Забронировать

Политика конфиденциальности

Privacy Policy

 

1. General Provisions

1.1.           This privacy policy (hereinafter – thePolicy) regulates the main principles and rules regarding the collection, processing and storage of personal data carried out by UAB "KELIONIŲ VIEŠBUČIAI", company code 110591855, address of registration: Slucko g. 8, Vilnius, phone nr. +370652102700 email: hotel@ecotel.lt (hereinafter – we, the Hotel), and terms of operation of our website http://www.ecotel.lt (hereinafter - the Website).

1.2.           We aim to ensure that the users of our services, visitors of the Websites, users of services provided on the Websites and other persons whose personal data we process, would entirely trust our services and would be informed in a transparent manner of how we process their data. In this Policy you shall find information on how we collect and use (or would like to collect and use) your personal data.

1.3.           In our business operations, we are guided by the following data processing principles:

1.3.1. Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (principle of lawfulness, fairness and transparency);

1.3.2. Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (principle of purpose limitation);

1.3.3. Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (principle of data minimalisation);

1.3.4. Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (principle of accuracy);

1.3.5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required to safeguard the rights and freedoms of the data subject (principle of storage limitation);

1.3.6. Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (principle of integrity and confidentiality);

1.3.7. We are responsible for following, and be able to demonstrate compliance with, the abovementioned principles (principle of accountability).

1.4.           This Policy has been prepared in accordance to the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter – the GDPR), the Act on Legal Protection of Personal Data of the Republic of Lithuania, other laws of the European Union and the Republic of Lithuania.

2. Personal data collection, processing, storage

2.1.           By providing your personal data, you agree to us processing it for purposes and by means and order laid out in the Policy and laws.

2.2.           It is very important that you read the Policy carefully, because when you visit the Websites and use our services, this Policy will be directly applicable to the collection, processing, and, in the cases provided for in the Policy, your personal data to recipients.

2.3.           If you do not agree with this Policy and the processing of personal data described therein, please do not visit the Websites and / or use our services

2.4.           You are responsible for ensuring that the data you provide is precise, correct and detailed. Input of incorrect data is considered to be a violation of the Policy. If the data provided changes, you must immediately inform us about it. We shall under no circumstances be responsible for damages that may arise for you and (or) third parties if you provide incorrect and (or) undetailed personal data or did not request supplementation and (or) correction of data when it changes.

2.5.           The entities to which we may disclose your personal data are described in each of the data processing activities laid down below.

3. Processing of personal data for the purpose of selecting candidates for employment

3.1.           If you decide to contact us for recruitment, we will process personal data submitted by you as candidate for recruitment purposes.

3.2.           Legal basis for processing personal data is Article 6 (1) (a) (Your consent given by submitting your data) and (b) (processing in order to take steps prior to entering into a contract) of the GDPR.

3.3.           Whereas the laws of the Republic of Lithuania impose additional restrictions on the information of candidates that can be processed, we shall ensure that only the allowed personal data of you as the candidate is processed.

4. Processing of personal data for the provision of services

4.1.           We provide accommodation and other related services and therefore need to use your personal data for the following purposes related to the provision of services:

4.1.1. Credit card authorization or hotel reservation confirmation to ensure payment. Legal basis for processing personal data for this purpose is Article 6 (1) (b) (performance of a contract or necessary steps prior to entering into a contract);

4.1.2. Hotel guest property (vehicle) protection and parking space reservation. Legal basis for processing personal data for this purpose is Article 6 (1) (a) (consent expressed by submitting data) and (f) (legitimate interest to protect property of the hotel guests);

4.1.3. Hotel guest card registration (and archiving). Legal basis for processing personal data for this purpose is Article 6 (1) (b) (performance of a contract or necessary steps prior to entering into a contract) and (c) (compliance with a legal obligation to which the Hotel as a data controller is subject);

4.1.4. Management of guest profiles. Legal basis for processing personal data for this purpose is Article 6 (1) (b) (performance of a contract or necessary steps prior to entering into a contract);

4.1.5. Taxi calling to hotel guests. Legal basis for processing personal data for this purpose is Article 6 (1) (a) (consent by the client’s request);

4.1.6. Conclusion and execution of contracts with clients for the organization of events. Legal basis for processing personal data for this purpose is Article 6 (1) (b) (performance of a contract or necessary steps prior to entering into a contract);

4.1.7. Conclusion and execution of cooperation agreements with clients. Legal basis for processing personal data for this purpose is Article 6 (1) (b) (performance of a contract or necessary steps prior to entering into a contract).

4.2.           Where your personal data are necessary for us to perform the contract or to fulfil our legal obligations, the submission of personal data is necessary as we otherwise will not be able to provide you with our services.

