Baltic Sea Dunes Apartments guesthouse
Privacy Policy
General information
UAB Pavasario Namai (hereinafter referred to as ‘We’ or ‘Data Controller) is the manager of Baltic Sea Dunes Apartmentsguesthouse located at Jūras iela 59, Jurmala, LV-2015, Latvia. In this privacy policy we define and explain how your personal data is collected and further processed while you use Baltic Sea Dunes Apartments guesthouse’s website www.balticseadunesapartments.lt (the ‘Website’). The provisions defined by this privacy policy are applied each time you wish to access our content and/or service irrespective of the device (computer, mobile phone, tablet, TV set) you use.
The Data Controller’s information:
UAB Pavasario Namai
Legal entity code: 305300410
Registered address: Vilnius District Municipality, Avižienių Municipal Unit, Avižienių vil., Plukių st. 18-3
Tel. No +370 698 34380
E-mail address: balticseadunesapartments@gmail.com
Dara about the data controller is stored and kept with VĮ Registrų Centras, Vilnius Branch.
We confirm that your data will be collected in accordance with the requirements of the existing legislation of the European Union and national legal acts as well as the instructions of the controlling authorities, that all reasonable technical and administrative measures will be applied to protect the data collected by us about the website visitors from loss, unauthorised use and/or changes. The Data Controller’s employees are committed in writing to not disclose to the third parties or disseminate the information received at the working place, including information about the website visitors.
The terms used in the privacy policy are to be understood as they are defined in General Data Protection Regulation No 2016/679 of the European Union (the ‘GDPR’).
It is very important that you read this privacy policy carefully as each time you visit this Website, you agree to the provisions described herein. If you do not agree with these provisions, please do not visit our website and do not use out content and/or services.
How do we collect information about you?
Your personal data, i.e. any information about you that enables your identification to us is received in different ways:
- you can submit information (personal data) yourself (by filling out the reservation form, contacting us),
- information about you may be collected automatically (when you visit our website),
- in some cases, we receive information about you from the third persons am (e.g. when you use external reservation systems such as www.booking.com, etc.).
- you can yourself submit your personal data directly to us. This usually happens in cases where:
- you sign in on our Website,
- you sign a service agreement or another agreement with us,
- you visit our guesthouse.
Information about you may be collected automatically. This usually happens in cases where:
- you submit inquiries via the reservation system on the Website,
- you use the Website (data s collected by using cookies or similar technologies. More information about our cookies is available below).
We also use Facebook, Google, and other third persons’ services. Information about the privacy policy of the said service providers, as well as their collected data and applied personal data protection measures is available in the privacy policies of the said service providers. More information on the operation and information on how you can disagree with the demonstration of such adverts or the use of such data is contained in the service provider’s information.
What information (personal data) about you do we process?
Although we try to collect as little information about you as possible, we collect the following information for our business purposes:
- Information which is necessary for us in order to provide services to you (submitted in agreements, registration form);
- Information which you submit when you call us,
- Information about your hobbies and specific needs,
- Information required to define your age and identity,
- Information about the device you use.
Data processing purposes and legal basis
The information submitted above is processed for the following purposes:
- Provision of accommodation and other related services,
- Your request to submit information related to the provision of services,
- Marketing purposes,
- To find out how people use our internet services to be able to improve and create new content, products and services,
- To protect our interests in court or in another institution,
- In other ways with your consent.
Your personal data is processed based on one or several bases of lawful processing:
- Performance of the contract with you (Article 6(1)(b) of the GDPR),
- Compliance with the legal obligations (Article 6(1)(c) of the GDPR),
- Our legitimate interests except where such interests are overridden by your private interests (Article 6(1)(f) of the GDPR),
- In some cases, your consent (Article 6(1)(a) of the GDPR).
The purposes for which we process your personal data with the respective legal basis and personal data processed are submitted in the table below:
Purpose |
Legal basis(-es) |
Personal data |
Provision of accommodation and other related services |
Performance of the contract with you Compliance with the legal obligations Our legitimate interests except where such interests are overridden by your private interests |
Name, surname, e-mail address, telephone number, check-in and check-out dates, number of children and their age, and other information which may be required during the provision of services, e.g. ID document information to make sure of your identity, etc. |
Your request to submit information related to the provision of services |
This information is submitted to us because we have a lawful interest to provide accurate information about our services, hotel occupancy, additional services, etc. |
In order to respond to your inquiries by telephone, e-mail or in other ways, we may ask your telephone number, e-mail address or other contact information convenient to you. |
Marketing purposes |
For this purpose, we process your personal data with the lawful interest to inform about our services, events news and other relevant information. |
Name, surname, telephone number, e-mail address. |
To find out how people use our internet services to be able to improve and create new content, products and services |
For this purpose, we process your personal data with the lawful interest to monitor the quality of the provided services, to create and improve our content, and to ensure the security of the website. |
Any information stored in cookies. |
To protect our interests in the court or in another institution |
Compliance with the legal obligations. Legitimate interest – to protect from claims and complains filed. |
Depending on the claim or complaint filed, all of your personal data possessed by us as listed in this privacy policy may be processed for this purpose. |
In cases where we are not able to base on one of the legal bases listed in the table above, we will ask for your consent before starting to process your personal data.
In cases where we process your personal data for any other purposes than those specified in this privacy policy, we will inform you about that by a separate notification.
Whom do we transfer your personal data to?
We can transfer your personal data to:
- companies that provide services at our request,
- banks/companies that help perform payment transactions,
- other business partners selected with responsibility,
- other parties in case this is required by laws or it is necessary in order to protect our lawful interests.
The following companies currently provide services at our request: IT service providers UAB Ateities Centras, payment service providers UAB Paysera LT, auditors, and AB Lietuvos Paštas. These companies have limited possibility to use your information, they cannot use this information for any other purposes than provision of services to us.
Other parties to whom our possessed information about you may be transferred in cases where this is necessary to protect our lawful interests are public authorities, institutions that supervise hotel business, pre-trial investigation officers, etc.
What countries is your personal data transferred to?
Sometimes we may need to transfer your personal data to other countries with data protection policy of lower levels. In such cases we would take reasonable measures to ensure the security of transferred personal data.
If we had to send your personal data to countries outside the European Economic Area, we would take care that one of the following security measures is applied:
- the agreement signed with the data recipient is based on the Standard Contractual Clauses approved by the European Commission,
- In case of sending data to a group of companies, the Binding Corporate Rules are applied,
- The data recipient would be based in a country which is recognised by the European Commission as a country that applies adequate data protection standards,
- Permit from the Data Protection Inspectorate.
What do we do to protect your information?
We have installed smart and adequate physical and technical measures (including, without limitation, the protection against unauthorised or unlawful processing and against accidental loss, destruction or damage) to protect information we collect for content/service provision purposes. Assess to the data is available only to the employees, service providers and authorised data processors to whom it is necessary for the performance of their job functions or the provision of services. However, you should remember that although we take adequate actions to protect your information, no website, online transaction, computer system or wireless connection is absolutely safe.
How long will we store your personal data for?
We will store your personal data for as long as necessary to achieve the set goal. Once the set goal is achieved, your personal data is deleted, except for the cases where we are bound by law to store information for tax purposes or where the data may be collected to perform a pre-trial investigation, however, in any case the period for which personal data is stored will be no longer than 10 years. At the end of this period, data will be deleted so that it cannot be restored.
Usually personal data is stored for the following periods:
Personal data |
Storage period |
Data obtained during the provision of accommodation and other related services |
10 years since the provision of the respective service |
Payment data |
10 years since the payment transaction |
Personal data used for marketing purposes |
3 years since your last visit at the guesthouse or our website |
Your rights
As the Data Subject whose data is processed in the Data Controller’s business, depending on the situation, you have the following rights:
- to know (obtain communication) of your data processing (the right to know),
- to access your data and the way it is processed (the right of access),
- to demand rectification or, in view of the personal data processing purposes, have incomplete personal data completed (the right to rectification);
- to destroy your personal data or suspend your personal data processing actions (except for storage) (the right to destroy and the right ‘to be forgotten’);
- to obtain from the Data Controller restriction of personal data processing where one of the legitimate reasons applies (the right to restriction);
- to obtain data transferring (the right to transfer);
- to file a complaint to the State Data Protection Inspectorate.
We offer you a possibility to exercise these rights in the way that is convenient to you. You can do that by calling this number +370 698 34380, e-mailing us to the following address balticseadunesapartments@gmail.com, or by following certain links on our Website.
We may refuse to offer conditions to exercise the above listed rights in the cases provided by laws where prevention of crime, breach of official and professional ethics, investigation and detection or the protection of the rights and freedoms of the data subject or of other persons must be ensured.
Your rights will be implemented after your identity is confirmed in person, by electronic signature or in case these two options are not possible, remotely by using the communication measures that are available at the moment and secure.
Your right |
Certain limitations |
To know (obtain communication) of your data processing (the right to know) |
Before the start of your personal data processing, you have the right to obtain communication of your data processing in a concise, clear and plain language. |
to access his data and the way it is processed (the right of access) |
This right means: - confirmation whether we process your personal data, - submitting the list of your processed personal data, - submitting the purposes and legal basis for your data processing, - confirmation whether we send data to third countries, if so, what safety measures we took, - submitting the source from which your personal data was obtained, - submitting the data storage period, - other information provided by Article 13 of the GDPR. Once your identity is identified, we will submit the above listed information to you provided that this will not breach other persons’ rights and freedoms. |
To demand rectification or, in view of the personal data processing purposes, have incomplete personal data completed (the right to rectification) |
Applicable in case our possessed information is incomplete or inaccurate |
to destroy your personal data (the right ‘to be forgotten’) |
Applicable in case: - our possessed information is not required to achieve the set goals, - we process data on the basis of your consent, and you withdraw your consent, - we process data on the basis of legitimate interests, and after your request, your interests are found to be overriding, - information is obtained unlawfully. |
To suspend your personal data processing actions (except for storage) |
This right may be implemented for the period while we are analysing the situation, i.e.: - if you dispute the accuracy of the information, - if you object to personal data processing performed on the basis of legitimate interests, - we are using information unlawfully but you object to it being deleted, - we do not need the information but you demand to store it because of a judicial dispute. |
to obtain from the Data Controller restriction of personal data processing where one of the legitimate reasons applies (the right to restriction) |
You may refuse to permit us to use your personal data for direct marketing purposes. |
The right to data transfer |
This right may be implemented if you submitted your data and we process it automatically on the basis of your consent or contract signed with you. |
to file a complaint to the State Data Protection Inspectorate |
Cookies
While you visit our website, we want to offer the content and functions adopted to your specific needs. For this purpose, we need cookies. These are small elements of information that are saved in your internet browser. They help the Data Controller to recognise you as the previous visitor of a specific website, to save your website visit history and to adapt the content respectively. Also, cookies help to ensure a smooth functioning of the website, allows to monitor the duration, frequency of the visit on the website and to collect statistical information about the number of website visitors. By analysing this data, we can improve our websites, make them more user friendly.
All information about the cookies used on the website, their purpose, validity, and data used is provided in the table below:
Cookie |
Description |
Creation time |
Validity |
Data used |
PHPSESSID |
Logged in user session identifier |
At the time of opening the webpage |
Until the user logs out |
Unique identifier |
ac |
Privacy policy notice |
At the time of closure of the notice |
2 years |
Unique identifier |
Google+ and Google Analytics cookies: |
||||
_ga |
The cookie collects information about the users’ behaviour on the website and is used to save statistical information. |
At the time of first opening the website |
2 years |
Unique identifier |
_gat |
The cookie collects information about the users’ behaviour on the website and is used to distinguish unique users by assigning a unique identifier to them (ID). |
At the time of opening the website |
8 hours |
Unique identifier |
And other cookies used by Google, the information about them is available here. |
When you use a browser to access our content, you can configure your browser to accept all cookies, reject all cookies or to get a notification when a cookie is sent. Each browser is different, therefore if you do not know how to change the cookies settings, check the manual menu. The operational system of your device may contain extra cookies controls. If you do not want information to be collected through cookies, use a simple procedure available in many browsers allowing you to withdraw from the use of cookies. To find out more about how to control cookies, visit the website: http://www.allaboutcookies.org/manage-cookies/.
But do not forget that that some services may be designed to function with cookies only, and if you switch them off, you will not be able to use them or their certain elements.
Besides the cookies used by the Data Controller, our websites permit certain third parties to set and access cookies in your computer. In such case the third parties’ privacy rules are applied to the use of cookies.
Contact us
If you noticed any incompliance of this privacy policy, a security gap in our Website or have questions related to your personal data processing, contact us in one of the ways convenient to you:
By mail: UAB Pavasario Namai, Vilnius District Municipality, Avižienių Municipal Unit, Avižienių vil., Plukių g. 18-3
By telephone: +370 698 34380
By e-mail: balticseadunesapartments@gmail.com
Final provisions
This privacy policy is reviewed at least once in two years. Once we update the privacy policy, we will notify you about the basic, in our opinion, changes by publishing a notification on the Internet Website. If you log in or use our content and/or services after such notification is published, we will consider it that you agree to the new requirements specified in the update.
The Privacy Policy is approved and valid since 4 June 2020.