Nemunas Aparthotel - online booking system

Online reservation rules:

I. Online Booking Process

Steps of booking through the online booking system:
1. The Client may choose from the Packages and standard accommodation offered as stated in the booking table.
2. On familiarisation with the Package and its price, the Client selects the time of stay for the selected room as well as additional terms or a Package.
3. On selection of an offer, the Client proceeds to a form, which needs to be completed by specifying the Client’s personal data and optional comments on the booking.
4. On completion of the form the Client makes an advance payment by one of the following methods:
* Credit card (Visa, Mastercard, Eurocard);
* Electronic bank transfer (EveryPay).
4a. Having selected one of the first two options the Client is directed to a page where payment can be made by means of EveryPay payment system. Authorisation starts upon connection to EveryPay through an encrypted protocol. After EveryPay accepts the payment, the Client receives a confirmation of payment and booking by an automatic email message. The email message will specify the Client’s data, name of the hotel, total price of the accommodation, advance payment made and the remaining amount payable. The Client will pay the remaining amount upon arrival to the hotel. The email message confirming the booking has to be presented at the hotel as a proof of the advance payment and of the remaining amount payable.
4b. Having selected the third option (payment by bank transfer or later payment), the Client will receive a confirmation of initial booking, which will be finally confirmed upon making the advance payment by an ordinary bank transfer or online. The booking has the status of an initial booking 48 hours after its making and may be cancelled if no advance payment is received. On receipt of the advance payment, an email message confirming the booking is sent to the Client. The Client has to present the confirmation email to the hotel manager for final settlement.
4c. Client, who uses an account in the BookingRobot system has the ability to link his credit card (s) to the account. In this case, each time you purchase a hotel service, a monetary amount will be debited from the customer's credit account automatically, once, at the time of purchase. No additional payments are required. A card link can be canceled at any time in account settings, by pressing "Delete" button. The data security of the client’s credit cards is provided by EveryPay, accredited by the Lithuanian Bank.
5. The Client understands that, in case of a failure/programming error in the online booking system, the published price for the services is unreasonably low/high considering the content of the services; the hotel is entitled to notify the error to the Client within 10 days from the booking confirmation and request payment of the full price. Should the Client refuse to pay the full price, the hotel may cancel the contract/refuse to provide the services. In such a case, the hotel will not indemnify the Client for any losses.

Ia. Booking at Request
In cases where there are no rooms available online, the Client may be offered a room at the Client’s request. Upon completing the form, the Client receives an email confirmation of the time of stay (or information that no rooms are available) with the instructions for the making of the advance payment. The Client may make an advance payment by credit card or by an electronic or ordinary bank transfer. The booking will be confirmed upon receipt of the advance payment. Upon making the advance payment the Client will receive an email confirmation of the booking, which the Client has to present upon arrival to the hotel for final settlement.

II. Payment and Cancellation of Booking

1. The Client makes the advance payment by one of the three methods used by the system and pays the remaining amount upon arrival to the hotel.
2. There are no booking transaction costs for the Client.
3. Cancellation of the booking no later than 3 days prior to the arrival time is free of charge. The hotel will refund the full amount paid within 21 day.
4. Should the Client cancel the booking less than 3 days prior to the arrival time, the advance payment will not be refunded. In case of such cancellation, the Client will lose the advance payment.
5. Should the Client change the booking details after making an online booking at a discount price of the Package offered by the hotel, the hotel is entitled to recalculate the full price of the order at the current prices.

III. Final Provisions

1. The Client is obliged to provide correct details in the booking form. The hotel is not liable for the wrongly chosen check-in or check-out dates or any other details wrongly specified by the Client.
2. Responsibility for the correct servicing of the payment for the online booking lies with EveryPay electronic payment system.
3 . The hotel and the company servicing online payments are not liable for unavailability of the system and other faults occurring for reasons beyond their control.

IV. Personal Data

By booking a Package at the hotel, the Client agrees to the recording of his/her personal data in a service database. The data will be used for the finalisation of the booking procedure and for marketing purposes under the agreement on personal data protection dated 28/09/1997.

V. Confirmation of Acceptance of Terms and Conditions

By ticking ‘Accept Terms and Conditions’, the Client confirms that he/she understands and accepts the terms of conditions of the booking. The booking is not valid without such confirmation.

Gift coupons reservation rules:

1. The Present coupon(s) confirms the right of the holder of the Present coupon(s) to use servises specified in the amount of coupon(s).
2. The holders of the Present coupon(s) can enjoy the services provided belonging only to UAB Nemunas Aparthotel.
3. If the desired purchase amount exceeds the value of the Present coupon(s), actual difference can be paid in cash.
4. The Present coupon shall not be exchanged to cash.
5. The Present coupon(s) is valid during 3 months period from its purchase date.
6. If the Present coupon was not used until the end of its validity period, it will be regarded as null and void.
7. If the holder of the Present coupon acquires services for the amount lower that the amount specified in the Present coupon(s), remaining amount is not returned to the holder of the Present coupon.
8. The holder of the Present coupon having paid by the Present coupon(s), shall not be given the VAT invoice.
9.The Present coupon you must use at one time.

