TERMS & CONDITIONS
By accessing the website of TRASORKA and using or downloading any of its content or parts, you agree to and accept the terms and conditions provided below:
- You use the published pages and information in them at your sole risk; TRASORKA does not take any responsibility for any incorrect information published.
- This website are intellectual property of TRASORKA. All content is proprietary and owned by TRASORKA
- Content published on the website may not be distributed or otherwise used for commercial purposes without written approval of TRASORKA or use in any manner to cause damage to TRASORKA or any third party. Data, photographs and information may only be used for private purposes of an individual user, subject to third party copyrights and rights in accordance with the laws of the Republic of Croatia. Croatian courts have exclusive jurisdiction over any disputes and claims arisen from or in connection with the use of the website.
- TRASORKA does not warrant that the content on this website is appropriate for or available to users in certain locations and is not responsible for access to them from the territories of countries where their content is prohibited by law. Access to the website from such locations will be deemed voluntary and a responsibility of the user under the applicable law.
- Information on the website is considered to be accurate and reliable at the time of their entry, however, TRASORKA warns you that there is a possibility of deviation in accuracy of information stored on the website at the time a user accesses them. TRASORKA is not responsible for any consequences of damages as a result of using any information on the website. TRASORKA reserves the right to update or change any information without prior notice.
- TRASORKA waives any liability arisen from or in connection with the use of this website, any use or abuse of any content of this website by a user, or any damage incurred by a user in connection with the use or abuse of this website.
- This website contains documents, information and links to other websites created by third parties that will, whenever possible, be identified as such. TRASORKA does not have any control of such information and waives any liability for the accuracy and availability of information on third party websites.
- Prior to posting a link to your website, please request approval from TRASORKA
- Any use, reproduction or distribution of the design or background of the TRASORKA website and the design of the logo owned by TRASORKA is prohibited without express permission of TRASORKA. Unless otherwise agreed, data, information and documents published on the website may only be used for personal purposes, subject to all copyrights and proprietary rights and third party rights.
- DATA CONTROLLER AND REGULATORY FRAMEWORK
- SCOPE OF APPLICATION
- DATA PROTECTION OFFICER
- PERSONAL DATA PROTECTION PRINCIPLES
- LAWFULNESS OF PERSONAL DATA PROCESSING
- TYPES OF PERSONAL DATA PROCESSED
- TRANSFERRING DATA TO THIRD PARTIES
- DATA RETENTION PERIOD
- DATA SUBJECT RIGHTS
- PROTECTION OF PERSONAL DATA OF CHILDREN
- SOURCES OF PERSONAL DATA
- TECHNICAL AND ORGANIZATIONAL DATA PROTECTION MEASURES
- ACTIONS TAKEN IN THE EVENT OF A PERSONAL DATA BREACH
- ACCOMMODATION AT OUR FACILITIES (hotels, apartments, camps)
- CONTEST / SURVEY QUESTIONNAIRE FORM
- RETENTION PERIOD
- PUBLIC NOTICES
- WEBSITES, COOKIES AND INTERNET TECHNOLOGIES
Controller and Regulatory Framework
In its role as a controller, TRASORKA undertakes to protect your personal data. We collect, process and store your personal data pursuant to the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, i.e. the General Data Protection Regulation – GDPR (“Regulation”), the Act on the Implementation of the General Data Protection Regulation (Official Gazette, 42/2018), and other relevant regulations applicable in the Republic of Croatia.
Scope of Application
This Policy applies to all circumstances in which TRASORKA processes personal data as a controller, unless defined otherwise for specific processing situations in some other policy or document of TRASORKA. In any case, the core personal data processing principles, the contact details of the Data Protection Officer, and other provisions laid down in the General Section of this Policy apply, without exception, to all circumstances in which we process personal data, regardless of whether such processing is specifically covered by the Special Section of this Policy or not. In the Special Section of this Policy, we describe in more detail certain specific situations in which we process data, which account for the vast majority of the processing activities performed by TRASORKA.
Data Protection Officer
TRASORKA has appointed a Data Protection Officer (“DPO”). If you have any questions with regard to personal data protection or you wish to exercise any of the rights guaranteed to you under the Regulation, you can contact our DPO by e-mail at the following e-mail address: [email protected].
TRASORKA regards the principles of data processing as core values that must be adhered to in all stages of personal data processing, i.e. from the time the data are collected until the moment they are destroyed or erased, or until the processing is discontinued for some other reason. TRASORKA processes data:
- lawfully – the processing is considered possible if and to the extent it is permitted by law;
- fairly – taking into account the specific circumstances of each individual relationship, implementing all appropriate safeguards to ensure protection of personal data and privacy in general, and allowing the data subjects to exercise their rights;
- transparently – data subjects are informed about the processing of their personal data; more precisely, they are informed about all aspects of data processing at the time the data are collected and are ensured a simple and quick access to their data throughout the period during which their data are processed, including the possibility of checking the relevant data and receiving a copy of the same pursuant to the provisions of the Regulation; access to certain information may be restricted, but only if such restriction is prescribed by law or if necessary for the purpose of protecting third parties;
- ensuring purpose limitation – personal data are processed only for the purpose for which they have been collected; they may be processed for other purposes as well, but only if the conditions defined in the Regulation are met; more precisely, to process data for other (related) purposes, the following must be considered: (a) any link between the purposes for which the personal data have been collected and the purposes of the intended further processing; (b) the context in which the personal data have been collected, in particular regarding the relationship between the data subjects and TRASORKA; (c) the nature of the personal data, in particular whether special categories of personal data are processed, pursuant to Article 9 of the Regulation, or whether personal data related to criminal convictions and offenses are processed, pursuant to Article 10 of the Regulation; (d) the possible consequences of the intended further processing for data subjects; and (e) the existence of appropriate safeguards;
- ensuring storage limitation – the data are kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; they may be kept for longer periods, but only if permitted by the Regulatio
- ensuring data minimization – only such data which are adequate, relevant and limited to what is necessary are processed; in particular, we are very careful not to collect any data in respect of which no justification for processing exists;
- ensuring accuracy – we take reasonable steps to ensure that the data are accurate and kept up to date, and that all inaccurate data are erased or rectified;
- ensuring integrity and confidentiality – we ensure appropriate security of the personal data, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures; the relevant measures are applied taking into consideration the risks associated with different types of data processing.
Lawfulness of Personal Data Processing
In order to ensure lawfulness of personal data processing, TRASORKA processes personal data only if and to the extent that one of the following applies:
- the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; this is the most frequent purpose for which the data concerning data subjects are processed; this type of processing rests on the grounds of an existing or potential contractual relationship;
- the processing is necessary for compliance with a legal obligation to which the controller is subject; as a legal entity, TRASORKA is subject to a number of obligations prescribed by various regulations; this particular obligation refers primarily to the collection of data, but very often also includes submission of data to state authorities;
- the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, taking into consideration the reasonable expectations of the data subject based on his or her relationship with the controller, in particular where the data subject is a child; in cases where it relies on this legal basis, TRASORKA assesses whether the processing is appropriate considering the business needs, takes steps to minimize invasiveness as well as makes sure that the interests of the data subject do not override the legitimate interests of TRASORKA or some third party; the purposes for which this type of processing may be performed include, for example, administrative purposes, computer network security protection, direct marketing, operational improvements; data subjects have the right to object to the processing of their data in any of the mentioned circumstances;
- the processing is necessary in order to protect the vital interests of the data subject or of another natural person; the right to personal data protection is not an absolute right; TRASORKA regards that right as equal to other fundamental rights and applies the principle of proportionality in the determination of the same; TRASORKA accepts the possibility that, in certain situations, it may be necessary to process personal data to protect the vital interests of the data subject or of another natural person;
- the data subject has consented to the processing of his/her personal data for one or more special purposes; in cases where it processes personal data relying on consent, TRASORKA takes steps to ensure that such cases refer to situations in which the act giving, refusing to give or withdrawing consent does not produce any, formal or informal, consequences; where the processing is based on consent, the data subject has the right to withdraw his/her consent at any time without negative consequences; such withdrawal will not affect the lawfulness of the processing based on consent before its withdrawal.
In exceptional cases, TRASORKA may process certain data it would not ordinarily process, e.g. it may collect information for the purpose of implementing a recommendation issued by the Croatian Institute of Public Health (“HZJZ”) in the event of epidemics and similar situations and/or circumstances.
Type of Personal Data Processed
Special Categories of Personal Data: TRASORKA will process special categories of personal data only in the circumstances defined in Article 9 of the Regulation. More specifically, we may process certain employee data that belong to special categories of personal data, e.g. trade union membership data (for the purpose of exercising special rights under relevant regulations, for example), information regarding religious or philosophical beliefs (for the purpose of exercising the right to additional non-working days on religious holidays, for example, provided however that the relevant person voluntarily discloses such information for the said purpose), or certain data concerning health (for the purpose of complying with special safety-at-work regulations or maintaining an employee register, for example, or in situations where special health certificates are required for specific jobs, and similar).
Data Concerning Criminal Convictions and Offenses: if and to the extent permitted by law, TRASORKA may also process personal data concerning criminal convictions and offenses, e.g. employee non-conviction certificates.
Personal data that do not belong to either of the two previously mentioned groups: the personal data that do not belong to either of the two previously mentioned groups in fact account for the largest part of the data that we process, including primarily identification and contact details, e.g. first and last name, PIN, and the data created when the data subjects move within the facilities or on the premises under video surveillance.
Most of the personal data collected by TRASORKA are obtained directly from data subjects. We therefore kindly ask that you do not provide any ‘sensitive data’ (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, bank/credit/debit card numbers or account numbers, where not requested, and similar), unless provision of such data is necessary. If you intend to provide sensitive data, for any reason, please be advised that by doing so you give your explicit consent to the collection and use of such data in the ways described in this Privacy Statement/Policy, or in the manner described at the time such data are disclosed.
Transferring Data to Third Parties
TRASORKA shares personal data with others only if and to the extent permitted by law.
For the purpose of complying with its statutory obligations, TRASORKA transfers certain data to third parties, e.g. it submits guest data into the eVisitor system and send the relevant employee data to the competent institutions, including the Croatian Pension Insurance Institute (“HZMO”), the Croatian Health Insurance Fund (“HZZO”), the Tax Administration, the Central Registry of Affiliates (“REGOS”), and pension companies. There are also situations in which TRASORKA is required to submit or make particular data available for inspection to different institutions and authorities. In that context, we may occasionally submit employment-related data to the Croatian Employment Service, e.g. for the purpose of registering our employees for participation in Active Labor Market Policy measures; to the competent Police Department or the Ministry of Internal Affairs, e.g. if senior state officials stay at our facilities, or if required in connection with the issuance of work permits; to the Ministry of Tourism when offering employment to scholarship recipients; to the Ministry of Economy and Entrepreneurship in connection with the use of investment subsidies; as well as to insurance companies; banks; and others, in situations prescribed by the regulations.
Certain employee data are also transferred to banks and pension funds for the purposes of the payroll process, and certain data may be transferred to creditors in accordance with enforcement regulations. Sometimes we share data in accordance with contractual obligations. For example, when pupils attend practical training at our facilities, we exchange data with the relevant schools and faculties; or when our employees participate in events organized by different schools (e.g. Gastro and similar), we share the relevant employee data with such schools.
Furthermore, we share certain personal data with business entities for the purpose of arranging specific services, e.g. medical examinations for employees (contracted occupational medicine service provider); institutions organizing statutorily required education and training (e.g. Safety at Work, Minimum Hygiene Requirements, Toxicology); organizers of other types of educational activities attended by employees of TRASORKA for registration purposes; hotel and other accommodation facilities where the relevant employees are accommodated while attending such activities; audit companies conducting the statutory audit; notaries public when certification is required; the Financial Agency for the purpose of obtaining business certificates; entities subject to public procurement regulations when responding to public tenders (as a bidder); as well as for the purpose of assigning and using company cards, mobile devices, or purchasing fuel.
We may also transfer data to other business entities, who act as data processors, i.e. those that process data in the name of TRASORKA, as the data controller. We are primarily referring to business associates of TRASORKA that provide IT services. They keep the relevant personal data in their databases or have the possibility of accessing them during the period in which they are processed. We enter into written agreements with such entities for the purpose of regulating their authorizations and obligations with regard to the processing of personal data, in accordance with the requirements laid down in the Regulation.
Where the processing involves a transfer of personal data to third countries, TRASORKA will ensure that high standards of protection are applied in order to guarantee the highest possible level of personal data protection, in accordance with the rigorous requirements laid down in the Regulation. To be more precise, if it intends to make an international transfer of personal data, TRASORKA will inform the data subject of its intention to transfer his or her personal data to a third country or an international organization as well as of the existence or non-existence of an adequacy decision issued in that regard by the European Commission. Any transfer of personal data to a third country must be performed in accordance with Chapter V of the Regulation.
Data Retention Period
The data relating to data subjects will be processed and stored during the period defined in the relevant statutory regulations if the obligation to store such data is prescribed by law (e.g. the records on the basis of which invoices are issued are kept for 11 years). In situations where TRASORKA is authorized to determine the retention periods in its sole discretion, the data will be stored for as long as necessary depending on the purpose of processing, the legitimate interests of TRASORKA, and the interests of data subjects regarding erasure.
Data Subject Rights
Regardless of the basis for collecting data, data subjects can exercise the following rights free of charge, within the limits prescribed by the Regulation:
Right to obtain information: the data subject has the right to obtain information about the processing and the purposes of processing. TRASORKA takes care that the data subject is provided all the information necessary to ensure a fair and transparent processing, taking into account the context of such processing.
Right to erasure (“right to be forgotten”): the data subject has the right to request from TRASORKA that the personal data concerning him or her be erased without undue delay in accordance with the conditions laid down in the Regulation. To exercise this right, data subjects must send a written request to TRASORKA, the data controller. Requests can also be sent by electronic means. In your request, you should specify exactly which data you want us to erase considering that your data can be kept relying on different legal bases, e.g. a data subject can at the same time be our guest and a job applicant. You can request that the personal data concerning you be erased if one of the following applies:
- your personal data are no longer necessary in relation to the purposes for which we have collected or otherwise processed them,
- you have withdrawn your consent on which the processing is based and there is no other legal ground for the processing,
- you have objected to the processing of your personal data and we have no overriding legitimate grounds for the processing,
- the personal data have been unlawfully processed,
- the personal data have to be erased to comply with a legal obligation.
In certain situations it will not be possible to fully execute a request for erasure, e.g. in cases where the controller has a statutory obligation to store data, where the legitimate interests of the controller override those of the data subject, or where the controller has an interest associated with establishing, exercising or defending legal claims.
Right to access data: at the request of the data subject, TRASORKA will confirm whether or not personal data concerning him or her are being processed and, if they are, we will ensure access to the relevant personal data and the purpose(s) of processing, the categories of personal data concerned, the potential recipients to whom the personal data will be disclosed, and other data in accordance with the requirements prescribed by the Regulation. The data subject has the right to receive a copy of the personal data undergoing processing. Access to personal data may be restricted only in cases defined by the law, or where such restriction does not adversely affect the fundamental rights and freedoms of others.
Right to rectification: the data subject has the right to request from TRASORKA that the personal data concerning him or her which are inaccurate be rectified without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed. To exercise this right, data subjects must send a written request to TRASORKA, the data controller. Requests can also be sent by electronic means. In your request, you should specify exactly which data are inaccurate, incomplete or out-of-date and in what sense they should be rectified, as well as provide the necessary documents to corroborate your statements.
Right to data portability: the data subject has the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format in accordance with the requirements laid down in the Regulation.
Right to object to the processing: where TRASORKA processes data based on its legitimate interests which override those of the data subject, the data subject has the right, on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her.
Right to restriction of processing: the data subject has the right to request from TRASORKA that the processing of their personal data be restricted if he or she contests the accuracy of the personal data; if he or she believes that the processing is unlawful and opposes the erasure of the personal data and requests the restriction of their use instead; or if he or she has objected to the processing, pending the verification whether legitimate grounds of the controller override his or hers.
In any case, data subjects may also:
- file a complaint with the Data Protection Officer (DPO), or
- lodge a complaint with the supervisory authority (i.e. Personal Data Protection Agency) if they believe that their data protection rights have been violated.
TRASORKA has the right to protect its own interests as the controller and has the obligation to protect the interests of the data subjects. It may therefore perform certain activities for the purpose of verifying the identity of the person submitting the request.
Furthermore, TRASORKA may design a request form to ensure that requests are handled in the most efficient way possible.
At request, TRASORKA will provide information about the actions taken with regard to the exercise of data subject rights without undue delay and, in any case, within 30 (thirty) days from the date of receipt of the request. This period may, if necessary, be extended for additional two months, depending on the complexity and number of requests received. TRASORKA will inform the data subject of such extension within 30 (thirty) days from the date of receipt of the request, along with the reasons for the delay.
If the data subject submits his or her request by electronic means, TRASORKA will, whenever possible, provide its answer in the same manner, unless the data subject requests otherwise.
Actions taken in an effort to honor a data subject request are generally free of charge. However, where requests received from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, TRASORKA may either charge a reasonable fee taking into account the administrative costs or refuse to act on the request.
Protection of Personal Data of Children
TRASORKA advises parents and guardians, or other relevant legal representatives, to teach children/minors (persons under 18) how to use their personal data safely and responsibly, in particular on the Internet. We will process the personal data which concern children/minors only if we obtain prior consent of their parent/guardian (for example, we may process the personal data relating to scholarship recipients, children who are staying at our facilities as guests, visitors to our Children’s Club, etc.).
Sources of Personal Data
Technical and Organizational Data Protection Measures
TRASORKA, as the controller, takes care that the highest technical and organizational data protection standards are applied. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons posed by the processing, TRASORKA implements appropriate technical and organizational measures, both at the time of the determination of the means for processing and at the time of the processing itself, to ensure effective application of the data-protection principles.
In addition, TRASORKA applies appropriate technical and organizational measures to ensure that, by default, only personal data which are necessary for each specific purpose of the processing are processed. We apply the relevant measures to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. In particular, such measures are applied to ensure that personal data are not made accessible by default, i.e. without the individual’s intervention, to an indefinite number of natural persons.
Actions Taken in the Event of a Personal data Breach
TRASORKA, as the controller, will assume the obligation to notify the competent supervisory authority in the case of a personal data breach without undue delay and, where feasible, no later than 72 (seventy-two) hours after becoming aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
The notification sent to the supervisory body must contain all information defined in the Regulation.
If the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, TRASORKA, as the controller, will communicate the personal data breach to the data subject without undue delay. In particular cases prescribed by the Regulation, the communication to the data subject will not be required.
Accomodation at our facilities (villas, houses, glamping tents, mobile homes)
The main area of activity of TRASORKA is provision of accommodation services at its villas, houses, glamping tents, mobile homes. We therefore collect and process your personal data for various purposes with the ultimate goal to provide quality accommodation and related services in accordance with the highest standards.
TRASORKA, as the controller, stores the personal data you are required to provide in order to receive accommodation services in its database for the purpose of performing the accommodation agreement and complying with the statutory obligations prescribed for the hospitality sector. Unless you provide to us the minimum required data for making a reservation of accommodation or for registering you with all the competent authorities during your stay at our facilities, TRASORKA will not be able to provide accommodation services to you, or at least not such that are in compliance with the agreement and the law.
We require certain data to take particular actions at the request of data subjects prior to concluding an accommodation agreement. For example, before making a reservation, TRASORKA sends accommodation offers to potential guests in response to their inquiries. To create such offers, we need certain personal data, i.e. at least the first and last name and the e-mail address of the person who has made the inquiry to whom the offer will be sent.
The personal data which we collect when making a reservation of accommodation (via the Internet or over the phone, or on the basis of an e-mail in which the potential guest accepts our offer) to comply with the requirements concerning reservations are:
- first and last name of the person for whom the reservation is made,
- first and last name of other guests to which the reservation refers,
- permanent address (in the case of Croatian citizens),
- date of birth,
- identification document number, type and place of issue,
- name of the facility,
- accommodation unit number,
- check-in and check-out dates,
- number of persons for which accommodation is reserved and room assignment,
- number and identity of underage children,
- possible other specific details, as requested by the person making the reservation,
- e-mail address, if any,
- preferred language of communication,
- phone number,
- payment method.
In the event of cancellation, your data will be retained for future reference in case we need to prove that the reservation was made, or that it was cancelled.
When they arrive at the facility, the guests usually register at the reception by completing the registration form or by verifying the data entered on the registration form. In any case, the data from the registration form are recorded in the guest database, from which they are automatically forwarded to the eVisitor system (a unique online guest check-in and check-out information system) for the purpose of complying with the statutory obligations. The data which we collect for this purpose (which may vary depending on the changes in the applicable regulations) are:
- first and last name,
- city, country and date of birth,
- identification document number and type,
- permanent (temporary) residence and address,
- date and time of arrival to (check-in) and departure from (check-out) the facility,
- basis for exemption from the obligation to pay sojourn tax, or for a reduction in the sojourn tax fee.
The afore-mentioned data are processed by the tourist offices and public authorities of the Republic of Croatia for the following lawful purposes:
- checking compliance with the obligation to submit guest check-in and check-out information in the case of entities subject to such requirement (i.e. accommodation service providers),
- keeping a record of, charging and collecting the sojourn tax,
- maintaining a guest register or a list of guests by accommodation service providers and checking compliance with the said obligation by the relevant inspection authorities,
- registering foreign nationals with the Ministry of Internal Affairs and checking compliance with the said obligation by the relevant inspection authorities,
- maintaining a list of tourists by travel agencies, and statistical analysis and reporting,
- supervising the operations of accommodation service providers in the part that refers to the lawfulness of the registered activity, i.e. services, and checking compliance with tax regulations and other regulations relating to public duties.
Since it is prescribed that the data required for guest registration are to be obtained from the guest’s ID card, passport or some other identification document, the guest must present such document to us as well as provide all other information required for registration, which are not contained in the presented document. In addition, to claim certain rights and benefits, the guests must deliver the relevant deeds, certificates and documents (or copies thereof) as proof of entitlement and basis for claiming the same.
In accordance with the relevant applicable regulations, TRASORKA is also required to keep all invoices and records on the basis of which the invoices are issued, which contain personal data of guests.
If such data are directly associated with the provision of accommodation services, while you are staying at our facilities we may collect and process other data concerning your travel accommodation, such as: method of transport, persons you are travelling with, your marital status, number of children, pets, and other interests.
Before, during and after your stay, TRASORKA, as the controller, has the right, on the basis of a legitimate interest, to send to you, as our guest, the so-called ‘service e-mails’, such as reservation confirmations, reminders regarding your stay (accommodation) at our facilities, and other notifications closely associated with the reserved accommodation.
During and after your stay, TRASORKA, as the controller, also has the right, on the basis of a legitimate interest, to send to you, as our guest, satisfaction survey questionnaires, which you are kindly asked to complete and which will be processed by TRASORKA itself or by a designated associate. The primary purpose of satisfaction survey questionnaires is to gather information about the service we provide with the aim of improvement, which is our legitimate interest. We may depersonalize and process the data from the questionnaires for statistical purposes.
TRASORKA also has the right, based on a legitimate interest, to collect certain data and use them for the purpose of direct marketing, as described in the chapter entitled NEWSLETTERS.
The service e-mails and e-mails with satisfaction survey questionnaires provided in respect of a specific stay are not considered as newsletters sent for the purpose of informing guests about the offers of and news concerning TRASORKA.
On its websites, social network profiles, video walls and notice boards installed in its facilities, and also in its newsletters, TRASORKA publishes information relevant to both its existing and potential employees, business partners, and the wider public. Such notices may contain a limited set of personal data, e.g. first and last name, function, job-related data, videos, statements, and photographs.
When processing data in connection with public notices, we rely on our legitimate interest to inform the public. Certain notices are published for marketing purposes, however. In such cases, we take care to ensure that the interests of data subjects are respected. More precisely, TRASORKA will not publish the personal data of a data subject whose interest not to publish specific personal data which concern him or her override our interest to publish them. In some situations, information may also be published on the basis of consent. In such cases, we take care that the highest standards are applied.
Our public notices are of a permanent nature. In that manner, we ensure that the information provided can refer to both current events and previous activities.
If the objection to the processing of personal data for this purpose expressed by a data subject is proved founded, or if the data subject withdraws his or her consent, where the processing is based on consent, we will stop processing the personal data that concern the relevant data subject for this purpose in any manner feasible.
TRASORKA processes personal data for direct marketing purposes relying on its legitimate interest. In this context, we primarily refer to the sending of offers and notices of TRASORKA via e-mail in the form of newsletters. Relying on its legitimate interest, TRASORKA may send various newsletters depending on the nature of our relationship with the data subject. For this purpose, we collect the personal data of guests and persons who have submitted a request for offer or reserved accommodation with us, persons who have participated in one of our contests, persons who have joined one of our loyalty programs, persons who have filled out our satisfaction survey questionnaire, persons who have made a purchase at our web store, as well as persons who have established a relationship with TRASORKA in some other manner. The personal data collected for this purpose include primarily the first and last name and the e-mail address of the data subject but certain basic information about the data subject’s relationship with TRASORKA is collected as well (e.g. the facility in question, the details of the purchase, the event arranged). The data subjects have the right to object to such processing, including profiling to the extent that it is related to such direct marketing, whether with regard to initial or further processing, at any time and free of charge, as prescribed in the introductory recital (70) of the Regulation.
On some of its websites, TRASORKA provides a functionality allowing users to subscribe to its newsletters. To avoid errors or misuse when entering e-mail addresses, we implement the so-called ‘double opt-in process’ (2-step verification). More precisely, after a user enters his or her e-mail address in the Subscribe field, TRASORKA sends a confirmation link to the relevant e-mail address. Once the user clicks on that link, his or her e-mail address is added to the mailing list kept for a particular newsletter. Such newsletters are sent based on consent, which you, as the user, give by completing and confirming the relevant form on our website. You will be informed about the content and purpose of the newsletter at the time of subscription (e.g. notifications about special deals currently offered at our facilities, job openings, and similar).
Where the data subjects voluntarily provide certain additional data when updating their profiles on our websites, TRASORKA will, relying on your consent, use such data for the purpose of sending newsletters as well.
Furthermore, the period during which the personal data provided for the purpose of sending newsletters may be processed is 10 (ten) years, counting from:
the date of the data subject’s last stay at our facilities, or termination of other business relationship with us, where the newsletters are sent relying on a legitimate interest; or
the date on which the data subject has given us his or her consent, where the newsletters are sent on the basis of consent.
In all cases in which the data subject provides his or her consent, he or she will have the right to withdraw their consent, including such that is provided for the purpose of profiling, whether with regard to initial or further processing, at any time and free of charge. The relevant data subjects will also have the right to request, at any time, that their personal data be rectified or that they “be forgotten”.
And finally, regardless of the legal basis for receiving newsletters, you are free to unsubscribe from any newsletter by clicking on the link found at the bottom of the newsletter/SMS free of charge and without additional consequences. If you unsubscribe from a newsletter, it will no longer be sent to you, but your data will however be archived. More precisely, the fact that you have unsubscribed from a newsletter does not affect the legitimate interest of TRASORKA to continue sending service e-mails and satisfaction survey questionnaires related to a specific stay at our facilities or other service e-mails to data subjects in respect of which we rely, in terms of personal data processing, on more than one legal basis (e.g. they are also guests at our facilities, or job applicants).
Websites, Cookies and Internet Technologies
It is possible that even more websites will be created in order to provide the best possible service to our users, as well as to enable them to access the content which interests them more simply and quickly.
In this context, TRASORKA may obtain personal data from visitors to its websites and users of its applications. The relevant data are used for the purpose for which they are initially provided, which is determined taking into consideration the information received at the moment of collection, or for the obvious purpose identified from the context in which such data are collected. The users can control the personal data provided in online forms or applications. The automated processing enabled by cookies may be an exception to this rule, as explained below.
On some of our websites, we provide a functionality allowing users to subscribe to our newsletters in order to receive information and offers from TRASORKA. On our websites, you can also book accommodation in our facilities, or apply for a job with TRASORKA, and you can register for various events, and similar. In all these situations, you provide the data we need to perform the specific purpose. If you make a comment on a social network or other web domains of TRASORKA, you can be requested to allow us to move your comment to another location, indicating your name next to it.
The legal basis for the processing of personal data which concern the visitors to TRASORKA websites is our legitimate interest or data subject consent, where such consent is requested from the data subject.
We may implement a wide range of new tools on our websites to enhance user experience. In all such cases we will make special arrangements with the service providers in which any processing of personal data will be described in detail.
TRASORKA advises you to make yourself familiar with those rules.
Just like many other portals, the websites of TRASORKA use ‘cookies’ (small files placed on your computer when you visit our websites to ensure the basic or additional website functionalities) and other technologies, which serve to facilitate content delivery, depending on your interests, processing of reservations or requests, and/or analyzing the details of your visit. Cookies may not be used to reveal your identity.
TRASORKA uses various types of cookies which differ…
…in terms of function:
strictly necessary cookies – they enable a website to function; a website cannot function without these cookies (it cannot be opened and may not even be visible); strictly necessary cookies are used for the transmission of communication and are necessary for providing information society services explicitly requested by the user; these cookies also enable the basic analysis of a website with the aim of improving its functioning based on fully anonymized data, i.e. not your personal data or any data which can in any manner be attributed to you; your consent is not necessary for placing the cookies of this type on your device, and is therefore not requested;
functionality cookies – these cookies enable a more advanced analysis of the functioning of a website; they are used to analyze user behavior; the collected anonymized data are used to determine the preferences and interests of website visitors, which allows us to customize our websites and make access to the website content and use of the website functionalities as simple as possible; the cookies of this type may not be placed on your device without your consent;
…in terms of their source:
first-party cookies – these cookies are created and placed by the website you are visiting, and may be permanent or temporary; they enable a website to store data to be used when the user visits the same website again;
third-party cookies – these cookies are created and placed by one or more websites, other than the one you are visiting; they enable other websites to track the use of the website you are visiting for marketing or analytical purposes.
…in terms of duration:
permanent (stored) cookies – these cookies remain on your computer even after you close the web browser; they are used by the websites to store data, such as username and password, language settings or cookie preferences, so that you do not have to enter them each time you visit a particular website; the cookies of this type can stay on your computer or mobile device for days, months, or even years;
temporary (session) cookies – these cookies are deleted once the web browser is closed; they are used by the websites to store temporary data, such as the last few pages you have opened while visiting a particular website or the items you have put in your shopping cart while visiting a website which serves as a specialized online store.
The cookies placed by TRASORKA websites are stored in the user’s browser for a maximum of 2 years.
You can delete the cookies stored on your computer at any time. However, by doing so, you also disable any further processing of your personal data using the relevant technology. Web browsers implement different procedures for deleting cookies.
Below are the links where the cookie deletion procedures of the most popular browsers are explained: