Privacy policy

Changing cookie settings
To change cookie settings click here 

Jadran hoteli d.d. - Privacy Policy
Notice on the processing of personal data via the website

Changing cookie settings
To change cookie settings click here 

The General Data Protection Regulation 2016/679 (GDPR) has set, as an imperative, the protection of personal data in the legal systems of the member states of the European Union. Adhering to the requirements of the General Regulation and other applicable regulations, Jadran hoteli dd applies recommended security standards and best practices that ensure a high level of protection of personal data and privacy. This privacy policy informs you about the collection and processing of personal data through this website and informs you about the processing carried out based on the established legitimate interest.

DATA CONTROLLER
JADRAN HOTELI D.D.

Strossmayerova 1, Rijeka 51000
OIB: 45875673150

Contact: +385 (0) 51 373 536
E-mail: pravna@jadran-hoteli.hr

DATA PROTECTION OFFICER (DPO)

The controller has appointed a professional data protection officer. He can be contacted for other information about the processing of personal data, request access to his data, send an objection or complaint about the processing or request other information regarding the processing of his personal data.

Contact: dpo@feralis.hr
Web site: www.feralis.hr

DATA THAT IS COLLECTED AND PROCESSED – PURPOSE AND LEGAL BASIS

Personal data may be collected through this website for the following purposes:
1. to respond to inquiries/requests and to receive notifications about special offers,
2. to reserve accommodation or
3. for better functioning features of the website of this website and enabling a better user experience.

1. Data that is collected for the purpose of responding to an inquiry/request or for the purpose of applying for the delivery of information on special offers and benefits may be of the following categories:
• contact data

Such processing is necessary to perform the requested service or to take actions before providing the requested services, and the processing is legal in accordance with the General Regulation (Article 6, paragraph 1, point b of the General Regulation). If the requested information is not provided, we are unable to respond to the user’s inquiry or request, and it is necessary to contact us in another available way.

2. Data collected for the purpose of booking accommodation can be of the following categories:
• user identification,
• contact data,
• stay data or
• credit card data.

Such processing is necessary to perform the requested service or to take actions before providing the requested service, and the processing is legal in accordance with the General Regulation (Article 6, paragraph 1, point b of the General Regulation). If the requested information is not provided, the user will not be able to make an accommodation reservation via the website, and in that case, the reservation will need to be made in one of the other available ways.

3. Personal data can be collected via this website for the purpose of better functioning of the website features of this website and enabling a better user experience.

For this purpose, non-intrusive cookies are used and the user's consent is requested before their use, when they are not necessary cookies. The data that is collected is anonymous and does not contain identification data about the individual.

Data is processed on the basis of consent and the processing is in accordance with the General Regulation (Article 6, paragraph 1, point a/ of the General Regulation). The user can manage cookies and withdraw their consent for the entire time they are on the site. Withdrawal of consent does not affect the legality of the processing that was carried out until the moment of withdrawal.

LEGITIMATE INTERESTS

In certain situations, personal data may be processed on the basis of an established legitimate interest. When the processing is based on this basis, an objection to such processing can be submitted. The processing will not be limited or suspended in the case when there are compelling legitimate reasons for the processing that exceed the interests, rights and freedoms of the data subject or when such processing is necessary for the establishment, realization or defence of legal claims. Such processing is in accordance with Article 6, paragraph 1 point f/ of the General Regulation).

The processing we carry out on the basis of legitimate interest is as follows:

VIDEO SURVEILLANCE

Purpose of processing: video surveillance is carried out for the purpose of protecting people and property.
Duration of storage of recordings: up to 20 days. A longer storage period is also possible if they are evidence in court, administrative, arbitration or other proceedings.

Other recipients: we can deliver video recordings only upon request to competent authorities (police, court) when it is necessary to carry out an official procedure and they cannot be delivered to other persons.

The collected data are not processed for other purposes.

NEWSLETTER

Data that can be processed: e-mail address

Purpose of processing: marketing. The newsletter may provide information about our services and may include information about our special offers and benefits.

Method of collection: directly from the respondents. In the event that the e-mail address to which the newsletter is delivered is collected in another way, the respondent will be informed about such a source during the first contact.

At any time, an objection to the processing of an e-mail address for marketing purposes can be raised, and the processing can be limited or completely prohibited

PHOTOS ON THE INTERNET PAGE AND SOCIAL NETWORKS

Data that can be processed: photo
Purpose of processing: Marketing
Method of collection: directly from respondents.

At any time, an objection can be raised and processing can be limited or completely prohibited.

The controller may take photographs within the boundaries of its ownership or management or in public areas for marketing purposes to promote its services and products via the website and social networks. As a rule, there are more than three people in such photos (group photos) and no single person stands out in the foreground. People are informed in advance about the photography either orally, via the website or through prominent notices at the location of the photography in order to provide information about the processing and enable the exercise of rights, and in particular to prohibit or limit such processing in relation to the subject.

RECIPIENTS OF PERSONAL DATA

Collected personal data can be forwarded for use to providers of IT and communication solutions and services, who act as our processors.

The aforementioned executors provide reasonable guarantees and have taken appropriate technical and organizational protection measures in order to adequately ensure data protection and conduct in accordance with the requirements of the General Regulation. An agreement/contract on the processing of personal data was concluded with the processors based on Commission Implementing Decision (EU) 2021/915 on standard contractual clauses between the manager and the processor as a separate part of the contract. The aforementioned agreement/contract prescribes the handling of personal data in detail, therefore they are not able to process personal data without our order and forward them to third parties.

Personal data is not forwarded to third parties for direct marketing purposes.

DATA STORAGE PERIOD

Personal data collected through this website is processed until the purpose for which the data was collected is fulfilled. After fulfilling the purpose, personal data will no longer be processed. However, certain personal data (for example, e-mail address) may still be processed on the basis of an established legitimate interest (for marketing purposes to send notifications about our services), as long as there is a purpose for the processing or until such processing is restricted or completely prohibited by objecting or unsubscribing from the list of recipients.

DATA COLLECTED THROUGH SOCIAL NETWORKS

The pages and profiles we manage on social networks (Facebook, Instagram or others) are always under the correct and full name of the data controller.

We use personal data about our contacts that we collect using them only in the case of responding to an inquiry or comment, and the data is not processed for other purposes.

USE OF COOKIES

These websites use technical cookies. These cookies are necessary for the website to function and cannot be turned off. We may also use non-essential "cookies" for the purpose of improving system performance and improving the user experience. In this case, we will ask for consent beforehand. You can manage cookies at any time and withdraw your consent and stop further processing without negative consequences. Detailed information about cookies can be found in the Cookie Policy.

COOKIE POLICY

SECURITY OF PERSONAL DATA PROCESSING

We collect and process personal data in a way that ensures adequate security and confidentiality in their processing and effective application of data protection principles, reduction of the amount of data, scope of their processing, storage period and their availability. For this purpose, we have introduced appropriate technical and organizational protection measures that ensure a level of security that corresponds to the risks posed by data processing and the nature of the personal data being protected, bearing in mind the characteristics and costs of their introduction.

We provide the users of the reservation system with the highest level of data protection. For secure data transfer between the user's computer and our servers, we use "AWS" certificate and SSL technology with 128-bit encryption. All personal data, numbers of personal documents, credit cards or other means of payment that users provide through the reservation system are transmitted exclusively via a secure connection with 128-bit data encryption.

We regularly review processing that may pose a risk to the rights and freedoms of individuals and have taken appropriate protection in order to protect personal data from accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, especially in cases where the processing involves the transmission of personal data over the network and from all other unlawful forms of processing.

EXERCISE OF RIGHTS

Right of access
At any time you can request confirmation of whether your personal data is being processed and detailed information about the processing, in particular about its purpose of processing, about the type/categories of personal data being processed including insight into your personal data, about recipients or categories recipient and about the expected period in which personal data will be stored.

Right to rectification
We ensure the right to rectification, and you can obtain correction of incorrect and incomplete personal data without delay.

Right to erasure
You have the right to request the erasure of your personal data. If the request is justified and if the law does not oblige us to store data, the data will be deleted without undue delay.

Right to restriction of processing
You have the right to request the restriction of processing of your personal data in the cases provided for in the General Regulation. In particular, we emphasize that you can limit the processing of personal data based on legitimate interest as a lawful basis for processing.

Right to object
You have the right to object to the processing of your personal data in all cases provided for in the General Regulation. We especially point out that you can raise an objection to processing based on legitimate interest as a legal basis for processing and limit or completely prohibit processing.

Right to complain
In the event that you believe that the processing has resulted in a violation of your personal data and a violation of the provisions of the General Regulation, you can file a complaint with the supervisory authority, the Agency for the Protection of Personal Data from Zagreb, Selska Street 136

CONTACT INFORMATION

For other information about the processing of personal data or to exercise your rights, you can contact us through the data protection officer or our other contacts.

Data protection officer: dpo@feralis.hr I www.feralis.hr

After your identification, we deliver the answer within 30 days in the usual electronic form, unless otherwise requested.

OTHER INFORMATION

This privacy policy is regularly reviewed, supplemented and changed in order to always reflect the actual state of collection and processing of personal data through this website. Please check regularly for such changes.

Last update: September 2022

Changing cookie settings
To change cookie settings click here