UAB Smakų Smakas ensures that personal data is processed in a lawful, fair and transparent manner, collected only for the purposes set out and clearly defined in this policy and not processed in a way incompatible with those purposes. UAB Smakų Smakas ensures appropriate security of personal data by applying organizational and technical measures, including protection against unauthorized or unlawful processing of data and against unintentional loss, destruction or damage.

BASIC CONCEPTS

1.1. Privacy policy – these rules of personal data processing, which are at the motel reception and placed on the website https://smakas.lt.

1.2. Website – a website located at https://smakas.lt, where motel guests can reserve motel room (s) for accommodation and give consent to process personal data for the purpose of direct marketing.

1.3. Data controller – a legal or natural person who, alone or together with others, determines the purposes and means of the processing of personal data. In this Privacy Policy, the data controller is UAB Smakų Smakas, company code: 300996533, registered office address: Plento str. 13, LT-76319 Toliočiai, Šiauliai district, Lithuania. Contact details: e-mail p. motelis@smakas.lt, tel. no. +37067612667.

1.4. Data subject – a motel guest whose personal data is processed by the Data Controller in connection with the accommodation service and for the purpose of direct marketing.

1.5. Data Controller – a natural or legal person who assists the Data Controller, in accordance with the powers granted by him, to achieve the set objectives.

1.6. Personal data – data of a natural person processed by the Data Controller and according to which a motel guest can be identified, including, but not limited to: name, surname, document No., country of origin, visa No., number of people who came together.

1.7. The purpose of personal data processing is the activities of the motel (reservation of motel rooms, registration of guests, prevention of financial losses, protection against insolvent customers, invoicing).

1.8. “Processing of data” means any operation carried out on personal data: collection, recording, storage, storage, modification (addition or correction), provision, use, deletion or any other operation or set of operations.

1.9. Direct marketing is the activity of offering goods or services to individuals, offering occasional discounts and / or asking for their opinion on goods or services offered by post, telephone or other means.

1.10. Consent is a voluntary action of the Data Subject by which he or she consents to the processing of personal data.

1.11. The supervisory authority is the State Personal Data Protection Inspectorate.

GENERAL PROVISIONS

2.1. The policy sets out the main provisions for the collection, storage and processing of personal data.

2.2. The Data Subject shall be deemed to have read and read this Privacy Policy when he or she consents to the processing of his or her Personal Data.

2.3. This Privacy Policy is available at the administration of UAB Smakų Smakas and on the website https://smakas.lt and can be printed there at any time.

PROCEDURES FOR THE COLLECTION, STORAGE AND USE OF PERSONAL DATA
3.1. When reserving a room (s) in a motel, the data subject consents to the processing of the following personal data by the Data Controller for the purposes of fair administration, accommodation, accounting and security and debt management:

Name surname;
the country from which the motel guest (s) came;
Document No.;
visa No .;
amount to be paid;
life expectancy at the motel.

3.2. During the registration at the motel, the guest (s) fill in the “Guest Registration Card”, indicating the name, surname, place of residence, name and number of the identity document, dates of arrival and departure, method of payment and signature.

3.3. The guest can make a reservation by filling in the reservation form on the website https://smakas.lt or the motel’s e-mail. email motelis@smakas.lt. The reservation form must indicate: name, surname, country, address, telephone number, e-mail. mail, dates of arrival and departure. After completing and sending the reservation on the website or e-mail. email, the guest receives a booking confirmation with name, surname, arrival / departure time, type of room selected, price, other important information.

3.4. By reserving a room in a motel, the reservation agrees that his / her personal data will be entered into the database of UAB Smakų Smakas. This data will only be used for the completion of the booking procedure and for marketing purposes.

3.5. By providing personal information and data on the Guest Registration Card, the guest (s) of Motel Smakų Smakas also agrees and allows the Company to collect, use and manage this information and data for motel room reservation, guest registration, security. from insolvent customers and UAB Smakų Smakas to manage internal statistics.

3.6. The guest (s) of the Motel “Smakų Smakas” has the right to object to the Company processing personal information and data provided by him, indicating such disagreement in the “Guest Registration Card” or https://smakas.lt reservation in the NOTES. Refusal to give consent to the processing of personal information and data provided by the guest (s) of Motel Smakų Smakas will not have any legal consequences and will not be a ground for refusing to provide accommodation services to the guest (s).

3.7. The motel guest confirms that their personal data is accurate and complete. Motel Smakų Smakas strives to ensure the safe collection, transmission, processing and storage of personal information and data provided by the guest (s), but accepts no responsibility for incorrect information and data provided by the guest (s), their inaccuracies and incorrect information or data. consequences of use or damage suffered directly or indirectly as a result of the guest (s).

3.8. The personal data of registered users obtained for this purpose shall be stored for 5 (five) calendar years from the date of booking the motel guest.

