G.P.P. Mikić d.o.o. (Ltd) (Hotel Malin) with headquarters in 51511 Omišalj, Pušća 131, personal identification number (OIB): 82386143355, respects the privacy of its clients. In this way G.P.P. Mikić d.o.o. (Ltd) (Hotel Malin) would like to inform all its clients about the type, manner and legal basis of its collecting their personal data as well as the protection and rights of the clients themselves.
Pursuant to the provisions of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), the Law on Implementation of the General Data Protection Regulation (OG 42/2018) and other regulations governing the subject area, G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) is understood to be the processing manager of your data and has the obligation and duty to respect and protect your privacy.
Purpose of collecting personal data
- meeting the requirements of the law and other valid positive regulations
- marketing and sending offers
- for the purpose of holding prize games
- for the purpose of protecting the property and safety of individuals by using video surveillance measures
Data protection principles
Lawful, fair and transparent processing of personal data;
Limitation of purpose-collecting personal data in special, explicit and legitimate purposes, which may not be subsequently processed in any way that is inconsistent with these purposes;
Reducing the amount of data – personal data must be appropriate, relevant and limited to what is necessary in relation to the purposes for which it is being processed;
Accuracy – personal data must be accurate and, if necessary, up-to-date;
Storage Restriction – personal data is also kept in such a format that allows identification of the examinee for as long as is necessary for the purpose for which the said personal data is processed;
Integrity and confidentiality – personal data is processed in such a way so as to ensure the proper security of said personal data.
Legal basis of the collection
- the key interests of the examinees,
- legitimate interest that is stronger than the interests of the examinees or
- the consent or explicit consent of the examinee, depending on the purpose of processing and the type of personal data
Data storage time
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) is obliged to keep data collected on a legal basis as long as it is determined by a particular law or other positive regulation.
Data collected by G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) on the basis of the contractual relationship, will only be kept to the extent necessary for the purpose of fulfilling the contract or providing the service.
Names, surnames and email addresses collected by G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) based on the legitimate interest for direct marketing purposes will be kept at its base for a period of 10 years.
Other information collected by G.P.P. Mikić d.o.o. (Ltd) (Hotel Malin) based on the express guest’s consent, will be kept at its base for a period of 7 years.
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) may also collect and store the data browsed on its website (so-called cookies) based on your explicit consent and will, in this case, it will keep them in its database for a period of 2 years. G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) will use the above mentioned data for the purpose of providing information on special and personalised offers, news and events organised through online channels (e-mail, web, internet promotion).
Regardless of the basis of data collection, you can freely request the following without charge:
- access, modification or amendment of data in all personal data bases, deletion (“right to forget”) of personal data in all personal data bases;
- limitation of processing of your data or file a complaint against processing such data;
- that the data collected about you or transferred to you or to third parties (“right to transferability of data”), is in accordance with the positive legal regulations;
- if the data is given based on consent, you can always withdraw such consent without any consequences;
- the right to file a complaint to the supervisory body – the Personal Data Protection Agency (more on www.azop.hr).
Send your requests to the e-mail address of the Personal Data Protection Officer: email@example.com or via regular mail at G.P.P. Mikić, Pušća 131, 51511 Malinska, Croatia
Personal data collected from guests
Upon the arrival of each guest, G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) has a legal obligation to collect the following personal data for the purpose of check-in and check-out of tourists:
- Surname and name, town, state and date of birth
- Type and number of identity document
- Permanent address (residence)
- Date and time of check-in at the facility
- Estimated date of check-out from the facility
- Date and time of check-out from the facility
Should you refuse to provide the above-mentioned personal data to our employee at the reception, we do not have the legal basis to provide you with an accommodation service within our facilities.
Your personal data is entered into the e-Visitor system based on your identity card, travel document or other appropriate identity document. In accordance with the law, access to your data in the e-Visitor system is limited to the competent state bodies of the Republic of Croatia.
The check-in and check-out as a tourist that is entered in the e-Visitor system for you is authenticated on the basis of a secure access to the e-Visitor system through an authentication protocol that includes the entire process and conditions for the safe and correct electronic check-in and check-out as prescribed by the Ordinance on the manner of keeping visitor registers and the form and content of the form of registration of visitors with the tourist board.
Furthermore, for the purposes of securing payment of your stay in our facility, we may ask you for a credit card number. Should you refuse to provide a card number as payment security we are entitled to refuse to provide you with an accommodation service.
G.P.P. Mikić d.o.o. (Ltd) (Hotel Malin) does not transfer your personal data to third parties.
G.P.P. Mikić d.o.o. (Ltd) (Hotel Malin) will not use your personal information for marketing purposes without your consent.
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), as a processing manager, has the right to collect your personal data (name and surname, e-mail address) on the basis of a legitimate interest, in its guest base and use it for the purpose of direct marketing solely for the purpose of notifying you about the offers and news of G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) by e-mail. In this case, you have the right at any time and free of charge to request deletion (right to forget) from the database for this purpose.
After your stay, G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) will give each guest a questionnaire regarding overall satisfaction, which can only be completed with your consent. The purpose of the overall satisfaction questionnaire is to collect service data for the purpose of improving the service and processing it for statistical purposes.
In the case of the previous reservation of the accommodation G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) collects the following personal data:
- Surname and name;
- Zip code;
- Mobile phone.
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) will only use the personal data collected for the accommodation reservation for the purposes of reservation and sending notifications with regard to that. G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) will not use data collected in this way for marketing purposes without the express consent of the examinee (guest).
Personal data collected by signing up for the newsletter
When signing up for a newsletter, the examinee will be able to provide the following information with the consent:
When updating a newsletter signing up, the examinee may also have the possibility of providing some additional data with his consent.
Personal data is collected for the purpose of sending notifications on the offers and services of G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin).
As is the case with many other portals, ours too can be used with “cookies” (small files that we save to your computer when accessing our website to allow basic or additional functionality of these pages) and other technologies that facilitate the delivery of content depending on your areas of interest, processing reservations or requests, and/or analysing the characteristics of your visits. Cookies cannot be used to detect your personal identity. When accessing our web pages, this information identifies your browsers’ features to our servers, but not you.
Type of cookies:
Necessary cookies – are necessary for the functioning of a website, which cannot function without them. This means that, without these cookies, an Internet page cannot open or display. These cookies are used for the purposes of communication transmission or are necessary for the provision of the information society services explicitly required by users of such services. Furthermore, these cookies will enable us to conduct a basic website analysis with the aim of improving the work of the website by means of completely anonymous data, i.e. which is not based on your personal data or data that can be linked in any way to you. These cookies do not require and we do not request your consent.
Functional cookies – are used to perform a more advanced website analysis. These cookies are used to analyse user behaviours, and based on anonymous data can determine what visitors to the site most want and browse, so we are able to customise the website and make its content and functionality simpler to use. For these cookies we request your consent.
Advertising cookies – used to analyse your interests and desires, are needed for us to provide you with the information that is of interest to you and create customised offers for your use of the G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) websites. For these cookies we request your consent.
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) stores cookies in its base and keeps them at the longest for 2 years.
You can always delete cookies stored on your computer, thereby disabling the processing of your personal information through such technology.
Video surveillance system
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) as a processing manager uses the measure of video surveillance for the protection of property and persons.
Videos contain personal information of all persons moving in the camera’s view, and are therefore kept with special care, having a system of security, availability and deletion policy that is governed by the internal security rules of G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin).
Videos are over-recorded so as to be deleted automatically after a maximum of 15 days from recording. Exceptionally, videos are kept longer if they represent evidence in the process for the competent state bodies.
In case of judicial and / or criminal proceedings, G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) may use the afore-mentioned videos. Third parties, processing executors, registered contract partners of G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), experts for the provision of personal and property protection services may have insight into the personal data, but will not individually use any of the afore-mentioned data, but will take care of the safety of central monitoring and warning systems. Special regulations that govern that particular area are applied to all other details with regard to the video surveillance.
Protecting the personal data of children
G.P.P. Mikić d.o.o. (Hotel Malin) may collect personal information from children older than 16 years. Any other processing of child data below the specified age limit and other processing, except as expressly stated herein, for children under 18 years of age is permitted to G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin) exclusively with the parent’s prior consent.
Modification of data
You can contact us at any time to review your personal data, as well as for updating, modifying or deleting your data. Until that time, we may use your previously recorded data for the aforementioned purposes.
Technical and integrated data protection
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), as the processing manager, takes into account the highest organisational and technical data protection standards and strives to process only personal data necessary for the specific purpose.
Records of processing activities
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), as the processing manager, keeps records of processing activities using the following data:
- the name and contact details of the processing manager, where applicable, the joint processing manager, and the data protection officer;
- processing purposes;
- description of the category of examinees and categories of personal data;
- categories of recipients to which personal data is disclosed or will be disclosed, including recipients in third countries or international organisations;
- where applicable, transfers of personal data to a third country or an international organisation, including identification of that third country or international organisation, and, in the case of transfer from Article 49, paragraph 1, second subparagraph, documentation of appropriate protective measures;
- if possible, the deadlines predicted for deleting different categories of data;
- if possible, a general description of technical and organisational security measures.
Infringement of personal data
G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), as processing manager, is responsible for any personal data breach, without unnecessary delay and, if feasible, not later than 72 hours after the occurrence of this violation, reporting to the competent supervisory authority on the breach of personal data unless it is unlikely that personal data breach will cause risk for the rights and freedoms of individuals.
In the event of a violation of personal data likely to cause a high risk to the rights and freedoms of individuals, G.P.P. Mikić d.o.o. (Ltd.) (Hotel Malin), as a processing manager, without unnecessary delay, will inform the examinee of the personal data breach. Examinees will not be informed in cases where the Regulation stipulates that the same is not mandatory.