Valid from 01.06.2019.a.
INTRODUCTION
The Privacy Policy describes the principles of personal data processing for
the Neotel OÜ Hostel (registry code: 14741071, address Uus-Sadama 21, 10120 Tallinn) and how me
process the personal data of the customers of the Hostel and other data
subjects. Please review the Privacy Policy carefully to understand how we
can process your personal data and what are your rights concerning the
processing of personal data. Should you have any questions or requests
regarding the processing of personal data, please contact us using the
contact information below.
-
DEFINATIONS
„GDPR“
Regulation (EL) 2016/679 of the of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
„personal data “
Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
„applicable law“
Applicable law of the European Union and Estonia including but not limited to the national implementing acts of GDPR.
„Customer“ or „data subject “
Natural person who is using, has used or has expressed the wish to use the services of the Hostel and whose personal data the Hostel is processing.
„Hostel“
Neotel OÜ, registry code 14741071, address Uus-Sadama 21, 10120 Tallinn .
„processing “
Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
„controller“
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. In terms of this Privacy Policy, the controller is the Hostel.
„website“
The website of the Hostel neotel.ee with any and all subdomains or any website to be taken into use by the Hostel.
„processor“
A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
-
GENERAL PROVISIONS
-
The Privacy Policy applies if the Customer uses, has used or has expressed
the wish to use the services of the Hostel or if the Customer uses the
website of the Hostel.
-
The Privacy Policy describes the general principles of personal data
processing. Additional terms for the processing of the personal data of
the Customer may be included in the agreement between the Hostel and the
Customer or in the consent provided by the Customer.
-
The Hostel shall have the right to update or change the Privacy Policy
from time to time and according to such need. Up to date and valid Privacy
Policy is available at the website of the Hostel.
-
The Privacy Policy applies if the Customer uses, has used or has expressed
the wish to use the services of the Hostel or if the Customer uses the
website of the Hostel.
-
PURPOSES AND LEGAL GROUNDS FOR PROCESSING OF DATA
-
The Hostel shall have the right to process the personal data of the
Customer for various purposes depending on the situation. The Hostel shall
process the personal data of the Customer only when having legal grounds
for processing under applicable law.
-
The Hostel shall process the personal data of the Customer in particular
based on the following purposes and legal grounds:
-
For the performance of a contract to which the data subject is party or in
order to take steps at the request of the data subject prior to entering
into a contract (legal ground: GDPR Article 6 subsection 1(b));
-
For compliance with a legal obligation to which the controller is subject,
e.g. on the basis of the Tourism Act or regarding the fulfilment of
accounting obligations in accordance with the Accounting Act (legal
ground: GDPR Article 6 subsection 1(c)).
-
According to § 24 of the Tourism Act, the Hostel shall register the
Customers on the basis of a visitor’s card, on which the following
information shall be entered:
-
the name, date of birth, citizenship and address;
-
the name, date of birth and citizenship of the spouse or a minor
accommodated together with him or her;
-
the period of provision of the accommodation services;
-
if a Customer is not a citizen of Estonia, another Member State of the
European Economic Area or Switzerland or an alien residing in Estonia on
the basis of a residence permit or right of residence, then the type and
number of the Customer’s travel document and the state which issued it.
-
the name, date of birth, citizenship and address;
-
According to § 24 of the Tourism Act, the Hostel shall register the
Customers on the basis of a visitor’s card, on which the following
information shall be entered:
-
Processing is necessary for the purposes of the legitimate interests of
the Hostel, except where such interests are overridden by the interests or
fundamental rights and freedoms of the data subject (legal ground: GDPR
Article 6 subsection 1(f)).
-
For the performance of a contract to which the data subject is party or in
order to take steps at the request of the data subject prior to entering
into a contract (legal ground: GDPR Article 6 subsection 1(b));
-
The Hostel shall have the right to process the personal data of the
Customer for various purposes depending on the situation. The Hostel shall
process the personal data of the Customer only when having legal grounds
for processing under applicable law.
