Crikvenica Miramare d.o.o, based in Zagreb, Trg Johna Kennedya 6b, OIB: 81830457362 (hereinafter: Hotel Miramare), respects the privacy of each person whose personal information is collected. We would like to inform you which personal information Hotel Miramare collects, how we protect this information and what are your rights.
Hotel Miramare holds all copyrights on the use of photographs, texts and other published materials in the sense of positive legal regulations of the Republic of Croatia. Photographs, texts and other materials may not be published, sold, publicly or privately advertised or used in any other way without the consent of Hotel Miramare.
Scope of application
This Policy applies to any processing of personal data by Hotel Miramare, unless other Hotel Miramare policy prescribes otherwise. Exceptionally, with regards to the processing of data of guests and users of Hotel Miramare services, this Policy prevails over all other policies when such other policies prescribe rights and obligations regarding the processing of data in a different manner.
Data controller and legal framework
Hotel Miramare, as the Controller of your data, respects your privacy and undertakes to protect your personal data. The collection and storage of data is carried out in accordance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), the Act on Implementation of the General Data Protection Regulation (Official Gazette, No. 42/2018) and other regulations governing this area that are applicable in Republic of Croatia.
Data protection officer
Hotel Miramare has appointed a personal data protection coordinator, who can be contacted, at any time, at the e-mail address: email@example.com or by regular mail addressed to Hotel Miramare d.o.o., Ulica Bana Jelačića 2, 51260 Crikvenica.
Implementation of data-protection principles
Hotel Miramare, within the framework of the implementation of this Policy, pays special attention to respecting the principles of data processing and processes data:
Transfer of data to third parties
The access to the personal data of guests, where necessary and to a limited extent, may also be granted to third party processors, who store such data in their databases until due processing of such data is completed. We will conclude a detailed contract with such parties regarding their powers and obligations during the processing of personal data, in accordance with the requirements of the Regulation.
Should, within the data processing, data be transferred to third countries, Hotel Boutique Hotel Miramare will ensure the compliance with high standards of protection to in order to comply with the highest possible standard of personal data protection in accordance with the strict requirements of the Regulation. In this respect, Hotel Miramare will for all international transfers of personal data inform the data subject of its intent to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the European Commission. At the same time, the data subject will be referred to the to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available, as well as whether due transfer is subject to safeguards in accordance with Article 46 of the Regulation, the application of binding corporate rules in accordance with Article 47 of the Regulation or whether the Article 49 paragraph 1 sub-paragraph 2 of the Regulation applies. Any transfer of personal data to third countries will be carried out in accordance with Chapter V of the Regulation.
Purpose of data collection
Hotel Miramare is required to collect certain personal data in order to execute due accommodation contract and comply with regulations governing hospitality. However, Hotel Miramare may collect other or the same data for other purposes, primarily maintaining contact. Such purposes include:
Hotel Miramare guarantees that collected data will be used only for the stated purposes.
Hotel Miramare may use depersonalised data for statistical purposes.
Legal basis for collection
The legal basis for the stated collection purposes may be:
Points of data collection
Hotel Miramare collects your data at:
Data storage period
Data that was lawfully collected by Hotel Miramare is stored for a period of time prescribed by a particular law or other positive regulation.
Data that was contractually collected by Hotel Miramare is stored only for a period of time necessary to fulfil the contract or provide a service.
Information about the name, surname and e-mail address collected by Hotel Miramare on the basis of your consent for direct marketing purposes is stored in its guest database for a period of 10 years.
Other information collected by Hotel Miramare on the basis of guest’s explicit consent (mobile phone number, number of children, marital status, pets, interests, manner of travel, accommodation and destination preferences) is stored in its guest database for a period of 5 years.
Hotel Miramare may, based on your explicit consent, also collect your web browsing data (so-called cookies) and store them in its database for a period of 2 years. Hotel Miramare uses such data to inform you about special and personalised offers, news and events organised through online channels (e-mail, web, internet promotions).
Rights of the data subject
Regardless of the basis for data collection, you can, at any time, free of charge, request:
Please send your written request to the contact e-mail address of personal data protection officer at firstname.lastname@example.org or by regular mail addressed to Hotel Miramare d.o.o., Ulica Bana Jelačića 2, 51260 Crikvenica.
