top of page

PRIVACY AND COOKIES POLICY

Last updated on 05/25/2018.

Familiarize yourself with the privacy and cookie policy of the vandines.lt website. For what purpose is data collected about you, where and for how long is it stored, and what is it used for.

SECTION 1. GENERAL PROVISIONS

1. This privacy policy (hereinafter - the Policy) is governed by K. Geco's trading company, operating at Birutės al. 60, Palanga, and whose company code is 152621575 (hereinafter - the Data Controller), the principles and procedure of personal data processing and the operating conditions of the website http://www.vandenis.lt/ (hereinafter - the Website) managed by the Data Controller.

2. This Policy is intended for persons who visit the Company's website http://www.vandenis.lt/, use the information on the website and the services provided on it.

3. Any natural person whose personal data is processed by K. Geco's trading company is considered a data subject in this Policy.

4. By using the services, continuing to browse the website, the Visitor (user of the website) confirms that he has familiarized himself with this Policy, understands its provisions and agrees to comply with them.

5. The data controller ensures that, when adopting and implementing this Policy, it seeks to implement the following fundamental principles related to the processing of personal data:

  • Personal data are processed in a legal, fair and transparent manner in relation to the data subject (principle of legality, fairness and transparency);

  • Personal data is collected for established, clearly defined and legitimate purposes and is not further processed in a manner incompatible with those purposes;

  • Further processing of personal data for archiving purposes in the public interest or for statistical purposes is not considered incompatible with the original purposes (principle of purpose limitation);

  • Personal data are adequate, appropriate and only necessary to achieve the purposes for which they are processed (principle of reducing the amount of data);

  • Efforts are made to ensure that personal data are accurate and, if necessary, updated within a reasonable period of time after the fact of change;

  • All reasonable measures are taken to ensure that personal data that are not accurate, taking into account the purposes of their processing, are immediately deleted or corrected within a reasonable period of time (principle of accuracy);

  • Personal data is kept in such a form that the identity of the Data subjects can be determined no longer than is necessary for the purposes for which the personal data is processed;

  • Personal data can be stored for longer periods if the personal data will be processed only for archiving purposes, in the interest of the public interest or for statistical purposes, after implementing the relevant technical and organizational measures necessary to protect the rights and freedoms of the Data Subject (principle of limitation of storage duration);

  • Personal data, taking into account the general nature of personal data processed by the Data Controller, is processed in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against the processing of personal data without permission or illegal processing of personal data and against accidental loss and destruction or damage (principle of integrity and confidentiality);

  • The data controller is responsible for ensuring that the above principles are followed and must be able to demonstrate that they are followed (principle of accountability).

6. This Policy is drawn up in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons in the processing of personal data and on the free movement of such data and which repeals Directive 95/46/EC (hereinafter - GDPR), personal data laws of the Republic of Lithuania protection law (hereinafter - ADTAĮ), other legal acts of the European Union and the Republic of Lithuania. Terms used in the policy are understood as they are defined in GDPR and GDPR.

The name of the cookie

Function

Expiry date

The species

XSRF-TOKEN

hs

svSession

SSR-caching

_wixCIDX

_wix_browser_sess

consent-policy

smSession

TS*

bSession

fedops.logger.sessionId

wixLanguage

Used for security purposes

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Necessary

Functional

Until the end of the session

Until the end of the session

2 years

1 minute

3 months

Until the end of the session

12 months

Until the end of the session

Until the end of the session

30 minutes

12 months

12 months

Used for security purposes

Used during user login

Used to indicate the system from which the site was rendered

Used for system monitoring/debugging

Used for system monitoring/debugging

Used for cookie banner settings

Used to identify logged in members of the site

Used for security and anti-fraud purposes

Used to measure system efficiency

Used to measure stability/performance

Used on multilingual websites to save the user's language preferences

Functional cookies allow the website to remember your choices, settings that depend on how and what you see on the website, for example, which language version of the website to show you, etc. They also allow you to display personalized information. If you disable these cookies, some features of the website may not work.