3.9. The data controller provides the following data to the Department of Statistics of the Republic of Lithuania: number of guests, country from which the guest (s) came, purpose of arrival, duration of stay in the hotel. Personal data (the country from which the guest comes, the purpose of the guest’s arrival) are obliged to be provided automatically to the Department of Statistics (Law on Statistics of the Republic of Lithuania, 23 December 1999, No. VIII-1511);

3.10. By providing an e-mail address on the website, the data subject agrees that the Data Controller will process the following personal data relating to him / her for direct marketing purposes:

3.10.1. El. mail adress

3.11.Personal data obtained for the purpose of direct marketing shall be stored for 3 (three) calendar years from the date of submission of the data.

3.12. The Data Controller confirms that personal data is collected only directly from the Data Subject and is not collected from other sources.

3.12. .The controller undertakes not to disclose the processed Personal Data to third parties, except in the following cases:

3.12.1. if there is the Data Subject’s consent to the disclosure of personal data,

3.12.2. law enforcement authorities in accordance with legal requirements,

3.12.3. if it is necessary to prevent or investigate criminal offenses.

3.13. Only motel administration staff have the right to process Personal Data. Every employee who is assigned to process Personal Data must maintain the confidentiality of Personal Data and comply with the requirements of personal data protection legislation.

3.14. The Employee must: (a) maintain the confidentiality of Personal Data: (b) process Personal Data in accordance with the laws of the Republic of Lithuania, other legal acts and these Rules; (c) not to disclose, transfer or facilitate access by any means to the Personal Data to any person who is not authorized to process the Personal Data;
(d) immediately notify the Company’s manager or his / her designee of any suspicious situation that may pose a threat to the security of Personal Data.

EXERCISE OF DATA SUBJECT RIGHTS

4.1. The Data Subject grants the Data Controller the right to collect, manage, process and store personal data relating to him to the extent and for the purposes set out in this Privacy Policy.

4.2. Consent to collect, process, store personal data relating to him may be revoked by the Data Subject at any time, and personal data processed for direct marketing purposes may be revoked without any further justification by writing to the Data Controller in one of the following ways:

1) logged in to the website account;

2) In the case of direct marketing, by clicking on each email. the link in the letter (newsletter);

3) by post or by delivery directly to the address: Plento str. 13, LT-76319 Toliočiai, Šiauliai district, Lithuania

4) e-mail address: motelis@smakas.lt from the same e-mail. the email address you provided during registration.

4.3. Upon receipt of such a request by the Data Subject, the Data Controller shall immediately suspend the processing of personal data and destroy the personal data related to him.

4.4. The data controller has the right not to delete personal data from the server if he has a legitimate reason to protect them, especially when it is necessary to ensure state security and defense, public order, crime prevention, investigation, detection or prosecution, protect important economic or financial interests of the state; and the protection of freedoms.

4.5. The data subject, having duly identified himself / herself, submitted to the Data Controller an identity document or a notarised copy thereof, which will be used only for identification and will not be stored, has the right to access his / her personal data in accordance with the Director’s Order no. 11 UAB Smakų Smakas Privacy Policy by submitting a written request to the Data Controller in one of the following ways: by post or by delivery the right not to consent to the Company processing the personal information and data provided by him, indicating such disagreement in the “Guest Registration Card” or in the https://smakas.lt reservation in the NOTES. Refusal to give consent to the processing of personal information and data provided by the guest (s) of Motel Smakų Smakas will not have any legal consequences and will not be a ground for refusing to provide accommodation services to the guest (s).

3.7. The motel guest confirms that their personal data is accurate and complete. Motel Smakų Smakas strives to ensure the safe collection, transmission, processing and storage of personal information and data provided by the guest (s), but accepts no responsibility for incorrect information and data provided by the guest (s), their inaccuracies and incorrect information or data. consequences of use or damage suffered directly or indirectly as a result of the guest (s).

3.8. The personal data of registered users obtained for this purpose shall be stored for 5 (five) calendar years from the date of booking the motel guest.

3.9. The data controller provides the following data to the Department of Statistics of the Republic of Lithuania: number of guests, country from which the guest (s) came, purpose of arrival, duration of stay in the hotel. Personal data (the country from which the guest comes, the purpose of the guest’s arrival) are obliged to be provided automatically to the Department of Statistics (Law on Statistics of the Republic of Lithuania, 23 December 1999, No. VIII-1511);

3.10. By providing an e-mail address on the website, the data subject agrees that the Data Controller will process the following personal data relating to him / her for direct marketing purposes:

3.10.1. El. mail adress

3.11.Personal data obtained for the purpose of direct marketing shall be stored for 3 (three) calendar years from the date of submission of the data.

3.12. The Data Controller confirms that personal data is collected only directly from the Data Subject and is not collected from other sources.

3.12. .The controller undertakes not to disclose the processed Personal Data to third parties, except in the following cases:

3.12.1. if there is the Data Subject’s consent to the disclosure of personal data,

3.12.2. law enforcement authorities in accordance with legal requirements,

3.12.3. if it is necessary to prevent or investigate criminal offenses.

3.13. Only motel administration staff have the right to process Personal Data. Every employee who is assigned to process Personal Data must maintain the confidentiality of Personal Data and comply with the requirements of personal data protection legislation.

