Privacy policy
Privacy policy
Web privacy policy for
www.hotelhildegard.hr
Effective date: 1.7.2021.
Controller of personal data processing
ANTE JURIĆ d.o.o (Co. Ltd), Ulica don Petra Cara 35, 21312 Podstrana, Croatia, PIN (OIB): 68700894803, e-mail: info@hotelhildegard.hr, respects your privacy and undertakes to protect it during and after your visit to this website (hereinafter “Website“), during a visit to our business premises, when you use any of our services as well as at our events. In that sense, ANTE JURIĆ d.o.o. acts as the processing manager (“Processing Manager”). This Privacy Policy provides insight into our actions regarding the collection and processing of personal data.
As a controller, we process your personal data in compliance with the applicable rules on personal data protection, in particular in compliance with the General Data Protection Regulation (EU) 2016/679 (hereinafter: the General Regulation) and the Act on the Implementation of the General Data Protection Regulation (NN 42/2018).
Types of personal data to be processed
ANTE JURIĆ d.o.o. collects and processes personal information about you (e.g. information through which you can be directly or indirectly identified, in particular using identifiers such as name, surname, e-mail address, IP address, photo taken by an official photographer (“Personal Information”), in cases when:
- you use the contact form on the Website,
- contact us via the info e-mail indicated on the Website,
- contact us or connect with us through social networks,
- when we process your reservation form / inquiry,
- we cooperate with you as our supplier or business partner,
- when we issue an invoice for services.
ANTE JURIĆ d.o.o. will not collect Personal Data if you do not provide them voluntarily, except for certain Personal Data collected through information systems and programs used for operating the Website, the transmission of which is inherent in the use of Internet communication protocols (e.g. IP address when filling in the contact form) and will not require more information than is necessary to participate in certain activities. If you do not wish to provide us with Personal Information (other than Personal Information relating to the use of Internet communication protocols normally collected when visiting the Website), you may still access our Website, but will not be able to log in to the contact form or contact us and receive our news.
The provision of visitor / sender information is voluntary and there is no contractual obligation or condition for the visitor / sender to do so.
Cookies
Our website uses cookies.
Cookies are text files that are stored in a computer system via an Internet browser.
The Electronic Communications Act stipulates that we may store cookies on your device if they are strictly necessary for the operation of this Website. For all other types of cookies, we need your consent. This Website uses different types of cookies. Some cookies are set by third parties that appear on our Website.
Social networks
ANTE JURIĆ d.o.o. collects Personal Information about its contacts on social networks (Facebook, Instagram, etc.) but does not contact them except in the case of answering a query or comment.
Provisions on data protection when applying and using Facebook, Instagram, LinkedIn
On the Website, the controller can integrate or has already integrated components of Facebook, Instagram and LinkedIn.
Facebook and Instagram are social networks, operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a user lives outside the United States or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data protection rules published by Facebook and Instagram are available at https://facebook.com/about/privacy/ and https://help.instagram.com/519522125107875?helpref=page_content and provide information on the collection, processing and use of personal information on those social networks.
“LinkedIn” is a business social network for users who use this service within the EU, EEA and Switzerland, operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy published by LinkedIn is available at: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy providing information on the collection, processing and use of personal information on that social network.
Purpose, legal basis of processing and possible consequences of non-disclosure of Personal Data
When you provide your Personal Information, we will limit the use of Personal Information for the purpose for which it was collected, in accordance with the terms of this Privacy Policy.
We process personal data based on your consent, legitimate interest, for the purpose of fulfilling a contractual obligation, and on the basis of a legal obligation. The processing of Personal Data is limited only to the purpose for which it was collected in accordance with the terms of this Privacy Policy.
When we process data based on your consent, we process only personal data voluntarily provided for communicating with us, answering questions or processing job applications, filling out a contact form or subscribing to our newsletter. The purpose of processing is to take steps according to your request, such as answering questions and comments, receiving offers, communicating about your activities on the website, processing open applications and applications for tenders. Based on legitimate interest, we process personal data when you access our Website (IP address), when we send you a newsletter as our client with whom we already cooperate, when we take photographs of events and activities we organize. If we organize an event and other activities at which we will take photos and film guests, we will do so either on the basis of legitimate interest, of which you will be informed in advance before entering the shooting / photography space, or you will be asked for consent in advance.
The purpose of this processing includes investigating suspicions of fraud, harassment, physical threats or other violations of the rules of the Website or any suspicious behaviour that we consider indecent. The videos / pictures of participants in our events are processed for the purpose of event promotion.
In order to fulfil the contractual obligation and based on laws and regulations, we are obliged to process your personal data when you buy our products and use our services. In particular, we process data of persons who perform tasks through the Student Centre, business partners and suppliers (e.g. based on agreements on the provision of services); in addition we process the data of business partners who are natural persons and their employees (e.g. name and surname, business or mobile phone number, e-mail address), as well as our clients for the purpose of invoicing.
