When you join the Hedon Fan Club, we process the following personal data:

Similar documents
PRIVACY POLICY. 1. Introduction

Privacy Policy Hafliger Films SpA

Beam Suntory Privacy Policy WEBSITE PRIVACY NOTICE

Wesley House data protection statement and privacy notice (short-course delegates)

Data processing policy

WE ARE COMMITTED TO PROTECTING YOUR PERSONAL DATA

DISCLOSURE ON THE PROCESSING OF PERSONAL DATA LAST REVISION DATE: 25 MAY 2018

Privacy Policy. Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data

The Park Hotel Privacy Statement

Name: Aho Terhi Title: ecommerce Manager. Phone: terhi.aho(at)finavia.fi Name: Närvänen Carita Title: Development Manager

PERSONAL DATA POLICY Westpack A/S

Information memorandum. SUNČANI HVAR d.d.

BELLISSIMA BEAUTY SALON PRIVACY NOTICE

NOTICE OF PERSONAL DATA PROCESSING

1 About GfK and the Survey What are personal data? Use of personal data How we share personal data... 3

PRIVACY POLICY. We are committed to protect your personal data, while you visit our Website (hereinafter called the Website ).

Islam21c.com Data Protection and Privacy Policy

EU Data Protection Agreement

Online Ad-hoc Privacy Notice

Data Protection and Privacy Policy PORTOBAY GROUP Version I

TEGEMA PRIVACY STATEMENT

Privacy Policy. Information about us. What personal data do we collect and how do we use it?

PRIVACY POLICY PRIVACY POLICY

DEPARTMENT OF JUSTICE AND EQUALITY. Data Protection Policy

UWTSD Group Data Protection Policy

Within the meanings of applicable data protection law (in particular EU Regulation 2016/679, the GDPR ):

Data Processing Policy

Fritztile is a brand of The Stonhard Group THE STONHARD GROUP Privacy Notice The Stonhard Group" Notice Whose Personal Data do we collect?

PRIVACY POLICY. What personal data we collect and why we collect it IN ORDER TO: (Date of last update: 1 st January 2019)

INFORMATIVE NOTICE ON PERSONAL DATA PROCESSING

PRIVACY POLICY FOR WEB AND ONLINE TRADING PLATFORM

What options NETIM offers, including those related to gaining of access to and updating of information.

General website Privacy

Contract Services Europe

the processing of personal data relating to him or her.

A Homeopath Registered Homeopath

Privacy Statement for Use of the Certification Service of Swisscom (sales name: "All-in Signing Service")

We collect the information listed below as a consequence of our business activities.

PS Mailing Services Ltd Data Protection Policy May 2018

CD STRENGTH LLC. A MASSACHUSETTS, USA BASED COMPANY

Website Privacy Statement

Data Processing Agreement

Privacy Policy Közbeszerzés Figyelő Ltd.

DISCLOSURE PURSUANT TO ART. 13 EU REGULATION No. 2016/679 (GDPR) Customers and prospects

- GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union;

Bend Mailing Services, LLC, dba BMS Technologies ( us, we, or our ) operates the website (the Service ).

Privacy Policy. MIPS Website Privacy Policy. Document Information. Contact Details. Version 1.0 Version date March 2018.

Jefferies EMEA Privacy Notice

TaxiMe Privacy Policy for Passengers

Data Protection Policy - Sustainable Hackney

Privacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria

DATA PROCESSING AGREEMENT

CNH Industrial Privacy Policy. This Privacy Policy relates to our use of any personal information you provide to us.

PRIVACY POLICY GUESTS WEB OR CONTACTS. The Privacy Policy is part of that govern this Website.

Privacy Policy. Effective date: 21 May 2018

INTEGRAL PRIVACY NOTICE

1 Page. Website Privacy Policy

This Privacy Statement applies to data processing carried out by:

Data subject ( Customer or Data subject ): individual to whom personal data relates.

Privacy Policy. In this data protection declaration, we use, inter alia, the following terms:

Kährs Group s Privacy Policy

This Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).

I. Name and Address of the Controller

POLICY. Art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

PRIVACY POLICY CORPORATE CUSTOMER

Privacy Policy. Company registry number: Budapest, Gönczy Pál utca em. Homepage: contact: Phone:

Emergency Nurses Association Privacy Policy

BIOEVENTS PRIVACY POLICY

PRIVACY POLICY OF HOTEL RADISSON BLU SOBIESKI WARSZAWA

LEGAL INFORMATION & PRIVACY STATEMENT Version: 17 May 2018

The data controller is MKCM Software, LLC, contact

Identity of the controller: CHARVAT CTS a.s., ID No.: , with the registered office at Okrinek 53, Podebrady, Czech Republic, Postcode

Privacy Policy CARGOWAYS Logistik & Transport GmbH

Data Processor Agreement

PRIVACY NOTICE STORM RECRUITMENT UNIT 11, 2 ND FLOOR CHARLESLAND CENTRE, GREYSTONES, CO. WICKLOW 1. INTRODUCTION

INFORMATION NOTE ON DATA PROCESSING

Element Finance Solutions Ltd Data Protection Policy

EU Data Protection Agreement

Depending on the Services or information you request from us, we may ask you to provide the following personal information:

GDPR Privacy Policy. The data protection policy of AlphaMed Press is based on the terms found in the GDPR.

Privacy Notice for Business Partners

I domobile PRIVACY POLICY Version The privacy of all of our Users is very important to us. When you, as an App-user, use the Service

DATA PROTECTION POLICY THE HOLST GROUP

You have consented to the processing for the specific purposes described in this notice;

POLICY. Art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

Privacy Policy. Last updated on 31 May 2018

Part B of this Policy sets out the rights that all individuals have in relation to the collection and use of your personal information

Privacy and Cookies Policy EH Hotel 2018 Ltd

HOW WE USE YOUR INFORMATION

Privacy Policy Statement Last update 25 th May 2018.

Data Privacy Notice. Madsen Advisory Limited ("Madsen") is committed to protecting and respecting your privacy.

Creative Funding Solutions Limited Data Protection Policy

INFORMATION MEMORANDUM ON DATA PROCESSING

Privacy Policy V2.0.1

PRIVACY POLICY FOR THE LIDC 2018 INTERNATIONAL CONGRESS

Privacy Policy Identity Games

Data Processing Agreement

You will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to

Data Protection Policy

Transcription:

TERMS AND CONDITIONS OF PROCESSING PERSONAL DATA The controller of personal data is Supeluse Hotell OÜ (hereinafter Hedon Spa&Hotel) (registry code 12457242), located at Ranna puiestee 1, 80010 Pärnu, Estonia, phone +372 44 99 000, e- mail info@hedonspa.com. Hedon Spa&Hotel processes personal data for the purpose of providing accommodation and spa services. Personal data are processed both electronically (e.g. online booking, accommodation service registration data, e-gift card, Hedon Fan Club loyalty programme, and on paper (e.g. guest cards). Below, we explain how Hedon Spa&Hotel processes the personal data of customers. What kind of personal data we process When you use the services of Hedon Spa&Hotel, we process the following personal data: date of birth; address; phone number; email address; citizenship; name, date of birth and citizenship of the companion and children accommodated with you; document number (in the case of citizens of countries outside the European Union); date of provision of accommodation services; data related to payments; your comments (if you use additional services). When you subscribe to the Hedon Spa&Hotel newsletter, we process the following personal data: email address. When you join the Hedon Fan Club, we process the following personal data: email address; date of birth; address;

history of using the services of Hedon Spa&Hotel. When you buy a Hedon Spa&Hotel e-gift card, we process the following personal data: name of the buyer; email address of the buyer; phone number of the buyer. Why we process personal data Personal data is used for the provision and management of bookings and services. We process personal data for the purpose of providing accommodation services, spa services and other services (see https://www.hedonspa.com/). The aim of processing accommodation service registration data (first name, surname, date of birth, address, citizenship, name, date of birth and citizenship of companions and children accommodated with you, date of provision of accommodation services) is to comply with the Tourism Act. We use personal data for preparing invoices and managing payments. Name and e-mail address are used to notify customers of new and interesting offers from Hedon Spa&Hotel and its cooperation partners. When you join the Hedon Fan Club loyalty programme, we use personal data to generate personal offers and send invitations to you and to inform you of new services. When you buy a Hedon Spa&Hotel e-gift card, we process personal data for delivering the e-gift card. Legal basis Upon providing Hedon Spa&Hotel accommodation services, we process your name, date of birth, citizenship and address, the name, date of birth and citizenship of the companion and children accommodated with you, and the date of provision of accommodation services for the purpose of fulfilling the contract and the obligations deriving from law. We use the phone number and e-mail address to notify you of booking confirmations and changes in services. The comments you have added inform us of when you would like to use certain services. When you wish to receive Hedon Spa&Hotel newsletters, data is processed with your consent.

In the Hedon Fan Club loyalty programme, we process your name, e-mail address, date of birth, address and service usage history on the basis of your consent. When you purchase a Hedon Spa&Hotel e-gift card, we process your name, e-mail address and phone number for the fulfilment of the contract. Personal data may also be processed on the basis of legitimate interest and obligations arising from law (e.g. accounting, administration of payments and settlement of consumer complaints). Receiver to whom we forward personal data Personal data is forwarded to Hedon Spa&Hotel Customer Support for managing services and resolving customer problems. Data related to payments is processed by the accountants of Hedon Spa&Hotel. The data of Hedon Spa&Hotel e-gift cards are processed by the employees of the Accounting Department of Hedon Spa&Hotel. The data of the Hedon Fan Club loyalty programme is processed by the employees of the Marketing Department of Hedon Spa&Hotel. Personal data may be forwarded to providers of IT services to ensure the functionality of the Hedon Spa&Hotel website, booking system, direct marketing, advertising services and data hosting. Due to the requirements of the Tourism Act, the registration data of users of accommodation services may be forwarded to the Police and Border Guard Board. Security and access to data We use various software solutions to process personal data (customer management, registration data, service usage history, bookings, statistics, analysis and direct marketing), in the case of which we make sure such solutions meet data processing requirements. Hedon Spa&Hotel has concluded data processing agreements with processors, which ensure an equivalent level of data protection as specified in these terms and conditions. Personal data is stored in servers located in the territory of European Union Member States or countries that have joined the European Economic Area. Data may be transmitted to countries the data protection level of which has been assessed as adequate

by the European Commission, and to US companies who have joined the Privacy Shield data protection framework. If personal data is transmitted in hard copy (e.g. guest cards, joining the Hedon Fan Club loyalty programme), we store the hard copies in a closed archive. Access to personal data is granted to Hedon Spa&Hotel employees who can access personal data in order to resolve technical issues related to the use of Hedon Spa&Hotel services and provide customer support services. Hedon Spa&Hotel applies appropriate physical, organisational and information technology based security measures in order to protect personal data from accidental or unlawful destruction, loss, alteration or unauthorised access and disclosure. Access to and rectification of personal data You can have access to and rectify personal data by contacting Hedon Spa&Hotel Customer Support. Withdrawal of consent If personal data is processed on the basis of consent (the Hedon Fan Club loyalty programme and newsletter), you have the right to withdraw your consent at any time by notifying Hedon Spa&Hotel Customer Support of this by email. Storage Personal data, which is used for the provision and management of bookings and services, is stored for three years. Accommodation service registration data (first name, surname, date of birth, address, citizenship, name, date of birth and citizenship of companions and children accommodated with you, document numbers, date of provision of accommodation services) are stored for two years. In the case of payment disputes and consumer disputes, personal data is stored until the fulfilment or expiry of the claim. If a person grants their consent to their data being stored for the loyalty programme, the data shall be stored until the person joins the loyalty programme, and then the personal data shall be transferred to the loyalty programme. The personal data under the Hedon Fan Club loyalty programme (including the history of usage of Hedon Spa&Hotel services) is stored until the end of the programme or withdrawal of the consent.

Personal data necessary for accounting is stored for seven years. If personal data is transmitted in hard copy (e.g. guest cards, joining the Hedon Fan Club loyalty programme), we destroy the hard copies after the end of the storage term. Erasure In order to have your personal data erased, you need to contact Hedon Spa&Hotel Customer Support. Customer Support will verify your identity and inform you of the erasure of personal data. Portability In order to have your personal data transmitted from one system to another, you need to contact Hedon Spa&Hotel Customer Support. Customer Support will verify your identity and inform you of the transmission of personal data. We shall respond to data portability requests no later than within one month. Direct marketing Email address and phone number are used for sending direct marketing messages, if you have given the relevant consent. If you do not wish to receive direct marketing messages, you should select the relevant link at the bottom of the e-mail or contact Customer Support. With regard to the processing of Hedon Fan Club personal data (profiling), you have the right to file objections at any time by notifying Customer Support of this by e-mail. Settlement of disputes Disputes related to the processing of personal data are resolved via Hedon SPA & Hotel Customer Support at info@hedonspa.com. The supervisory authority is the Estonian Data Protection Inspectorate (info@aki.ee).

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback