PERSONAL DATA PROTECTION POLICY This Personal Data Protection Policy of VENEFICUS d.o.o, Šibenska 13, 21000 Split, OIB: 54688366525 as the head of personal data processing determines the conditions and methods of collecting and processing personal data in accordance with General Regulation (EU) 2016/679 of the European Parliament and of the Council of the date 27th of April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation), (hereinafter: the Regulation), and in accordance with the General Implementation Act on data protection (OG 42/18).

As a processing manager, we process personal data of respondents (service users, website visitors, applicants / inquiries and other persons) in compliance with all relevant regulations, applying the principles and conditions of personal data processing established by applicable regulations, and in a way that ensures adequate security of personal dana, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage in accordance with the applicable rules on personal data protection.

1. PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

1.1. VENEFICUS d.o.o. as a controller of personal data processing, is extremely important to protect the security and privacy of your personal data in our business, therefore we operate in accordance with the Personal Data Protection Regulation (EU) 2016/679 (GDPR) and relevant personal data protection laws. We hope that the policy described below will help you understand what data the controller may collect, how it uses and stores that data, and with whom we may share it. The processing manager will not collect any personal data about you (eg your name, address, telephone number or e-mail address), except in cases when you voluntarily decide to give them to us (for example, when booking an appointment, inquiries about services, etc.) , that is, you give your consent (consent) or unless otherwise prescribed by applicable laws and regulations for the protection of your personal data.
As a Processing Manager, we process your personal data that is necessary for the following purposes: - Your personal data necessary for the purpose of communicating with you: when you contact us with a request for our services, a request for an offer or a comment on our services, we will process the data you have provided to us in order to contact you and act on your request. - Your personal data that are necessary when booking accommodation and other hotel facilities: when you are interested in accommodation or other services we offer, we collect your data so that we can monitor the occupancy of hotel capacity and to timely, properly arrange, organize and perform the services you sought,
- Your personal data, which is necessary for check-in and check-out of guest accommodation: if you use accommodation services in our hotel, we are legally obliged to collect certain personal data in order to record your arrival,
- Your personal information necessary for the provision and payment of hotel services: during your stay at the hotel, we collect information about the special requirements you have had in order to provide you with the expected level of hospitality.
- Your personal data necessary for the organization of the event: in order to fulfill our contractual obligation, we collect your personal data when you are the organizer of the event. In case you are a participant or visitor of events in our space, we may collect data that allows us to provide instructions and information about events;
- Your personal data necessary solely for the purpose of security of persons and property through video surveillance: part of the hotel and the area around the hotel is under video surveillance, about which visible information is highlighted in accordance with the Law on Implementation of the General Data Protection Regulation. Video surveillance is defined by the Ordinance on video surveillance and for more information you can contact our appointed data protection officer at the e-mail address gdpr@veneficus.hr cooperation with you as our suppliers and business partners

1.2. We process your personal data on the basis of consent within the meaning of Article 6 (1) (a) of the General Regulation, as follows:
- for the purpose of better functioning of all features of the Website https://www.briig-hotel.com/hr and enabling a better user experience.
- for the purpose of monitoring and improving the quality of services: Your satisfaction is extremely important to us and for this purpose we use questionnaires in which you can evaluate our services and make comments. In doing so, you decide for yourself whether to fill in such questionnaires and whether and to what extent you will state personal data in them;
- for the purpose of connecting with us via social networks for the purpose of answering your inquiries;
- processing of your application or job application in our business units
- photographing events and activities that we organize;
- sending newsletters

2. USE OF COOKIES

Cookie Information

The website uses the so-called cookies - text files placed on the user's computer by an Internet server, through which the Internet Service Provider (ISP) displays a web page. Cookies are created when the browser on the user's device loads the visited network destination, which then sends the data to the browser and creates a text file (cookie). The browser retrieves and sends a cookie to the website server when the user returns to it. The Electronic Communications Act stipulates that we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your consent. This Site uses different types of cookies. Some cookies are set by third parties that appear on our site.

Necessary cookies

Necessary cookies help make your site useful by providing basic features such as navigating the Page and accessing safe areas of the site. The website cannot function properly without these cookies. Necessary cookies may be stored regardless of the consent of the user of the Site in accordance with legal regulations.

Analytical cookies

These cookies collect information about how visitors use the site, such as which pages visitors visit most often. We use them to improve the performance of our site. However, some of them may be third-party cookies, and the information we collect may be classified as purposes unknown to us as the owner of the Site. For more information, see the privacy policies of these third-party processors. Marketing cookies

Marketing cookies are used to track visitors through websites. The intent is to show ads that are relevant to a particular user and encourage them to participate, which is important for third-party publishers and advertisers.

Provisions on data protection on the application and use of: Facebook and Instagram

On his website, the processing manager can integrate or has integrated components of Facebook and Instagram

Facebook and Instagram are social networks operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If the person lives outside the United States or Canada, the processing manager is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. The data protection rules published by Facebook and Instagram are available at https://facebook.com/about/privacy/ and https://help.instagram.com/519522125107875?helpref=page_content and provide information about collection, processing and the use of personal information on those social networks.

Consent management
You can always revoke the consents granted to us. If you revoke the given consent, we will no longer process your data for the stated purposes, but this does not affect the lawfulness of the processing before the revocation of the consent.

