to show you, etc. They also allow you to display personalized information. If you disable these cookies, some features of the website may not work. 

Functional cookies are currently not used.

Statistical cookies are used to analyze website traffic statistics. They allow us to count visits and traffic sources so that we can measure the effectiveness of the website and improve it to make it as useful and convenient as possible for visitors. They help us to find out which pages are the most or least visited, to find out how visitors move through the pages of the website. All information collected by these cookies is anonymous, as only general indicators of all visitors are stored.

 Marketing cookies are set by third parties such as YouTube.com. They track your behavior with the content they provide, such as watching videos. If you disable these cookies, you will not be able to view the content provided by them on the website, such as YouTube.com videos. The cookie provider can use these cookies to track your interests and select similar content for you on other websites.

1. The cookies used on the website do not enable to identify the user of the website. Each visit of the Website is anonymous, recognising the personal computer, mobile phone or tablet and IP address, and such information is not available to the third parties, except for cases, established by the law. In cases where Google and Facebook cookies are used, the data is transferred to the United States of America, which, by the decision of the European Union Commission, is not recognized as a country that ensures an adequate level of personal data protection. Currently, we base such a transfer on the standard data protection conditions approved by the European Commission (Article 46 d.2 c. of the General Data Protection Regulation), which you can familiarize yourself with here: https://support.google.com/publisherpolicies/answer/10437486?hl=en-GB; https://www.facebook.com/help/566994660333381.
2. By opening the website and clicking "I agree" in the pop-up window, you agree to save the cookies you have chosen on your computer, mobile phone or tablet. By clicking "Disagree with all", you consent to the storage of all statistical and advertising cookies without a separate choice.
3. You have the right to withdraw your consent at any time by visiting the website and selecting "I agree", "Accept all" in the pop-up window about the use of cookies. Most browsers allow you to control cookies by changing user options in their settings. If you wish to withdraw your consent to the use of cookies, you can set your browser to reject all cookies or to warn you when a cookie is received. If you want to remove cookies from your device, different web browsers have help pages with information on how to delete cookies. When using multiple browsers, remember to remove cookies from all of them. Additional information on how to change the settings of cookie options in the most commonly used browsers can be found here:
4. Internet Explorer - https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
   Mozilla Firefox - https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies                     
   Google Chrome - https://support.google.com/chrome/answer/95647?hl=en                                                                                                                                         
   Safari - https://support.apple.com/et-ee/guide/safari/sfri11471/mac
   iOS - https://support.apple.com/en-us/HT201265
5. Please note that by opting out of cookies, you may not be able to access certain areas or features of our website.
6. The Data, collected by cookies, will be processed in accordance with the provisions of the Law on Legal Protection of Personal Data of the Republic of Lithuania, the Law on Electronic Communications of the Republic of Lithuania, the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as GDPR), and other personal data protection legislation.
7. Following the provisions of the law, this Website applies security measures to prevent illegal Personal data use and revelation.

SECTION 3. WHAT IS THE BASIS OF OUR USE OF YOUR DATA?

1. K. Geco trade company collects and processes personal data in accordance with the law on personal data protection of the Republic of Lithuania and the EU. The basis of the company’s processing of personal data is as follows:
2. On the basis of your consent, expressed by active action, i.e. addressing us and provision of personal data, or other active actions;
3. For the implementation of our lawful interests (e.g. administration of our website and ensuring its proper operation);
4. Video surveillance at our Hotel and its territory to ensure property and personal security;
5. To perform our duties in accordance with the law.
6. The Company aims to ensure precise, fair and lawful data processing, and only for the purposes that it was collected for, in accordance with the clear and transparent principles and requirements of personal data processing, established by the law.

SECTION 4. PERSONAL DATA PROCESSING FOR DIRECT MARKETING PURPOSES

1. The company processes your personal data for the purpose of direct marketing upon receiving your explicit consent to such data processing, e.g. as you subscribe to our newsletters, etc. (the basis of data processing - your voluntary consent for data processing);
2. The purpose of our direct marketing includes processing of your name, e-mail address and phone number.
3. For the purposes of direct marketing, your personal data may be processed as follows:
1. You may receive e-mails about our offers, campaigns and news;
2. You may receive e-mails with invitations to events, offers and similar information.
3. You can unsubscribe from our newsletters any time by clicking on the link at the bottom of the newsletters we send.
4. We also use Facebook, Google and other online advertising providers. The privacy policies of these providers, the information on the data they collect and applicable data protection measures are available in the privacy policies of the said providers. More information on how it works and also on how you can object to the display of such adds or other data use, is available in the information, provided by the said providers:                                               

https://lt-lt.facebook.com/policies/ads#; https://policies.google.com/technologies/ads.

SECTION 5. PERSONAL DATA PROCESSING FOR VIDEO SURVEILLANCE PURPOSES

1. Seeking to protect the property, health and lives of the Hotel, our guests, staff and other persons, the premises and territory of our Hotel are under video surveillance.
2. Video surveillance and the data of the Guests, entering the video surveillance field (video data), is processed on the basis of our lawful interest. Our video surveillance systems do not use face recognition and (or) analysis technology, the data recorded is not grouped or profiled according to a specific data subject (person).
3. The Guests are informed of the video surveillance by information signs with a video surveillance camera symbol and details of the data controller, provided before entering the territory and (or) premises under surveillance.
4. The video surveillance field does not include premises, where the Guests expect full personal data protection (changing rooms, resting rooms, bathrooms, etc.).
5. The personal data of our Guests, collected by video surveillance (video data) are stored for up to 30 (thirty) calendar days since the date of recording.