Statistical cookies are used to analyze website traffic statistics. They allow us to count visits and traffic sources so that we can measure the effectiveness of the website and improve it to make it as useful and convenient as possible for visitors. They help us to find out which pages are the most or least visited, to find out how visitors move through the pages of the website. All information collected by these cookies is anonymous, as only general indicators of all visitors are stored.

The name of the cookie

Function

Expiry date

The cookie is not saved if you do not agree

_dc_gtm_UA-#

_ga

_gat

_guid

collect

__utma

__utmb

__utmz

__utmc

__utmt

Stores the number of service requests.

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

24 hours

24 months

24 hours

24 hours

Until the end of the session

2 years

30 minutes

Half of year

Valid until the browser is closed

Valid until the browser is closed

Registers a unique ID for a visiting session. This allows the collection of data on the behavior of visitors to the website for statistical purposes.

Used to speed up Google Analytics queries.

Registers a unique ID for a visiting session. This allows the collection of data on the behavior of visitors to the website for statistical purposes.

Part of the Google Analytics statistics system, stores data about the visitor's device and behavior. Tracks the visitor across various devices and marketing channels.

Part of the Google Analytics statistics system, stores information about the parts of the website visited by the visitor, the number of times the website is visited, the duration of the visit, browser information, etc.

Advertising cookies are set by third parties such as YouTube.com. They track your behavior with the content they provide, such as watching videos. If you disable these cookies, you will not be able to view the content provided by them on the website, such as YouTube.com videos. The cookie provider can use these cookies to track your interests and select similar content for you on other websites.

The name of the cookie

Function

Expiry date

The cookie is not saved if you do not agree

_fbp

Fr

tr

Helps to select and offer targeted advertising to the user. A randomly generated identification number is used.

Yes

Yes

Yes

3 months

3 months

Until the end of the session

Helps to show the most accurate advertisement to the user. A unique ID is used.

Facebook uses a cookie for advertising purposes, which aims to optimize the display of ads based on the user's movements and the various offers of ad providers when displaying users' ads.

13. The cookies used on the website do not allow identification of the user of the website. Visits to the website are registered anonymously, identifying the personal computer, mobile phone or tablet and the IP address, and such collected information is not provided to third parties, except in cases provided for by law. In cases where Google and Facebook cookies are used, the data is transferred to the United States of America, which, by the decision of the European Union Commission, is not recognized as a country that ensures an adequate level of personal data protection. Currently, we base such a transfer on the standard data protection conditions approved by the European Commission (Article 46 d.2 c. of the General Data Protection Regulation), which you can familiarize yourself with here: https://support.google.com/publisherpolicies/answer/10437486? hl=en-GB ; https://www.facebook.com/help/566994660333381 .

14. When opening the website and clicking "I agree" in the pop-up window, you agree to save the cookies you have chosen on your computer, mobile phone or tablet. By clicking "Disagree with all", you consent to the storage of all statistical and advertising cookies without a separate choice.

15. You have the right to withdraw your consent at any time after visiting the website and selecting "I agree", "Accept all" in the pop-up window about the use of cookies. Most browsers allow you to control cookies by changing user options in their settings. If you wish to withdraw your consent to the use of cookies, you can set your browser to reject all cookies or to warn you when a cookie is received. If you want to remove cookies from your device, different web browsers have help pages with information on how to delete cookies. When using multiple browsers, remember to remove cookies from all of them. Additional information on how to change the settings of cookie options in the most commonly used browsers can be found here:

Internet Explorer - https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Mozilla Firefox - https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies
Google Chrome - https://support.google.com/chrome/answer/95647?hl=en Safari - https://support.apple.com/et-ee/guide/safari/sfri11471/mac
iOS - https://support.apple.com/en-us/HT201265

Please note that by opting out of cookies, you may not be able to access certain areas or features of our website.

