Controller: SIA “JANNE”
Reg. No. 40103249002
Legal Address: Vīksnes iela 19-5a, Rīga, LV-1069
Address: Pilsoņu iela 18-1a, Rīga, LV - 1002
Telephone: +371 269 888 69
The purpose and legal grounds for processing of personal data:
- For supplying Hotel services, we obtain the following data: Forename, surname, personal identification number or birth data, citizenship (state affiliation); Telephone number; Email address; Credit card number, Identification document (passport or ID card) data. Legal grounds: Article 6, Clause 1, sub-clause f) of the Regulation (legitimate interests) and Article 6, Clause 1, sub-clause c) (legal obligation to identify the client), Section 11, Paragraph seven of the Tourism Law.
- For Prevention or detection of offences regarding property protection and provision of vital interests of persons including protection of life and health, safety, order and performance of obligation, we obtain the following data: video image of a person. Legal grounds: Article 9, Clause 1, sub-clause f) of the Regulation (legitimate interests).
Data subjects’ data may be accessed by:
- Employees of the Controller in the extent necessary to perform their duties.
- The data subject regarding their personal data.
- Law enforcement agencies as well as public and local authorities in the cases stipulated by laws and regulations.
- Processors of personal data according to the service supplied in compliance with the processor’s obligations stipulated in the Regulation, including regarding confidentiality.
Duration of data storage
- Duration of storage of the data processed according to the laws and regulations shall be stipulated in compliance with the laws and regulations on the duration of document storage.
- The data processed by the Controller based on consent from the data subject shall be stored according to the purpose of processing, or until the consent of the data subject is revoked, or until the data subject requests the deletion thereof.
- The data processed based on the Controller’s legitimate interests shall be stored in line with the purpose of processing, as well as for the period laid down for the Controller to pursue their legitimate interests (e.g. file a claim or take legal action) according to the laws and regulations.
- Video recordings shall be stored for 30 days.
The Controller shall ensure that personal data of the data subject is processed according to the following principles:
- Legitimate and honest processing of personal data;
- Processing of data only for appropriate purposes explained to the data subject;
- Minimising of data (processing only to the extent necessary);
- Data accuracy;
- Storage of data no longer than necessary for the purpose of processing;
- Safety and confidentiality of data.
Rights of the data subject
The data subject shall be entitled to receive information on their personal data stored in the Controller’s information systems, and shall have the right to request that inaccurate data is corrected, the processing of the same is discontinued or the data is destroyed should it be incomplete, outdated, processed illegally or no longer necessary for the purpose of collection.
Such a request shall be drawn up in writing and submitted to SIA Janne at Pilsoņu iela 18, 1-a, Riga, LV-1002, or signed electronically with a secure electronic signature and emailed to: email@example.com. SIA Janne shall respond to the request, no later than within 30 days.
However, personal data, the storage of which is stipulated by laws and regulations (accounting, invoices issued, contracts concluded, etc.) may be deleted only according to the laws and regulations.
It shall not be mandatory to supply the information requested by the Controller, however, it shall be a prerequisite for receipt of the services supplied by the Controller.
The Controller shall, based on the personal data supplied by the data subject, not perform automated decision-making.
In the event that the data subject finds the Controller’s actions unlawful, the data subject shall have the right to file a complaint with the supervisory body, which in the Republic of Latvia is currently the Data State Inspectorate at Blaumana iela 11/13, Riga, LV-1011.
Personal data of the data subject shall not be transferred outside of the European Union or the European Economic Area, to third countries or international organizations.
The right to revoke the consent of the data subject
If processing of data of the data subject has started and is being performed based on the consent of the data subject, the data subject shall have the right to revoke the same at any time.
The revocation of the consent shall not affect the processing of data performed at the time when the consent of the data subject was still effective.
If the data subject revokes their consent, the processing of personal data of the same shall not be discontinued, should it be performed based on other legal grounds.
Cookies are small text files that are placed on your computer or mobile device by the websites you visit. Cookies help the site remember the settings (e.g. language, images uploaded, display settings, etc.) you have selected to browse the site to avoid adjusting and loading them every time you visit the same site.
The cookies are used to:
- Remember your display settings (e.g. language, font size, etc.);
- Collect statistical data (e.g. how you got here, the number of visitors, time spent, etc.) for the purpose of improving and optimizing our website;
- Ensure that ads customized to your needs are displayed on other websites.
Types of cookies:
- Functional cookies (first-party cookies) are essential for the site to function and remember you every time you perform a new action, for instance, language settings, text entered so that when you open the site again it could load the conversation faster than the first time you browsed it.
Cookies shall be saved on your device temporarily, or until you delete them manually.
Information related to cookies shall not be used to identify you. These cookies shall be used solely for the purpose stipulated in this Policy.
The Controller shall perform video surveillance and process personal data when the data subject visits the Controller’s service supply location for the purpose of your personal safety and that of our employees, clients and property. Upon expiry of the period of storage of video surveillance recordings, the Controller shall ensure the complete deletion of data, unless the data has been requested before or any offences or other safety breaches have been found. In the event that the data has already been requested by the competent public or local authorities or if safety breaches have been found, the data shall be stored until the respective aim is achieved.
The Controller recommends that the data subject visits this section of the site regularly to find out the latest information.