Personal data collected from persons who booked accommodation and guests
Hotel Miramare, as the data controller, keeps personal data you are required to submit in order to be provided with accommodation services in its database solely for the purpose of concluding the accommodation contract and complying with legal requirements on provision and collection of personal data governing hospitality, and may use such data for other purposes allowed by positive regulations. In the event that you do not provide Hotel Miramare with minimum information required for the registration of guests in all relevant registers, Hotel Miramare will not be able to provide you with accommodation services in accordance with the contract and the law.
Personal data recorded by Hotel Miramare at the time of booking and filling in the registration card at arrival to the facility are collected on the basis of laws regulating hospitality and for the purpose of providing services to guests. These include the following data (subject to change with regard to positive regulations):
Hotel Miramare stores such data in its database of guests and shares them with competent authorities of the Republic of Croatia through the E-visitor system (electronic registration system) through the E-visitor system (electronic registration system) in which such data is required to be stored for 10 years. Hotel Miramare is also required to store all invoices issued to guests, including their personal information, for 11 years, in accordance with legal regulations.
Furthermore, in order to fulfil its contractual obligations, at the time of booking and filling in the registration card at arrival to the facility Hotel Miramare collects the following information:
Other information related to circumstances of your stay, such as the manner of travel, travel companions, marital status, number of children, pets and other interests, will also be collected when they are directly connected to the provision of accommodation services, but will be deleted after your departure from the accommodation facility.
Hotel Miramare as the data controller, based on your consent has the right to store your personal information (name and surname, e-mail address) in its database of guests and use such information for the purpose of direct marketing done solely for the purpose of informing you about Hotel Miramare offers and news by e- mail. Under these circumstances, you will have the right to request erasure (right to be forgotten) from the database for that purpose at any time and free of charge.
In addition, a person who books accommodation, that is, a guest, can give Hotel Miramare a special permission, namely, consent, that all his or her information, such as:
Data is stored in the Hotel Miramare database of guests for 5 years.
Hotel Miramare also collects personal data through the video surveillance system.
Personal information collected by subscribing to our newsletter, including a free Wi-Fi login on the Hotel Miramare website
When a data subject subscribes to our newsletter, he or she will be given the option to provide the following additional information with his or her consent (in addition to his or her name, surname and e-mail address that Hotel Miramare collects on the basis of legitimate interest):
While renewing his or her subscription to our newsletter, the data subject will be given the option to provide the following additional information with his or her consent:
Collected data are collected on the basis of an explicit consent for the purpose of providing information about special and personalised offers, news and events organised by Hotel Miramare through online channels (e-mail, web, internet promotions).
Data is stored in the Hotel Miramare database of guests for 5 years.
Data subject has the right to rectification of data and the right to be forgotten.
Cookies and online technologies
What are cookies?
CookiesCookies) are small files that your browser saves to disk when visiting our website. This enables our website to recognize your computer the next time you visit us, to offer you a personalized experience while surfing. Cookies are not directed at spying on users and do not follow everything that a user does and is not malicious code or a virus. Also, cookies are not associated with unwanted messages or Spam, cannot save the password and are not intended exclusively for advertisements or advertising. Information such as your name or email address will not be saved – web pages cannot access your personal information and files on your computer.
In order to use “cookies” pursuant to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals in connection with the processing of personal data and on the free movement of such data (General Data Protection Regulation), the Law on the implementation of the General Regulation, the Law on Electronic Communications, we need your consent.
Types of cookies
Cookies used on this website:
How to accept or reject cookies
You can always block the use of some or all of the cookies that we use on our web site, but this may affect its functionality.
The cookie Settings box is located at the bottom of this page. Once you have selected the settings, you can reset the cookie settings at the bottom of this page at any time.
Additionally, you can accept or reject some or all of your cookies by customizing your browser’s settings. On the following links, you can find information about how to change the settings for some of the most commonly used Web browsers: Mozilla Firefox, Google Chrome, Microsoft Internet Explorer, Apple Safari, Opera. Some browsers allow you to surf in “anonymous” mode, limiting the amount of data set on your computer, and automatically erase the persistent cookies that are set on your device when you finish your browsing session. There are many third-party applications that you can add to your browser to block or manage cookies. You can also delete cookies that were previously placed in your browser by selecting the option to delete your browsing history and also include the option to delete cookies. For more information about cookies and adjusting your browser settings, you can find the www.allaboutcookies.org.
Video surveillance system
Hotel Miramare as the data controller, has the legitimate interest to implement video surveillance measures to protect property and persons in relation to certain workplace positions and statutory duty to install surveillance cameras that record employees and anyone moving within the surveillance camera field of view.
Hotel Miramare indicates all places where video surveillance system is installed in the prescribed manner.
Hotel Miramare is aware that the video recordings contain personal data of all the persons moving within the surveillance camera field of view, and therefore handles them with special care. Furthermore, we have implemented a security system and introduced availability and erasure policy regulated by internal Hotel Miramare rules on safety.
Video recordings are regularly rewritten and thus automatically deleted after a maximum of 15 days after they are recorded. Exceptionally, video recordings are kept longer when they serve as evidence in proceedings before competent state authorities. Extracted video recordings are stored in a centralised messaging system with extremely limited access.
In the event of judicial and/or criminal proceedings, Hotel Miramare may use such video recordings. Access to personal data captured on video recordings may be granted to third parties, data processors and contractual partners of Hotel Miramare who are registered and qualified to provide services of personal and property protection and who do not use any of these data independently but participate in activities related to the security of central supervisory and alarm systems. All other details regarding video surveillance are subject to special regulations that govern that area.
Protecting the personal information of children
Hotel Miramare advises parents and guardians to teach their children the importance of being responsible when dealing with personal information on the internet. Hotel Miramare does not wish to collect and has no intention of collecting personal information of children. Personal information of children will be neither used nor divulged to third parties. A child may give his or her consent solely in relation to the provision of IT company services, whereby such child must be older than 16 years of age. Hotel Miramare may process all other information of children below the stated age limit and children under 18 years of age, except as expressly stated herein, only with the prior consent of the parent.
Rectification of data
You can contact us at any time to review your personal information, as well as for the purpose of updating, rectification or erasure of your data. Until such time, we will use your previously recorded data for the aforementioned purposes.
Technical and integrated data protection
Hotel Miramare, as the data controller, takes utmost care to meet the highest organisational and technical data protection standards. We, therefore, taking into account state of the art developments, the cost of implementation and the nature, scope, context and purpose of processing, as well as the risks arising from data processing of various levels of probability and severity that may affect the rights or freedoms of natural persons, at the time of choosing the processing resources and at the time of the processing itself, take appropriate technical and organisational measures to enable the effective application of data protection principles.
Furthermore, Hotel Miramare takes the appropriate technical and organisational measures to ensure that only personal data necessary for each special purpose of processing are processed in an integrated way. Hotel Miramare imposes this measure to the amount of collected personal data, scope of their processing, storage period and their availability. Specifically, such measures ensure that personal data are not automatically, without personal intervention, made available to an unlimited number of persons.
Records of processing activities
Hotel Miramare, as the data controller, keeps records on processing activities involving the following data:
Personal data breach
Hotel Miramare, as the data controller, ensures that in the event of personal data breach, the competent supervisory authority is notified of personal data breach without further delays and, if possible, at least 72 hours after such breach has occurred, unless it is not likely that such personal data breach will pose a risk to rights and freedoms of natural persons.
The report submitted to the supervisory authority must contain all information prescribed by the Regulation.
In the event of personal data breach that is likely to pose high risk to rights and freedoms of natural persons, Hotel Miramare, as the data controller, will notify the data subject of such personal data breach without further delays. Data subjects will not be notified where the Regulation stipulates that such notification is not mandatory.
Data protection impact assessment
Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of data subjects, Hotel Miramare will, as the data controller, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data.
A single assessment may address a set of similar processing operations that present similar high risks.
Hotel Miramare performs a data protection impact assessment in the event of:
In accordance with the provisions of the Regulation and, when necessary, after the performance impact assessment, we will consult the supervisory authority prior to processing.