16. Personal data collected by cookies are processed in accordance with the Law on the Legal Protection of Personal Data of the Republic of Lithuania, the Law on Electronic Communications of the Republic of Lithuania, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons in the processing of personal data and on the free movement of such data and which repeals the Directive 95/46/EC, as well as the provisions of other legal acts regulating the protection of personal data.

17. In accordance with the requirements of legal acts, security measures are applied on the website to prevent the illegal disclosure of Personal Data and their illegal use.

SECTION 3. ON WHAT BASIS DO WE PROCESS YOUR DATA?

18. K. Geco trading company collects and processes personal data in accordance with the legal acts of the EU and the Republic of Lithuania regulating the protection of personal data.
The company processes website personal data on the following basis:

19. On the basis of consent, which is expressed by your active actions, that is, contacting us and submitting personal data, or other active actions;

20. For the implementation of our legitimate interests (for example, administering the website and ensuring its proper functioning);

21. Carrying out video surveillance in the Hotel and its territory and ensuring the safety of property and persons;

22. In order to fulfill the obligations imposed on us by law.

23. The company strives for personal data to be processed accurately, honestly and legally, to be processed only for the purposes for which it was collected, to be processed in accordance with the clear and transparent principles and requirements of personal data processing established in legal acts.

© 2024 K. Geco trading company "Vandenis". Solution wowmoon.

Vandenis logo

Our doors and hearts are open - we welcome everyone.

Newsletter

Birutes al. 47, 00135 Palanga, Lithuania

You will find us

+370 613 55551

Restaurant

Music club

+370 620 33998

SECTION 2. INFORMATION ABOUT USED COOKIES

7. The data manager uses cookies on the website in order to be able to distinguish some users of the website from others. With the help of cookies, the Data Controller aims to ensure a more pleasant experience for people browsing the website and to improve the website itself.

8. Cookies are small text files that are stored in a Person's browser or device (PC, mobile phone or tablet).

9. We use the website analysis service Google Analytics, which allows us to record and analyze statistical data on the use of the website. You can learn more about Google Analytics and the information that these tools allow to collect here - https://support.google.com/analytics/answer/6004245?hl=lt .

10. Facebook cookies are used on this website, more information about Facebook cookies can be found at https://www.facebook.com/policies/cookies .

11. If you prefer that Google Analytics tools do not record information about your internet browsing, you can use the Google Analytics opt-out browser plugin.

12. The website http://www.vandenis.lt/ uses the following cookies:

Necessary cookies are required for the website to function and for you to use at least its minimum functions: to browse it, to agree or disagree with the use of cookies. These cookies cannot be disabled.

SECTION 4. PROCESSING OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES

24. The company processes your personal data for the purpose of direct marketing after receiving your express consent for such data processing, for example: when you subscribe to our newsletters, etc. (the basis of data processing is your freely expressed consent to data processing);

25. For the purpose of direct marketing, we may process your name, e-mail address, phone number.

26. Your personal data may be processed for the purpose of direct marketing in the following ways:

  1. You can receive a newsletter with our offers, promotions and news by email;

  2. You can receive invitations to events, offers and similar information by email.

  3. You can unsubscribe from our newsletters at any time. You can do this by clicking on the dedicated link at the bottom of our newsletters.

27. We also use the services of Facebook, Google, and other online advertising providers. You can read about the privacy policies of these service providers, the data collected and the personal data protection measures applied in the privacy policies of the aforementioned service providers. More information about how it works, as well as information about how you can object to the display of such advertisements or such use of data, can be found in the information provided by the aforementioned service providers:

https://lt-lt.facebook.com/policies/ads# ; https://policies.google.com/technologies/ads .

SECTION 5. PROCESSING OF PERSONAL DATA DURING VIDEO SURVEILLANCE

28. In order to ensure the protection of property, health and life of the Restaurant, our guests, employees and other persons, we carry out video surveillance in the premises and territory of our Restaurant.