3. WHAT ARE YOUR RIGHTS REGARDING THE PROCESSING OF PERSONAL DANA

To achieve your rights, you can contact us in writing or by e-mail using our contact information listed at the following link: https://www.briig-hotel.com/hr
Your rights are:
3.1. The right to access personal data
You have the right to access your personal data that we process about you and you may request detailed information, in particular about the purpose of their processing, the type (s) of personal data being processed, including access to your personal data, recipients or categories of recipients. personal information will be stored. Access to personal data may be restricted only in cases provided for by Union law or our national law, or where such restriction respects the fundamental rights and freedoms of others.
3.2. The right to correction of personal data
You have the right to request the correction or addition of personal data if your data is not accurate, complete and up-to-date. To do so, send your request to us as a processing manager in writing, including an electronic form of communication.
We note that in the request it is necessary to specify what is not specific, complete or up-to-date and in what sense the above should be corrected and submit the necessary documentation in support of their allegations.
3.3. Right to delete
You have the right to request the deletion of personal data relating to you if one of the following conditions is met:
Your personal information is no longer necessary in relation to the purpose for which we collected or processed it;

you have withdrawn the consent on which the processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and if there is no other legal basis for the processing;
you have objected to the processing of your personal data in accordance with Article 21 (1) of the General Data Protection Regulation and if there are no stronger legitimate reasons for our processing;
personal data has been processed illegally;
personal data must be deleted in order to comply with a legal obligation under Union law or the law of the country to which the controller is subject
personal data have been collected in connection with the offer of information society services referred to in Article 8, paragraph 1.
3.3.1. Exceptions to the exercise of this right are provided for in Article 17 (3) of the General Regulation These rights are not applicable to the extent that processing is necessary:
in order to exercise the right to freedom of expression and information;
to comply with a legal obligation requiring processing under Union law or the law of the Member State to which the controller is subject, or to perform a task in the public interest or in the exercise of the controller's official authority;
for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1), to the extent that the right referred to in paragraph 1 is likely to prevent or seriously jeopardize the achievement of the purposes of such processing; or
for the purpose of setting, exercising or defending legal claims.
3.4. The right to restrict the processing of personal data

You have the right to obtain a processing restriction if:
you dispute their accuracy
if the processing is illegal and you oppose their deletion
if the controller no longer needs personal data but you have requested them in order to set, realize or defend legal claims
if you have objected to the processing of your personal data.
3.5. The right to object
If we invoke our legitimate interests in the processing of your data, you may object to such processing.

4. PUTTING ON THE USE OF PERSONAL DANA

We may pass on your personal data to the processors with whom we have concluded contracts in which the processing of personal data is prescribed in detail, so they are not able to process your personal data without our order and pass it on to third parties, as follows:
- providers of information and communication solutions and services,
- subjects needed to carry out the event - photographing the event,
- authorized PR and marketing agencies and entities that are directly involved in the implementation and realization of certain events
- entities authorized by us to process Personal Data, which are subject to an appropriate legal obligation of confidentiality (eg bookkeeping service, media agency for sending newsletters, digital agency for the administration of social networks, etc.),
- law enforcement and public authorities when required by applicable law or in good faith (to protect and defend our rights and / or property or to act in urgent circumstances to protect the personal safety of our guests, workers, the Site or the public, in accordance with legal obligation we have as a hotel accommodation service provider),
- our legal advisers in case of need for forwarding data for legal proceedings,

- the company through which the hotel accommodation is paid in case of using the web form on this page, is the company: PHOBS d.o.o., Vukovarska 19, 20000 Dubrovnik, Croatia, OIB: 09221756952. For the protection of personal data of the PHOBS d.o.o. company, see the link:
https://phobs.net/privacy-policy/
- business partners for their needs only in accordance with the relevant legal bases,
- media houses and digital marketing agencies for the purpose of publishing photos in the print media, on websites and social networks,
- in the event that you are the organizer of an event taking place in our premises and request services related to such an event, at your request we may share information about the event with third parties who may send you offers for services you request last name and contact information) In certain circumstances, we have a legal obligation to transfer your personal data, and the processing of personal data may include the international transfer of the same. The legal obligation may arise from national or EU rules. Therefore, your data may be passed on to other recipients when we are bound by the relevant regulations to the extent necessary to achieve the established purpose. Your personal information will not be passed on to third parties for direct marketing purposes.

5. SECURITY OF PERSONAL DANA

We collect and process personal data in a way that ensures adequate security and confidentiality in their processing and enables the effective application of the principles of data protection, reducing the amount of data, the scope of their processing, storage period and their availability. We take all appropriate technical and organizational safeguards to prevent accidental or unlawful destruction, loss, alteration, unauthorized use, disclosure, access or access to data. All employees of the processing manager undertake to keep personal data by signing a confidentiality statement.

6. TIME PERIOD OF STORAGE OF PERSONAL DATA

We process your personal data until the purpose of the processing of personal data is fulfilled. After the termination of the purpose for which they were collected, we no longer use your personal data, and they remain in our storage system and we keep them as far as we are obliged by legal regulations on the storage of archives.

7. DATA ON THE DATA PROTECTION OFFICER - CONTACT INFORMATION

In order to achieve your rights, you can contact the appointed personal data protection officer by sending a written notice or request to the personal data protection officer by e-mail to the e-mail address gdpr@veneficus.hr. or by mail to the address: briig boutique hotel, Prilaz Braće Kaliterna 1, Bačvice, 21000 Split, Croatia.

8. PRIVACY POLICY CHANGES

We regularly update the privacy policy to make it accurate and up-to-date, and we reserve the right to change its content if we deem it necessary. You will be informed about all changes in a timely manner via our website in accordance with the principle of transparency.

9. QUESTIONS AND COMMENTS

The controller will respond to all requests from respondents in accordance with the General Data Protection Regulation 2016/679 (GDPR). If you have any questions or comments about the data protection policy and in order to answer all your inquiries regarding the processing of your personal data, please contact us in writing at the e-mail address of the appointed data protection officer: gdpr@veneficus.hr.