4.3.           For the purposes mentioned above, the following personal data personal data received directly from clients and third parties – website reservation channels used to make reservations, travel agents, employers or other persons that order services provided by the Hotel (depending on the purpose, personal data are processed to a different extent):

4.3.1. Name;

4.3.2. Surname;

4.3.3. Date of birth;

4.3.4. Passport number;

4.3.5. Vehicle registration number;

4.3.6. Bank card type, number and expiry date;

4.3.7. Address of residence;

4.3.8. Nationality;

4.3.9. Email address;

4.3.10. Telephone number;

4.3.11. Information about the visit (dates of arrival and departure);

4.3.12. Other information necessary to provide specific services.

4.4.           Personal data processed for these purposes may personal data made available to companies that provide IT services, acting as data processors.

4.5.           Personal data processed for the purpose of the loyalty program administration shall be transferred to InterContinental Hotels Group.

4.6.           Certain summarized clients` personal data (country of residence, purpose of visit) is submitted to the Department of Statistics to the Government of the Republic of Lithuania each quarter thus fulfilling the legal obligation imposed on the Hotel by the Law on Official Statistics.

5. Processing of personal data for video monitoring purposes

5.1.           We carry out video monitoring in the hotel and territory around the hotel (Slucko g. 8, Vilnius). You will be presented with information regarding the video monitoring in the notices before entering the field of video monitoring.

5.2.           Legal basis for processing personal data is Article 6 (1) (f) of the GDPR (legitimate interest to ensure the safety of Hotel guests and Hotel staff, maintain public order at the Hotel and protect the property of guests and the Hotel).

5.3.           The video data is handled by the staff of a security company hired by the Hotel.

5.4.           We may provide video data to a pre-trial investigation body, a prosecutor or a court for administrative, civil, criminal cases at their disposal as evidence or in other cases prescribed by law.

6. Processing of personal data for debt management purposes

6.1.           If you, as our contractual client, delay paying for our services, we may be forced to process the following personal data received from you for debt management purposes:

6.1.1. First name;

6.1.2. Last name;

6.1.3. Telephone number;

6.1.4. E-mail address;

6.1.5. Other data necessary in this context.

6.2.           The legal basis for the processing of personal data is GDPR Article 6 (1) (b) - our legitimate interest in receiving payment for the services provided.

6.3.           We may transfer your data we process for this purpose to third parties - courts, bailiffs, and we use companies that provide IT to services to us, acting as data processors, and lawyers.

7. Processing of personal data for accounting purpose

7.1.           When you use our services, we process the following personal data for the accounting purposes:

7.1.1. First name;

7.1.2. Last name;

7.1.3. Address;

7.1.4. Email address;

7.1.5. Telephone number.

7.2.           Legal basis for the processing of personal data are GDPR Article 6 (1) (b) - conclusion and execution of the contract, (c) - execution of legal accounting obligations applicable to us.

7.3.           We do not transfer your data we process for this purpose to third parties, but for their processing we use companies that provide IT services to us as data processors.

8. Procedures and retention periods of personal data storage

8.1.           By processing and storing your personal data We shall implement organizational and technical measures that would ensure protection of personal data from accidental or unlawful destruction, modification, disclosure and any other means of unlawful processing.

8.2.           We use different retention periods for storing personal data depending on the purpose for which your personal data are processed.

8.3.           We apply the retention periods for data storage:

No.

Purpose of processing personal data

Retention period

1.

Selection of candidates for employment

Until the end of the screening process

2.

Accounting

10 years from the date of issue of the accounting document

3.

Credit card authorization or hotel reservation confirmation to ensure payment

1 year after receipt of the data

4.

Hotel guest property (vehicle) protection and parking space reservation

Until the client’s day of departure

5.

Video monitoring

Up to 1 month

6.

Hotel guest card registration (and archiving)

5 years from the client’s day of departure from the hotel

7.

Management of guest profiles

3 years from the last visit/reservation

8.

Taxi calling to hotel guests

Until the client’s day of departure

9.

Management of guests' debts

1 year from the date of the debt recovery

10.

Conclusion and execution of contracts with clients for the organization of events

5 years from the end of the business relationship

11.

Conclusion and execution of cooperation agreements with clients

5 years from the end of the business relationship

8.4.           Exceptions to the above-mentioned retention periods may be determined to the extent that such deviations do not violate the rights of you as the data subjects, comply with legal requirements and are properly documented.

8.5.           In the event that your certain personal data will be required for the purpose of bringing, enforcing or defending legal claims, we will retain them to the extent that they are necessary to achieve such purposes in a judicial, administrative or extrajudicial procedure.

9. Your rights

9.1.           You shall at any time have the right, by providing us a request, to access your personal data processed by us and to receive information on how your personal data is processed, to rectify your incorrect, incomplete or inaccurate personal data, and to ask to suspend, except for storage, personal data processing actions if the data is processed in violation of legal requirements.

9.2.           To the extent that the processing of personal data is based on consent, you have the right to withdraw the consent at any time without affecting the legitimacy of consent-based data processing prior to the withdrawal of consent.

9.3.           You can exercise your rights by submitting a written application by e-mail hotel@ecotel.lt or by sending a request to Slucko g. 8, Vilnius, or by directly visiting said address.

10. Contact information and complaint submission

10.1.       If you have any questions regarding the protection of personal data, please kindly contact us by e-mail hotel@ecotel.lt.

10.2.       If you are not satisfied with our response or think that we are processing your data in a way that does not comply with legal requirements, you have the right to file a complaint with the State Data Protection Inspectorate of the Republic of Lithuania as a supervisory authority.

11. Information about the use of cookies

11.1.        When you visit the Websites, the we desire to provide such content and functionality that would best suit your needs. To this end, cookies are used. Cookies are small-volume text files stored on your browser or device (personal computer, mobile phone, or tablet).

11.2.       With cookies we aim to provide a more enjoyable experience for the persons browsing the Websites and to improve the Websites themselves.

11.3.       The cookies used on the Website can be grouped into these types:

11.3.1. Cookies that are essential for the website's operation are designed to enable the site to perform its core functions. These cookies allow you to browse the website and use its preferred features; for example, to provide access to secure areas for a particular site;

11.3.2. Activity (analytical) cookies collect anonymous information about how the visitors use the website. By providing information about visited areas, time spent on specific pages of the website and any problems you encounter, such as error messages, these cookies help us understand how visitors behave on the website. This information helps us to improve the website’s performance.

11.3.3. Functional cookies improve your experience on the website. For example, these cookies can store such information as your username when connecting to Esiunta website. These cookies can be used to provide services you request, for example, in order to request shipment collection and delivery services or to use services of the third party, for example, social media functions.

11.4.       With the help of cookies, we use IP addresses of the Websites` visitors. IP address – computer identifier on internet protocol networks. It can be used to collect various statistical and demographical information for the Website administration and network error diagnostics, but are not used to determine your identity. By using cookies, we collect data on the use of services.

11.5.       Detailed information on the use of cookies:

Cookie name

Description / Purpose of use

The moment of creation

Expiration date

Data used

PHPSESSID

A standard cookie is used to support a user session. Required cookie file

When you enter the site

Until the window of the site is closed

A unique identifier

_ga

These cookies are used to collect statistical information about website traffic. The data obtained is used to generate reports and to refine the site.

When you enter the site

2 years

A unique identifier

_gat

Used to set new sessions / visits

When you enter the site

1 minute

A unique identifier

_gid

These cookies are used to collect statistical information about website traffic. The data obtained is used to generate reports and to refine the site.

When you enter the site

24 hours

A unique identifier

__cfduid

The cookie file is intended for additional services: cloudflare

When you enter the site

1 month

A unique identifier

__utma

These cookies are used to collect statistical information about website traffic. The data obtained is used to generate reports and to refine the site.

When you enter the site

2 years

A unique identifier

__utmc

These cookies are used to collect statistical information about website traffic. The data obtained is used to generate reports and to refine the site.

When you enter the site

Until the window of the site is closed

A unique identifier

11.6.       You can delete or block cookies by selecting the appropriate settings in your browser that allow you to cancel all or some cookies. Each browser is different, so if you don't know how to change your cookie settings, you should find this information in its help menu. It should be noted that by using browser settings that block cookies (including essential cookies), you may experience problems using all or part of the Websites’ features.

12. Processing of personal data carried out by third parties

12.1.       Under certain conditions we can disclose your information to other parties than described above:

12.1.1. In order not to violate the law or to respond to a mandatory claim in court proceedings (for example, upon receipt of a court request to provide data);

12.1.2. To confirm the legitimacy of our actions;

12.1.3. To protect our rights, assets or secure them;

12.1.4. In other cases, with your consent or legitimate request.

12.2.       Any personal data you provide to us may be transferred to competent authorities in the cases expressly provided for by law.

12.3.       The Website provides links to our accounts on social networks. By using third-party services such as visiting our Facebook social network account may be subject to third-party terms and conditions. It is therefore advisable to familiarize yourself with the terms they apply when using such third-party services:

12.3.1. You may find Privacy Policy of the Facebook social network by following this address: https://www.facebook.com/policy.php.

12.4.       We would also like to draw your attention to the fact that the Website contains links to the websites of other persons, companies or organizations, and that we are not responsible for the content of such websites and/or the methods used by them to enforce their privacy policies, so, before submitting any information about yourself on another website, you should consult their terms and conditions, privacy policy and other information provided on the other website.

13. Final provisions

13.1.       Legal relations related to this Policy shall be governed by the law of the Republic of Lithuania.

13.2.       We are not accountable for damages, including damages resulting from interference with usage of the Website, damage or loss of data arising from an act or omission by you or third parties acting on your behalf, including incorrect input of data, other mistakes, conscious malicious behaviour and other wrongful use of the Websites. We shall also not be held responsible for any interference of the Website log in and / or functioning and (or) resulting damage that arises from acts or omissions of third parties not associated with the User, including issues with electricity, web access, etc.

13.3.       This Policy shall be reviewed and, if necessary, updated at least once every two years. Policy additions or changes shall take effect from the date of their publication on the Websites.

13.4.       If you use the Website and our services after the Policy update, we will assume that you do not object and are familiar with the changes made.