SECTION 6. PERSONAL DATA PROCESSING FOR OTHER PURPOSES

1. We can also process your personal data by providing you with other services, e.g. taking and processing your reservations, fulfilling the obligations of the services we offer, issuing invoices and (or) other accounting documents for our services. Usually this type of personal data processing is implemented on the basis of a service provision agreement, your consent or provisions, established by the law.
2. We can also process data for other purposes if we have obtained your (the data subject’s) consent of when the personal data processing is based on other lawful criteria for processing, established in other legislation.

SECTION 7. HOW LONG DO WE PROCESS AND STORE YOUR DATA?

1. We will process and store your personal data no longer than necessary for the purposes that this data was collected for, or for a period, established by the law.
2. Your personal data processing may take longer than established in the Policy in the following cases:
1. There is a reasonable suspicion of illegal activity, which is subject to an investigation;
2. Your data is necessary for a proper solving of a dispute or claim.
3. If we have received complaints, related to violations of our Guests or if we have noticed violations of a certain Guest ourselves;
4. For back-up copies and other similar purposes, related to the operation and maintenance of information systems;

For other special reasons, conditions and cases, established by the law.

SECTION 8. WHAT THIRD PARTIES DO WE DISCLOSE YOUR DATA TO AND IN WHAT CASES?

1. The Company will not disclose your personal data to any third parties without your prior consent, except for the cases, listed below:
2. We can disclose your data to be processed by third persons that assist us in our business and the administration of the Service provision. These persons may include data centres, companies, developing, providing and supporting software, companies, providing information technology infrastructure services, internet browsing or internet activity analysis and service companies, security services, etc.
3. In each case we provide the data processor with the data only to the extent it is necessary to complete a specific task or provide a certain service.
4. Our data processors may process your personal data only under our instructions. Moreover, they must ensure your data safety in accordance with the applicable legislation and written agreements, signed with us.
5. Data may also be disclosed to competent state or law enforcement institutions, e.g. the police or supervisory institutions, but only upon demand and only if the demand complies with the applicable legislation or only in cases and procedures, established by the law, to ensure our rights, the safety of our guests, staff and resources, and to make a claim, to provide and to defend our legal claims. 

SECTION 9. YOUR RIGHTS

1. Data protection legislation provides you with many rights, related to your personal data processing.
2. You have a right to get acquainted with your personal data that we process:
1. You have a right to request for our confirmation if we process your personal data and, in such case, request to get acquainted with your personal data that we process. In order to use the right, indicated above, we ask to submit a written request by e-mail to duomenuapsauga@palangahotel.lt;
3. You have a right to demand to correct your personal data that is incorrect.
1. If you believe that information about you is incorrect or insufficient, you have a right to ask to correct it. In order to use the right, indicated above, we ask to submit a written request by e-mail to duomenuapsauga@palangahotel.lt.
4. You have a right to disagree with your personal data processing:
1. You have a right to disagree with your personal data processing, when the personal data is processed based on our lawful interests. Nevertheless, despite your disagreement, we will continue your data processing in case of reasonable and motivated reasons to do so. In order to use the right, indicated above, we ask to submit a written request by e-mail to duomenuapsauga@palangahotel.lt.
5. You have a right to demand to delete your personal data (the right to be forgotten):
1. Under certain circumstances, you have a right to request to have your personal data deleted. However, this provision does not apply if we must store the data in accordance with the law. In order to use the right, indicated above, we ask to submit a written request by e-mail to duomenuapsauga@palangahotel.lt.
6. You have a right to limit with your personal data processing:
1. Under certain circumstances, you also have a right to limit with your personal data processing. In order to use the right, indicated above, we ask to submit a written request by e-mail to duomenuapsauga@palangahotel.lt.

SECTION 10. FINAL PROVISIONS

1. The legal relationship, related to this Policy, is subject to the law of the Republic of Lithuania.
2. The Data Controller holds no liability for the damage, including the damage, caused by disruptions of the website use, for the loss or damage to the data, caused by the actions or lack thereof, mistakes, intentional harm or other improper use of the Website by the person himself/herself or third persons, acting under the said person's knowledge.
3. The Data Controller also holds no liability for the disruptions of connecting to and/or use of the Website and (or) the damage caused by them due to the actions or lack thereof of the third persons, unrelated to the Data Controller or the person, including power supply, internet access disruptions, etc.
4. The Data Controller has a right to change this Policy in part or in full.
5. Supplementations or changes to this Policy come into force on the date of publishing on the Website.
6. If the person continues to use the Website and/or the services, provided by the Data Controller, after the Policy has been supplemented or changed, it will be regarded that the said person does not object to such supplementations and/or changes.
7. You may contact us regarding all issues of data processing by e-mail: duomenuapsauga@palangahotel.lt.
8. This Privacy Policy comes into force as of 25 May 2018.