Recipients
Your Personal Information may be disclosed in the following cases:
- to subjects who organize events for us (e,g. photographing events)
- authorized PR, event and marketing agencies, event organizers, entities directly involved in the implementation and realization of individual events
- entities that maintain our information systems,
- persons authorized by ANTE JURIĆ d.o.o. for the processing of Personal Data, which are subject to the obligation of confidentiality
- law enforcement agencies and public authorities as required by applicable law, legitimate or public interest (to protect and defend the rights or property of ANTE JURIĆ d.o.o. and the Website, or to act in urgent circumstances to protect the personal safety of users, the Website or the general public)
- legal advisers in case of required forwarding of data for legal proceedings,
- media agencies for the purpose of publishing photos in the print media, on websites and social networks.
Transfer of Personal Data to third countries
The collected data is stored within the European Union (EU) and the European Economic Area (EEA) except Switzerland, but can also be transferred and processed in a country outside the EU and the EEA, especially the USA. Any such transfer of personal data shall be carried out in accordance with the applicable legal regulations. For transfers outside the EEA, we use Standard Contract Clauses, eligibility decisions and appropriate safeguards, while any transfer to the USA is covered by the Privacy Shield Agreement between the European Union and the USA, thus guaranteeing adequate protection of personal data.
Keeping of data
We process personal data only for the time necessary to achieve the purpose of processing them.
Personal data collected on the basis of consent is only processed until you withdraw your consent, whereas you may object to the processing of personal data based on a legitimate interest. Data of business partners and suppliers is kept until the termination of business cooperation. The data is not delivered to third parties or exported to third countries. Data of a private nature is not collected, only data related to the fulfilment of work tasks.
Other personal data that we process in relation to the execution of a contractual relationship or legal obligation are stored in accordance with regulations, in which the time of storage is determined (e.g. the Accounting Act). Exceptionally, your personal data will be kept longer when it is necessary to meet mutual legal requirements.
Upon expiration of the deadlines, stored personal data printed on paper will be destroyed in a safe way, e.g. by cutting or burning, while the data in electronic form will be permanently deleted.
Your rights and the exercise of rights
- a) Right to correction:
If we process your personal information incompletely or inaccurately, you may ask us to correct or complete it at any time.
- b) Right of access:
You are entitled to receive a confirmation about whether your personal data is processed or not, and if this is the case, you are entitled to request access to this information under Article 15 of the General Regulations.
- c) Right of deletion:
You can request that your personal data be deleted if it has been processed unlawfully or the processing represents a disproportionate interference with your protected interests. Please note that there can be reasons that prevent immediate deletion, e.g. to maintain the legal obligation to process.
- d) The right to limit processing:
You can request limited processing of your data:
- if you dispute the accuracy of the data during a period that allows us to verify the accuracy of that data;
- if the data processing was unlawful, but you refuse to let it be deleted and instead request a restriction on the use of the data;
- if we no longer need the information for the intended purpose, but you still need the data to meet legal requirements or;
- if you have complained about the distribution of this information.
- e) Right to data portability:
You can ask us to provide you with the data you have entrusted to us for archiving in a structured form, in the usual machine-readable format:
- if we process this information on the basis of the consent you have given us, which you can revoke, or for the purpose of executing a contract
- if processing is performed using automated processes
- f) Right to object:
If we distribute your data for the purpose of performing tasks of public interest or tasks of public bodies, or we claim our legitimate interests in processing them, you may object to such processing of data if there is an interest in protecting your data.
- g) Right to object:
If you consider that we have violated Croatian or European data protection regulations during the processing of your data, please contact us to clarify any issues. You are entitled to lodge a complaint with the competent supervisory body, which is the Agency for Personal Data Protection, Martićeva 14, Zagreb.
Claiming rights
If you wish to exercise any of the above rights, please contact us using our contact information from this privacy policy.
When you claim your rights, we are obliged to first establish your identity. For this purpose we will request additional information to verify it. This serves to protect your rights and privacy.
If you exercise any of the above rights too often and with obvious intent to abuse, we may charge an administrative fee or refuse to process your request.
Security practices
The security of your Personal Data is extremely important to us, so we have set up appropriate physical, electronic and management procedures to protect the data we collect. However, due to the inherent open nature of the Internet, we cannot guarantee that communication between you and us, or the information stored on the Website or on our servers will be completely secure from unauthorized access by third parties. To the fullest extent permitted by applicable law, we disclaim all liability and liability for any damage you may suffer as a result of any loss, unauthorized access, misuse or alteration of any information you submit to the Website.
Changes and updates to our Privacy Policy
ANTE JURIĆ d.o.o. reserves the right to change or update this Privacy Policy at any time and without prior notice. Please check from time to time any changes or updates to our Privacy Policy, which will be posted here and will show the updated effective date on the first page of the Privacy Policy.
Contact information
If you have any questions or comments regarding the Website or Privacy Policy, you can contact us via our online form available at www.hotelhildegard.hr or via e-mail info@hotelhildegard.hr.
Controller of personal data processing
ANTE JURIĆ d.o.o.
Ulica don Petra Cara 35
21311 Podstrana
Croatia
OIB: 68700894803
E-mail: info@hotelhildegard.hr