29. We carry out video surveillance and process the data (video data) of Guests entering the video surveillance field on the basis of our legitimate interest. Our video surveillance systems do not use face recognition and/or analysis technologies, the video data captured by them are not grouped or profiled according to a specific data subject (person).

30. Guests are informed about video surveillance by means of information signs with the symbol of the video camera and the details of the data controller, which are presented before entering the monitored territory and/or room.

31. Rooms where Guests expect absolute protection of personal data (dressing, rest, toilet rooms, etc.) are not included in the surveillance field of video cameras.

32. Guests' personal data collected during video surveillance (video data) are stored for up to 30 (thirty) calendar days from the date of capture.

SECTION 6. PROCESSING OF PERSONAL DATA FOR OTHER PURPOSES

33. We may also process your personal data by providing you with other services, e.g. accepting and executing your reservations, fulfilling the obligations of the services we offer, issuing invoices and/or other accounting documents for the services. Usually, the processing of such personal data is carried out on the basis of a service provision contract, on the basis of your consent or in fulfillment of the obligations imposed on us by legal acts.

34. We can process personal data for other purposes as well, if we have received your (data subject) consent for this, or when the processing of personal data is based on other legal processing criteria provided for in legal acts.

SECTION 7. HOW LONG DO WE PROCESS AND STORE YOUR DATA?

35. We will process and store your personal data for no longer than is necessary to fulfill the purposes for which the data were collected, or for such a period as is determined by legal acts.

36. Your personal data may be stored longer than specified in the Policy only when:

  1. There are reasonable suspicions of an illegal act, which is the subject of an investigation;

  2. Your data is necessary for the proper resolution of a dispute or complaint;

  3. If we have received complaints related to the Guest, or if we have noticed violations committed by the Guest in question;

  4. Backup copies and other purposes related to the operation and maintenance of information systems or similar.

In the presence of other special grounds, conditions or cases provided for in legal acts.

SECTION 8. IN WHICH CASES AND TO WHICH THIRD PARTIES DO WE DISCLOSE YOUR DATA?

37. The company does not transfer your personal data to any third parties without your prior consent, except for the cases described below.

38. We can transfer your data for processing to third parties who help us to carry out our activities and administer the provision of Services. Such persons can be data centers, companies that create, provide, support and develop software, companies that provide information technology infrastructure services, companies that perform and provide services analyzing Internet browsing or Internet activity, security services that provide security services, etc.

39. In each case, we only provide the data processor with as much data as is necessary to fulfill a specific order or provide a specific service.

40. Data processors engaged by us can process your personal data only in accordance with our instructions. In addition, they must ensure the security of your data in accordance with applicable laws and written agreements with us.

41. Data may also be provided to competent authorities or law enforcement agencies, such as the police or supervisory authorities, but only upon their request and only when required by applicable legislation or in the cases and procedures provided for by legislation, in order to ensure our rights, our safety of guests, employees and resources, to assert, file and defend legal claims.

Savoka

Description

Personal data

Processing of personal data

Data subject

Data controller

Data controller

Third country

A government institution or institution

Actual recipient of public electronic communications services

Interesting

Recording of the telephone conversation

Conversation

Breach of personal data security

The name and surname of the company's reception administrators, restaurant administrators, waiters, and interested parties, voice, conversation recording, date and start and end time of the telephone conversation, telephone number to which the call is made and from which the call is made;

any operation or sequence of operations performed by automated or non-automated means on personal data or sets of personal data, such as collection, recording, sorting, systematization, storage, adaptation or modification, extraction, access, use, disclosure by transmission, distribution or otherwise enabling use them, as well as juxtaposition or combination with other data, restriction, deletion or destruction;

actual recipient of public electoral communications services;

Firm;

a natural or legal person who processes Personal Data on behalf of the Company;

a natural or legal person, public authority, agency or other institution that is not a data subject, data controller, data processor, or persons who are allowed to process personal data by direct authorization of the data controller or data processor;

state and municipal institutions and institutions, companies and public institutions financed from state or municipal budgets and state money funds and authorized to perform public administration in accordance with the procedure established by the Law of the Republic of Lithuania on Public Administration or providing public or administrative services to individuals or performing other public functions;

a natural person using public electronic communication services for personal or business purposes. This person does not necessarily have to be a subscriber to these services;

a natural person calling the Company's reception administrator, restaurant administrator, waiters, SPA center administrators, using the Company's phone numbers provided to them for work purposes;

Audio recording of the company's reception administrators, restaurant administrators, waiters, and interested parties' telephone conversations, which take place on the telephone numbers provided for the specified positions by the Company for work purposes;

The conversation of the company's reception administrators, restaurant administrators, waiters, and interested parties, which takes place on the phone provided for work purposes;

a security breach resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, transfer, storage or other processing of personal data or unauthorized access to it.

4. References to clauses, appendices and other provisions are references to clauses, appendices and provisions of the Procedure.

5. The names of items and other provisions are written only for the sake of convenience and do not affect the interpretation of the Order.

6. This Procedure is mandatory for all employees of the Company.

SECTION 2. PURPOSE, LEGAL BASIS AND SCOPE OF CONVERSATION RECORDING

7. Conversations are recorded and Personal data are processed in order to ensure the quality of the Company's telephone service and the objectivity of the handling of interested requests and complaints.

8. The legal basis for the recording of conversations and the processing of Personal Data is the consent of the data subject (Article 6, Paragraph 1, Clause a of the Regulation; Article 73, Paragraph 1 of the Electronic Communications Law of the Republic of Lithuania).

  • The consent of the data subject (interested party) is obtained before starting the recording of each Conversation by expressing it with unambiguous actions (Continuation of the Conversation) so that his data are processed for the purposes specified during the Conversation.

  • The consent of the company's reception administrator, restaurant administrator, waiter, spa center administrator (Appendix 1 of the Procedure) is obtained in writing before the recording of telephone conversations begins, or on the first working day of the employee, or on the first working day after the employee's vacation, incapacity period, if the recording of conversations began on this period.

9. They are recorded only for work purposes. Both outgoing and incoming calls are made to the phone numbers given to the company's reception administrator, restaurant administrator, waiter, spa center administrator.

10. Personal data may not be processed for other purposes that are incompatible with those set out in this Procedure. The compatibility of objectives is determined by conducting an objective compatibility test, during which the following must be taken into account:

11. all connections between the purposes for which personal data were collected and the purposes of the intended further data processing;

12. the circumstances in which the personal data were collected, primarily related to the relationship between the data subjects and the Company;

13. The nature of personal data, in particular whether special categories of personal data are processed in accordance with Article 9 of the Regulation, or whether Personal data about criminal convictions and criminal offenses are processed in accordance with Article 10 of the Regulation, which may be specified during the Interview;

14. possible consequences of the expected further processing of Personal Data for data subjects;

15. the presence of appropriate security measures, which may include encryption or pseudonymization.

16. The purposes of recording conversations and processing Personal data can be changed only after changing this Procedure.

SECTION 9. YOUR RIGHTS

42. Data protection legislation gives you many rights related to the processing of your personal data.

43. You have the right to get acquainted with your personal data processed by us:

  1. You have the right to request confirmation from us as to whether we are processing your personal data and, in such cases, to request access to your personal data processed by us. To exercise the above right, please submit a written request to us by e-mail. by mail manager@vandenis.lt;

44. You have the right to demand the correction of your inaccurate data.

  1. If you believe that the information about you is incorrect or incomplete, you have the right to request that it be corrected. To exercise the above right, please submit a written request to us by e-mail. by mail manager@vandenis.lt.

45. You have the right to object to the processing of your personal data:

  1. You have the right to object to the processing of personal data when personal data is processed based on our legitimate interests. However, regardless of your objection, we will continue to process your data if there are valid, motivated reasons for further processing. To exercise the above right, please submit a written request to us by e-mail. by mail manager@vandenis.lt.

46. You have the right to demand the deletion of your personal data (right to be forgotten):

  1. In certain circumstances, you have the right to request that we delete your personal data. However, this provision does not apply if we are required by law to retain the data. To exercise the above right, please submit a written request to us by e-mail. by mail manager@vandenis.lt.

47. You have the right to restrict the processing of your personal data:

  1. In certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by e-mail. by mail manager@vandenis.lt.

SECTION 10. FINAL PROVISIONS

48. The law of the Republic of Lithuania applies to legal relations related to this Policy.

49. The data controller is not responsible for damage, including damage caused by interruptions in the use of the website, for loss or damage of data caused by the actions or omissions of the person himself or third parties acting with the person's knowledge, mistakes, deliberate damage, other inappropriate use of the website .

50. The Data Controller is also not responsible for disturbances in connection and/or use of the Internet site and/or damage caused by them, caused by the actions or inaction of third parties unrelated to the Data Controller or a person, including disruptions in the supply of electricity, Internet access, etc. .

51. The Data Controller has the right to partially or completely change the Policy.

52. Additions or changes to the policy take effect from the day of their publication on the website.

53. If a person continues to use the website and/or services provided by the Data Controller after the addition or change of the Policy, it is considered that the person does not object to such additions and/or changes.

54. For all data processing issues, you can contact us by e-mail duomenuapsauga@palangahotel.lt.

55. This Privacy Policy applies from 2018. May 25

DESCRIPTION OF THE PROCEDURE FOR RECORDING TELEPHONE CONVERSATIONS AND MANAGING RECORDS OF CONVERSATIONS

SECTION 1. GENERAL PROVISIONS

1. The description of the procedure for the recording of telephone conversations and the processing of conversation records (hereinafter referred to as the Procedure) determines the procedure for the recording, use, storage and destruction of telephone conversations of the K. Geco trading company (hereinafter referred to as the Company), as well as the procedure for implementing the rights of data subjects.

2. Telephone conversations are recorded and audio recordings of conversations are processed in accordance with the Law on Electronic Communications of the Republic of Lithuania, the Law on Legal Protection of Personal Data of the Republic of Lithuania, 2016. April 27 Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter - the Regulation) on the protection of natural persons in the processing of personal data and on the free movement of such data and this Procedure.

3. Concepts

SECTION 3. PROCESSING AND STORAGE OF CONVERSATION RECORDS AND PERSONAL DATA

17. Chat records and Personal data are stored for 2 weeks, after this period Chat records and Personal data are automatically destroyed.

18. For the recording of conversations and the processing of Personal Data, the Company uses the Data Processor - Telia Lietuva, AB. The relations between the company and the Data Processor are regulated by the standard Telia Lietuva, AB Data Processing Terms and Conditions [1] .

19. Conversation records and Personal data are provided to third parties only if there is a pre-defined and legal purpose of personal data processing, only to the extent necessary to achieve this purpose, and only if one of the conditions for legal processing in Article 6, paragraph 1 of the Regulation is met at the request of a third party. Upon receipt of a request to provide a recording of the conversation or (and) personal data, the guidelines for the evaluation of requests for the provision of personal data prepared by the State Domain Protection Inspectorate are followed [2] .

20. Government authorities' requests to provide Chat records and/or Personal data must always be submitted in writing, be justified, and not related to a request to provide all Chat records and Personal data managed by the Company.

21. Recordings of conversations and/or personal data may be provided by the company's decision to the pre-trial investigation institution, prosecutor or court for administrative, civil, criminal cases before them as evidence or in other cases provided by law only in compliance with all personal data established in Article 5, paragraph 1 of the Regulation management principles.

SECTION 4. IMPLEMENTATION OF THE RIGHTS OF DATA SUBJECTS TO KNOW ABOUT THE RECORDING OF CONVERSATIONS AND THE PROCESSING OF PERSONAL DATA AND THE RIGHT TO ACCESS THEIR PERSONAL DATA

22. The right of the data subject (interested party) to know about the processing of his personal data is implemented in the following manner:

  • When you call the Company's reception administrator, restaurant administrator, waiter on the phone numbers provided by the company, or when calling from the following phone numbers, you will be informed about the ongoing recording of conversations by an automatic answering machine:

    • it is reported that the Conversation is being recorded;

    • the purpose of recording the conversation, the name of the data controller, contact details of the legal entity;

    • it is noted that if the Data Subject agrees to have his Conversation recorded for the specified purpose, he would wait to be connected and continue the Conversation;

    • information is provided about alternative options to contact the Company, if he does not agree to the recording of the Conversation and the processing of his Personal Data;

    • it is indicated that more detailed information about the processing of his Personal Data can be found on the Company's website or obtained during the Interview from an employee of the Company.

23. The employees of the company, whose Conversation recordings and Personal data are processed for the purposes defined in this Procedure, are informed about the ongoing recording of Conversations and its purpose by signature or in another way that proves the fact of information before the recording of Conversations starts, either on the first day of the employee's work, or on the first working day after the employee's vacation , of the period of incapacity for work, if the recording of Conversations was started during this period, providing the information specified in Article 13 of the Regulation.

24. The data subject, in order to access the Conversation Record and Personal Data, must submit a request to the Company and confirm his identity. Upon receiving the data subject's request, the company confirms whether the Conversation Record and Personal Data related to it are processed, and if such Personal Data is processed, it provides the requested information in accordance with Article 15 of the Regulation. Providing a copy of personal data to the Data subject cannot have a negative impact on the rights and freedoms of the Company's employees. When providing a copy of the conversation recording, the methodological information of the State Data Protection Inspectorate is followed [3] .

25. In exercising the rights of the Data Subject, the Personal Data Processing Rules No. 1, approved by the order of K. Geco's company director on 08/01/2018 no. AD-1 to the extent that they are not regulated in this Procedure.

SECTION 5. PERSONAL DATA SECURITY AND PERSONAL DATA SECURITY VIOLATIONS

26. The Company Manager and his authorized person have access to Chat records and Personal data.

27. The security of personal data is ensured in accordance with the Personal Data Processing Rules no. 1, approved by the order of K. Geco's company director on 08/01/2018 no. AD-1.

28. The data processor ensures the security of personal data in accordance with the standard data processing conditions of Telia Lietuva, AB.

29. In the event of a Personal Data security breach, the Personal Data Processing Rules No. 1, approved by the order of K. Geco's company director on 08/01/2018 no. AD-1.

SECTION 6. RESPONSIBILITY

30. The company's reception administrator, restaurant administrator, waiters, SPA center administrator and employees appointed by the Company to process personal data, or employees who learn personal data in the course of their duties, must comply with this Procedure, the requirements for processing personal data and the confidentiality and security requirements established Regulation, the Law on Legal Protection of Personal Data of the Republic of Lithuania and this Procedure.

31. The persons referred to in point 25 of this Procedure are informed of this Procedure and its amendments by signature or electronic means and undertake to comply with it. Violations of this Procedure may be considered as violations of work duties, for which liability provided for in the Labor Code of the Republic of Lithuania may be applied.

SECTION 7. FINAL PROVISIONS

32. This Procedure may be changed by order of the Company Manager. Any change to the Procedure in relation to the employee of the Company comes into force and must be applied from the moment when the employees of the Company are informed about such a change in the Procedure in accordance with the procedure provided for in this Procedure.

33. This Procedure has been prepared and must be interpreted in accordance with the laws of the Republic of Lithuania and the applicable legal acts of the European Union.

34. If any provision of this Procedure becomes impossible or contrary to the applicable laws, or becomes partially or completely invalid for any reason, it will not invalidate the remaining provisions of the Procedure.

VANDENIS

bottom of page