PRIVACY POLICY
JUDITA PALACE HERITAGE HOTEL is owned by KNJIŽARA MORPURGO 1860 d.o.o., Narodni trg 4, 21000 Split, OIB 77136348445.
JUDITA PALACE HERITAGE HOTEL u vlasništvu je društva KNJIŽARA MORPURGO 1860 d.o.o., Narodni trg 4, 21000 Split, OIB 77136348445.
This notice clarifies how we collect, control and process your personal data that are collected directly from you or provided by third parties (business partners, intermediaries, agencies, other). Special measures are taken to ensure all your data are protected in safe and transparent way in accordance with Regulation EU 679/2016.
WHO PROCESSES YOUR DATA?
Controller and processor of your data is:
JUDITA PALACE HERITAGE HOTEL owned by KNJIŽARA MORPURGO 1860 d.o.o., Narodni trg 4, 21000 Split, VAT 77136348445, booking@juditapalace.com, www.juditapalace.com
Data protection office is available at booking@juditapalace.com. We process only that data that are essential for the purpose of concluding an accommodation agreement. In case you decline to provide the requested data that are essential for establishing of the above mentioned agreement, in accordance with Croatian laws and regulations, we will be obliged to cancel any further contractual agreement regarding your accommodation.
WHEN AND WHY WE COLLECT AND PROCESS DATA
We collect and process only the data that are essential for delivering products and service defined by contractual accommodation agreement, or those that are essential for personalised service during:
INQUIRY (personal, via phone, via email, via website)
During inquiries we collect and process following data:
Personal data (first and last name; date of birth);
Contact data (email adress, phone number).
RESERVATION
During reservation request, reservation modification or reservation offer, we collect following data that are required for contractual accommodation agreement:
Personal data (first and last name; date of birth);
Contact data (email address, phone number);
Payment data (credit card data held as a guarantee or mean of payments – type number, owner, expiration date, CVC).
During data collection and processing within reservation system, both manually and automatically, highest standards of safety and encryption are applied in terms of technical and organisational measures.
GUEST REGISTRATION
In accordance with Croatian laws and regulations, we are obliged to submit guest’s personal data into national information system eVisitor that keeps its record for 10 years. Without below mentioned data, we are legally obliged to decline accommodation agreement:
Personal data (first and last name; date and place of birth; citizenship; permanent address; gender; ID type and number);
Contact data (email address, phone number);
Reservation data (date and time of arrival and departure);
Payment data (credit card data held as a guarantee or mean of payments – type number, owner, expiration date, CVC);
Personal data (allergies, nutritional preferences, etc.)
NOTICES
Your email address is not necessary for delivering contractual agreement once you are registered in the object therefore you are eligible to ask us not to use it for any further informational purposes. If you receive any notices that you do not wish to receive, we will discontinue to send it upon your request.
VIDEO SURVEILLANCE
For the reason of people and inventory protection solely, video surveillance at the premises legally collects data that are kept for 3 months.
COMPLAINTS
For the purpose of submitting eligible complaints and their appropriate analysis you will need to provide following data:
Personal data (first and last name; date and place of birth; citizenship; permanent address; gender);
Contact data (email address, phone number);
Reservation data (date and time of arrival and departure);
and for the cases of financial refunds:
Payment data (credit card data held as a guarantee or mean of payments – type number, owner, expiration date, CVC).
In accordance with applicable laws and regulations, we are obliged to save all this documentation for the period of 12 months.
OTHER SOURCES
Your data might be collected from third parties (online agencies, tourist agencies, business partners, others) depending on the services and methods used for concluding contractual accommodation agreement. Data that are collected from third parties are:
Personal data (first and last name; date and place of birth; citizenship; permanent address; gender; ID type and number);
Contact data (email address, phone number);
Reservation data (date and time of arrival and departure);
Payment data (credit card data held as a guarantee or mean of payments – type number, owner, expiration date, CVC);
THIRD PARTIES
Tough all you data are stored in our databases, we are obliged to share it under following circumstances:
- For the purpose of and for the duration of concluding an accommodation agreement;
- For the purpose of and for the duration of concluding an accommodation agreement transactions;
- For the purpose of and for the duration of concluding an accommodation agreement transactions with third parties (branches, agencies, business partners) that are involved in you contractual agreement either by you or by us;
- By submitting your data to eVisitor which is our legal obligation;
- Upon receiving written requests from governmental bodies and institutions related to legal procedures (courts, law offices, notaries);
- During administrative, accounting and technical procedures related to our daily business operations and/or transactions between you and us;
- For the purpose of protecting our rights, privacy, safety and health of individual, public or inventory;
- For the purpose of business analysis and service improvements;
- For the purpose of defining adequate legal steps and solutions;
TIME PERIOD DURING WHICH YOUR DATA ARE STORED
Your personal data are stored in accordance with laws and regulations and depending on the purpose for which it is collected:
CONTRACTUAL PURPOSES
For the purpose of and for the duration of designing and concluding an accommodation agreement (directly or via third parties);
For the duration of 6 years after concluding an accommodation agreement;
For designing and implementing personalised services.
TAX AND ACCOUNTING PURPOSES
In accordance with applicable laws and regulations that impose archiving financial data for the period of 11 years.
LAWS AND REGULATIONS
In accordance with applicable laws and regulations that concern public safety, order and health.
OTHER
For the data that are not defined by any law or regulation, we archive it in active format and use it solely for the purpose it is collected for the maximum period of 24 months. Anonymous form of data might be used for statistical purposes, for the purpose of business analysis and archiving. You will be informed about time usage of this data and criteria according to which this will be saved.
DATA PROTECTION
To prevent any unauthorised data access and further processing, highest possible safety level in terms of technical, organisational and legal measures are taken during data collection and archiving. Solely necessary data are collected and we do not archive it longer than laws and regulations oblige us.
YOUR RIGHTS REGARDING PERSONAL DATA COLLECTION AND PROCESSING
At any given time, you have right to or you are entitled to:
ACCESS YOUR PERSONAL DATA
- Receive spoken and/or written notice whether any of your personal data has been collected and/or processed
- Be fully updated of all the data collected
- Be informed of the purpose of data collection
- Be informed of methods used for data collection and processing
- Be informed of time and purpose data is collected and archived
- Be informed of the individual or the department that collects, processes and archives all your data
- Receive all the data collected in written and structured format.
CORRECT, MODIFY AND SUPPLEMENT YOUR PERSONAL DATA
- Modify and update any of the data collected
- Request that all the data modified and collected are shared with third parties that have been involved in contractual accommodation agreement (agencies, tour operators, others)
“TO BE FORGOTTEN”
- Inhibit all further data collection, processing, archiving, anonymizing, and erasing in accordance with Croatian laws and regulations.
RESTRICT FURTHER DATA PROCESSING
Restrict further data collection and processing if you believe data are incorrect, if you believe they are processed in illegal and/or inadequate way, or if you have already complained to their collection and processing.
DATA PORTABILITY
Request data portability from current to another data processor if portability is technically feasible and if data format are in structural and readable format.
TO OBJECT THE DATA PROCESSING
Submit complaints to the methods applied during collection, processing and archiving your data (such as newsletters). Your official complaints can be submitted at the hotel reception or in written via regular o electronical mail.
TO SUBMIT OFFICIAL COMPLAINT
Submit official complaint to governmental bodies if you believe your data have been collected, processed, used or archives in inappropriate and/or unauthorised ways. Governmental body that will handle your complaint is available at:
Agencija za zaštitu osobnih podataka
Selska cesta 136
10 000 Zagreb
azop@azop.hr