Privacy policy

Privacy Policy of SIA Islande Hotel

 

Controller: SIA Islande Hotel

Reg. No. 40003576416

Registered office: Kipsalas iela 2, Riga, LV-1048 (Ķīpsalas iela 2, Rīga, LV-1048)

Website: www.islandehotel.lv

Telephone: +371 6760 8000

Email: reception@islandehotel.lv

 

This Privacy Policy is aimed at providing information to the Controller’s clients and other persons (data subjects) on the procedure for processing their personal data.

This Privacy Policy applies to any data subject whose personal data is processed by SIA Islande Hotel as a controller in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter – the Regulation).

 

The purpose and legal grounds for processing of personal data

Purpose of processing

Categories of personal data

Legal grounds

Hotel service supply

-       Forename, surname, personal identification number or birth data, citizenship (state affiliation);

-       Telephone number;

-       Email address;

-       Credit card number

Article 6, Clause 1, sub-clause f) of the Regulation (legitimate interests)

Hotel service supply

-       Identification document (passport or ID card) data

Article 6, Clause 1, sub-clause c) (legal obligation to identify the client), Section 11, Paragraph seven of the Tourism Law

Parking of a vehicle at the hotel’s car park

-       Vehicle number plate

Article 6, Clause 1, sub-clause f) of the Regulation (legitimate interests)

Catering service supply

-       Forename, surname;

-       Personal identification number or birth data

Article 6, Clause 1, sub-clause b) of the Regulation (contract performance)

-       Account number

 Article 6, Clause 1, sub-clause c) of the Regulation (legal obligation to state the respective bank details in the invoice)

-       Telephone number;

-       Email address

Article 6, Clause 1, sub-clause f) of the Regulation (legitimate interests)

Prevention or detection of offences regarding property protection and provision of vital interests of persons including protection of life and health, safety, order and performance of obligations.

-       Video image of a person

Article 9, Clause 1, sub-clause f) of the Regulation (legitimate interests)  

 

Data subjects’ data may be accessed by:

1)             Employees of the Controller in the extent necessary to perform their duties.

2)             The data subject regarding their personal data. 

3)             Law enforcement agencies as well as public and local authorities in the cases stipulated by laws and regulations.

4)             Processors of personal data according to the service supplied in compliance with the processor’s obligations stipulated in the Regulation, including regarding confidentiality.

 

Duration of data storage

1)        Duration of storage of the data processed according to the laws and regulations shall be stipulated in compliance with the laws and regulations on the duration of document storage.

2)        The data processed by the Controller based on consent from the data subject shall be stored according to the purpose of processing, or until the consent of the data subject is revoked, or until the data subject requests the deletion thereof.

3)        The data processed based on the Controller’s legitimate interests shall be stored in line with the purpose of processing, as well as for the period laid down for the Controller to pursue their legitimate interests (e.g. file a claim or take legal action) according to the laws and regulations.

4)        Video recordings shall be stored for 30 days.

 

Data safety

The Controller shall ensure that personal data of the data subject is processed according to the following principles:

-          Legitimate and honest processing of personal data;

-          Processing of data only for appropriate purposes explained to the data subject;

-          Minimising of data (processing only to the extent necessary);

-          Data accuracy;

-          Storage of data no longer than necessary for the purpose of processing;

-          Safety and confidentiality of data.

 

Rights of the data subject

The data subject shall be entitled to receive information on their personal data stored in the Controller’s information systems, and shall have the right to request that inaccurate data is corrected, the processing of the same is discontinued or the data is destroyed should it be incomplete, outdated, processed illegally or no longer necessary for the purpose of collection.

Such a request shall be drawn up in writing and submitted to SIA Islande Hotel at Kipsalas iela 2, Riga, LV-1048, or signed electronically with a secure electronic signature and emailed to: reception@islandehotel.lv. SIA Islande Hotel shall respond to the request, no later than within 30 days.

However, personal data, the storage of which is stipulated by laws and regulations (accounting, invoices issued, contracts concluded, etc.) may be deleted only according to the laws and regulations.

It shall not be mandatory to supply the information requested by the Controller, however, it shall be a prerequisite for receipt of the services supplied by the Controller.

The Controller shall, based on the personal data supplied by the data subject, not perform automated decision-making.

The data subject shall have the right to notify of any breaches of this Privacy Policy.

In the event that the data subject finds the Controller’s actions unlawful, the data subject shall have the right to file a complaint with the supervisory body, which in the Republic of Latvia is currently the Data State Inspectorate at Blaumana iela 11/13, Riga, LV-1011.

Personal data of the data subject shall not be transferred outside of the European Union or the European Economic Area, to third countries or international organisations.

  

 

The right to revoke the consent of the data subject

 

In the event that processing of data of the data subject has started and is being performed based on the consent of the data subject, the data subject shall have the right to revoke the same at any time.

The revocation of the consent shall not affect the processing of data performed at the time when the consent of the data subject was still effective.

In the event that the data subject revokes their consent, the processing of personal data of the same shall not be discontinued, should it be performed based on other legal grounds.

 

Cookies

Cookies are small text files that are placed on your computer or mobile device by the websites you visit. Cookies help the site remember the settings (e.g. language, images uploaded, display settings, etc.) you have selected to browse the site to avoid adjusting and loading them every time you visit the same site.

 

The cookies are used to:

 

Types of cookies:

1)      Functional cookies (first-party cookies) are essential for the site to function and remember you every time you perform a new action, for instance, language settings, text entered so that when you open the site again it could load the conversation faster than the first time you browsed it.

2)      Analytical and advertising cookies (third-party cookies). The site uses analytical tools Google Analytics and Yandex Metrica. These tools use cookies enabling us – the maintainer of the site – to analyse which content of the site is used the most, through which search engine the user has reached it, and how the user navigates the site. The information collected is used for the purpose of improving the site in order to make it easier to navigate and customise the content of the site to the user’s interests.

The site might additionally use services such as Google AdWords for the purpose of ensuring ads customised to the user’s wishes. YouTube – in order to ensure video content on the site and links to other sites. Facebook, Instagram, draugiem.lv, LinkedIn – for the purpose of offering an opportunity to view the content from these social media accounts or share the content of our site there. All of these services use cookies in order to obtain statistical data and determine the most popular search trends. These third-party cookies are beyond our control.  

 

Cookies shall be saved on your device temporarily, or until you delete them manually.

 

You can control or delete cookies from your device, if you wish to do so. Moreover, you can disable the use of cookies in your browser settings. However, keep in mind that it might affect the availability of some site services and functions.

 

Information related to cookies shall not be used to identify you. These cookies shall be used solely for the purpose stipulated in this Policy.

 

Read more about cookies here:  www.aboutcookies.org

 

 

Video surveillance

The Controller shall perform video surveillance and process personal data when the data subject visits the Controller’s service supply location for the purpose of your personal safety and that of our employees, clients and property. Upon expiry of the period of storage of video surveillance recordings, the Controller shall ensure the complete deletion of data, unless the data has been requested before or any offences or other safety breaches have been found. In the event that the data has already been requested by the competent public or local authorities or if safety breaches have been found, the data shall be stored until the respective aim is achieved.

 

Changes to the Privacy Policy

 

The Controller may alter this Privacy Policy from time to time in order to improve the quality of data processing by publishing it on this website.

The Controller recommends that the data subject visits this section of the site regularly to find out the latest information.