-
COLLECTION OF PERSONAL DATA
-
The Hostel shall process the personal data disclosed to the Hostel by the
Customer. The Hostel does not collect personal data of the Customer from
third sources.
-
The personal data that the Hostel collects and processes includes the
following information provided by the Customer when making a reservation
for the Hostel room and staying at the Hostel:
-
name, e-mail address, phone number;
-
the time of arrival at the Hostel and the period of stay at the Hostel;
-
Hostel room type selected when making the reservation;
- information not stated above but entered on the visitor’s card in accordance with § 24 of the Tourism Act: name, date of birth, citizenship and address, the name, date of birth and citizenship of the spouse or a minor accommodated together with him or her, if a Customer is not a citizen of Estonia, another Member State of the European Economic Area or Switzerland or an alien residing in Estonia on the basis of a residence permit or right of residence, then the type and number of the Customer’s travel document and the state which issued it.
-
the data produced during the use of the services of the Hostel (e.g.
information regarding the services ordered during the stay at the Hostel
and the purchases from the mini bar).
-
name, e-mail address, phone number;
-
The Hostel shall process the personal data disclosed to the Hostel by the
Customer. The Hostel does not collect personal data of the Customer from
third sources.
-
RETENTION PERIOD FOR PERSONAL DATA
-
The Hostel does not retain personal data for a longer period of time then
necessary for the purposes for which the personal data are processed or in
accordance with the legislation in force.
-
As a general principle, the personal data produced during the provision of
services by the Hostel shall be retained for 3 years from the expiry of
the agreement with the Customer (legal ground for retention the data: §
146 subsection 1 of the General Part of the Civil Code Act).
-
The personal data relating to the performance of a contract to which the
data subject is party that the Hostel retains in accordance with the acts
regarding preserving accounting documents, shall be retained by the Hostel
for 7 years as of the end of the financial year of making the transaction
(legal ground for retention the data: § 12 of the Accounting Act).
-
Visitor’s cards shall be retained by the Hostel for two years as of the
date they were filled (legal ground for retention the data: § 24
subsection 6 of the Tourism Act).
-
For detailed information regarding retaining your personal data, please
contact us using the contact information below.
-
The Hostel does not retain personal data for a longer period of time then
necessary for the purposes for which the personal data are processed or in
accordance with the legislation in force.
-
DISCLOSURE OF PERSONAL DATA
-
The Hostel shall have the right to use authorised processors of personal
data in accordance with the applicable law.
-
The processors authorised by the Hostel include but are not limited to
providers of IT-services (e.g. server providers, developers) and the
marketing partners of the Hostel.
-
The Hostel shall be fully liable for the processors’ lawful use of the
personal data when using authorised processors.
-
The Hostel shall have the right to use authorised processors of personal
data in accordance with the applicable law.
-
SECURITY OF PERSONAL DATA
-
The Hostel shall ensure the safety of processing personal data with the
purpose to protect personal data from any unintended or unauthorised use,
public disclosure or destruction.
-
Considering the developments in science and technology and the cost of
implementation and the nature, scope, context and the purposes for
processing personal data as well as various threats to the rights and
freedoms of the natural persons arising from processing personal data, the
Hostel shall take technical and organizational measures to ensure the
security of personal data.
-
The Hostel shall ensure the safety of processing personal data with the
purpose to protect personal data from any unintended or unauthorised use,
public disclosure or destruction.
-
SECURITY CAMERAS
-
The Hostel uses security cameras on its premises with the purpose to
protect persons and property.
-
When a security camera is used, a corresponding sign stating the use of a
security camera is placed to the area of surveillance. The security
cameras are used only at the common areas of the Hostel. No security
cameras are placed to the Hostel rooms, bathrooms, shower rooms or any
other areas where the Customers may assume complete privacy.
-
The Hostel shall not transmit the recordings of the security cameras to
third parties except if necessary for inquiries of offences or other
incidents pursued by authorised persons, e.g. in case of theft the Hostel
may transmit the recordings to the Police and Border Guard Board (
Politsei- ja Piirivalveamet
).
-
The Hostel retains the recordings of the security cameras for 2 months
from making the recording, except if during that period an inquiry of
offence or other incident is initiated for which retaining the recording
for a longer period is necessary.
-
The Hostel uses security cameras on its premises with the purpose to
protect persons and property.
-
COOKIES
-
The Hostel uses cookies on its website.
-
Cookies are small text-files containing information placed to the
Customer’s computer and that are used to monitor or detect the Customer.
-
The Hostel uses cookies by the following tools on its website:
-
Google Analytics analytical tool provided by Google, Inc, address 1600
Amphitheatre Parkway, Mountain View, CA 94043, United States of America,
that helps the owners of the websites to understand how the users use
their assets. The main cookie that the Google Analytics uses is „__ga”.
Detailed description about the cookies used by Google is included in the
terms of Google available at:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
-
Google Analytics analytical tool provided by Google, Inc, address 1600
Amphitheatre Parkway, Mountain View, CA 94043, United States of America,
that helps the owners of the websites to understand how the users use
their assets. The main cookie that the Google Analytics uses is „__ga”.
Detailed description about the cookies used by Google is included in the
terms of Google available at:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
-
The Customer shall have the right to disable the use of cookies at any
time by changing the settings of its web browser. By doing so the Customer
has to acknowledge that all functions of the website may not function
properly. Disabling cookies is possible following the „help“ function of
the web browser.
-
More information about the cookies and their functioning and disabling is
available at the website www.allaboutcookies.org.
-
The Hostel uses cookies on its website.
-
RIGHTS OF THE CUSTOMER
-
The Customer shall have all rights arising from applicable legal acts
regarding processing his or her personal data. Such rights include but are
not limited to:
-
Right of access by the data subject: The Customer shall have the right to
obtain from the Hostel confirmation as to whether or not personal data
concerning him or her are being processed, and, where that is the case
obtain information regarding what personal information is being processed;
-
Right to rectification: The Customer shall have the right to obtain from
the Hostel the rectification of inaccurate or insufficient personal data
concerning him or her;
-
Right to object: The Customer shall have the right to object at any time
to processing of personal data concerning him or her;
-
Right to erasure: The Customer shall have the right to apply for the
erasure of personal data concerning him or her e.g. if the data subject
withdraws consent on which the processing is based;
-
Right to restriction of processing: The Customer shall have the right to
obtain from the controller restriction of processing e.g. where the Hostel
no longer needs the personal data for the purposes of the processing or
the data subject has objected to processing;
-
Right to withdraw his or her consent for personal data processing: in case
the processing of personal data is based on the Customers consent (e.g. in
case of direct marketing), then the Customer shall have the right to
withdraw his or her consent provided for the Hostel at any time;
-
Right to data portability: The Customer shall have the right to receive
the personal data concerning him or her, which he or she has provided to
the Hostel, in a structured, commonly used and machine-readable format and
have the right to transmit those data to another controller if this is
possible;
-
Right to file a claim: In case the Customer finds that his or her rights
have been violated by the Hostel regarding processing his or her personal
data, the Customer shall have the right to file a claim to Estonian Data
Protection Inspectorate (
Andmekaitse Inspektsioon
) or court.
-
Right of access by the data subject: The Customer shall have the right to
obtain from the Hostel confirmation as to whether or not personal data
concerning him or her are being processed, and, where that is the case
obtain information regarding what personal information is being processed;
-
The rights stated in this Section regarding processing of personal data
are not absolute rights. In certain cases, the rights of other data
subjects or the Hostel may limit the rights of the Customer.
-
The Customer shall have all rights arising from applicable legal acts
regarding processing his or her personal data. Such rights include but are
not limited to:
-
CONTACT INFORMATION
In case of any questions or requests regarding the processing of personal data, please contact us using the contact information below:
Business name: Neotel OÜ
Address: Uus-Sadama 21, 10120 Tallinn
Telephone: +3725156543
E-mail address: info@neotel.ee