3.14. The Employee must: (a) maintain the confidentiality of Personal Data: (b) process Personal Data in accordance with the laws of the Republic of Lithuania, other legal acts and these Rules; (c) not to disclose, transfer or facilitate access by any means to the Personal Data to any person who is not authorized to process the Personal Data;
(d) immediately notify the Company’s manager or his / her designee of any suspicious situation that may pose a threat to the security of Personal Data.

EXERCISE OF DATA SUBJECT RIGHTS

4.1. The Data Subject grants the Data Controller the right to collect, manage, process and store personal data relating to him to the extent and for the purposes set out in this Privacy Policy.

4.2. Consent to collect, process, store personal data relating to him may be revoked by the Data Subject at any time, and personal data processed for direct marketing purposes may be revoked without any further justification by writing to the Data Controller in one of the following ways:

1) logged in to the website account;

2) In the case of direct marketing, by clicking on each email. the link in the letter (newsletter);

3) by post or by delivery directly to the address: Plento str. 13, LT-76319 Toliočiai, Šiauliai district, Lithuania

4) e-mail address: motelis@smakas.lt from the same e-mail. the email address you provided during registration.

4.3. Upon receipt of such a request by the Data Subject, the Data Controller shall immediately suspend the processing of personal data and destroy the personal data related to him.

4.4. The data controller has the right not to delete personal data from the server if he has a legitimate reason to protect them, especially when it is necessary to ensure state security and defense, public order, crime prevention, investigation, detection or prosecution, protect important economic or financial interests of the state; and the protection of freedoms.

4.5. The data subject, having duly identified himself / herself, submitted to the Data Controller an identity document or a notarised copy thereof, which will be used only for identification and will not be stored, has the right to access his / her personal data in accordance with the Director’s Order no. 11 UAB Smakų Smakas Privacy Policy by submitting a written request to the Data Controller in one of the following ways: by post or by delivery directly to Plento str. 13, LT-76319 Toliočiai, Šiauliai district, Lithuania.

4.6. If another person wishes to have access to the personal data of the Data Subject, he / she must submit a notarized power of attorney, and the data shall be provided to the lawyer only upon submission of the representation agreement and indication of the purpose of data use.

4.7. Upon receipt of the Data Subject’s request for access to the processed personal data, the Data Controller shall provide a response within 30 (thirty) calendar days from the date of receipt of the request. The answer shall indicate whether personal data are processed with the Data Subject and, if so, what and to whom they were provided during the last 1 (one) calendar year. The answer is provided free of charge.

4.8. If the Data Subject, having become acquainted with his / her personal data, determines that personal data have been collected or obtained from illegal sources, or that personal data are processed for purposes other than those for which consent was given, the Data Subject has the right to contact the Data Controller by e-mail. data processing operations and / or delete personal data relating to him. The Data Controller shall verify the request of the Data Subject and, if it finds that the request is justified, without delay, but not later than within 5 days. d., satisfies the request of the Data Subject and informs in writing about the actions taken.

4.9. In cases when the Data Subject, having acquainted himself with his personal data, finds that they are inaccurate or incomplete, he / she has duly identified himself / herself and requests to correct and / or supplement the personal data related to him / her in writing. If the controller finds that the request is justified, it shall correct or supplement the processed personal data without delay, but not later than within 5 days. d., and inform in writing about the actions taken.

4.10. The data subject has the right to request that the controller “forgets” him / her, namely to delete all data relating to him / her, if the data are not needed for the purpose for which they were collected and processed or if the data subject withdraws consent or is processed in breach of legal requirements. . The controller shall comply with such a request without undue delay, but no later than within 5 days. d. and inform the Data Subject of the action taken.

4.11. The data subject has the right to apply to the Supervisory Authority if he or she considers that his or her legitimate interests have been harmed by the processing of his or her personal data.

RISK FACTORS FOR BREACHING PERSONAL DATA PROTECTION AND THEIR SOLUTION

5.1. In order to ensure adequate protection of Personal Data, the Data Controller shall implement the following organizational and technical measures for the protection of personal data:

5.1.1. Organizational

5.1.1.1. The data controller ‘s work procedure shall be organized in such a way as to ensure secure management and (if any) transmission of computer data and / or documents and their archives.

5.1.1.2. Access to personal data of the Data Subject shall be granted only to those Employees for whom they are necessary for the performance of work functions and only to those who have signed confidentiality agreements and are acquainted with other internal procedures in the scope of personal data processing.

5.1.2. Technical

5.1.2.1. Data processors (service providers) appointed by the Data Controller shall act only with the authorization of the Data Controller.

5.1.2.2.Personal data is protected against loss, unauthorized use and alteration. The Internet connection is encrypted and the website page is run over a secure SSL protocol.

5.1.2.3.Protection of computer equipment against malicious software (eg installation, updating of antivirus programs) is ensured, and the internal computer network is protected by a firewall.

FINAL PROVISIONS

6.1. This Privacy Policy is reviewed every 2 (two) years and updated as necessary.

6.2. This Privacy Policy is effective as of 2018. December 03 and is publicly announced on the website https://smakas.lt.