________________________________________

UAB „NEMUNAS APARTHOTEL“
Company ID: 307171964
VAT ID: LT100018246719
Phone: +37065888353
Email: info@nemunasaparthotel.lt
Adress: Liepų g. 1-314, LT-66116
Druskininkai, Lithuania

This Privacy Policy defines the principles and procedures for the processing of personal data carried out by Nemunas Aparthotel, UAB.
1. GENERAL PROVISIONS

1.1. Nemunas Aparthotel, UAB ensures that personal data is processed lawfully, fairly, and transparently, collected for specified and clearly defined purposes, and not further processed in a manner incompatible with those purposes.
1.2. Definitions used in this Policy:
1.2.1. personal data – any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
1.2.2. data controller – Nemunas Aparthotel, UAB, code: 307171964, registered office address: Liepų g. 1-314, LT-66116 Druskininkai;
1.2.3. data subject – a client of the Company – any natural person whose personal data is processed by the Data Controller;
1.2.4. data processing – any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
1.3. The terms, principles, and other provisions used in this Policy comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other applicable legal acts.
1.4. A data subject shall be deemed to have read and familiarized themselves with this Policy when voluntarily providing their data (email address and phone number) by signing the guest registration form.
1.5. The Data Controller ensures that:
1.5.1. personal data is processed lawfully, fairly, and transparently (principle of lawfulness, fairness, and transparency);
1.5.2. personal data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes (purpose limitation principle);
1.5.3. only such personal data is collected that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed (data minimization principle);
1.5.4. only accurate personal data is processed and, where necessary, kept up to date; every reasonable step is taken to ensure that inaccurate personal data, having regard to the purposes for which it is processed, is erased or rectified without delay (accuracy principle);
1.5.5. personal data is kept in a form permitting identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed (storage limitation principle);
1.5.6. personal data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (integrity and confidentiality principle);
1.5.7. the Data Controller is responsible for compliance with the above principles and must be able to demonstrate compliance (accountability principle).
1.6. When using third-party services, for example by visiting the Data Controller's social media accounts, third-party terms may apply. Therefore, it is recommended to also review the terms applied by such third parties when using their services.

2. COLLECTION, PROCESSING AND STORAGE OF PERSONAL DATA

2.1. For the purposes of the Company's activities, including the provision and performance of services/works, purchase, sale, participation in other activities, issuance of invoices, and data analysis, the Data Controller has the right to process the following personal data of the Data Subject:
2.1.1. name, surname;
2.1.2. personal identification number or date of birth;
2.1.3. telephone number, email address;
2.1.4. residential address;
2.1.5. bank account number (for payment of services);
2.1.6. data about the real estate purchased/sold/owned by the data subject (extract from the Real Estate and Cadastre Register of the State Enterprise Centre of Registers);
2.1.7. correspondence by email and on social media (non-public posts).
2.2. For direct marketing purposes, the Data Controller has the right to process the Data Subject's:
2.2.1. name, surname;
2.2.2. telephone number, email address;
2.3. For the purposes of handling customer inquiries and ensuring quality of services, the Data Controller has the right to process the Data Subject's:
2.3.1. comment;
2.3.2. name, surname;
2.3.3. telephone number, email address.
2.4. Storage of personal data:
2.4.1. personal data related to the main activities of the Company (short-term rental, maintenance, and management of real estate and related areas) shall be stored for 10 (ten) years. This term is set due to possible inspections by state institutions (e.g., State Tax Inspectorate, Social Insurance, etc.), which may be initiated after 5 years from the conclusion of a specific contract and may require data for the previous 5 years;
2.4.2. data collected for direct marketing purposes (offering rentals, purchases, etc.) shall be stored for 5 (five) years from the date of collection;
2.4.3. personal data collected for the purpose of handling inquiries shall be stored for 1 (one) year from the date of collection;
2.4.4. personal data collected for invoicing purposes shall be stored in accordance with legal requirements applicable to accounting.
2.5. The Data Subject may submit a request to withdraw consent for the processing of their personal data at any time by sending an email to info@nemunasaparthotel.lt or by visiting the Company's office at Liepų g. 1-314, LT-66116 Druskininkai.
2.6. The Data Controller may collect personal data:
2.6.1. directly from the Data Subject;
2.6.2. from publicly available sources, i.e., data of business partners and/or their representatives available in public systems (social networks, public databases, etc.).
2.7. The Data Controller undertakes not to disclose processed personal data to third parties, except in the following cases:
2.7.1. where the Data Subject has consented to such disclosure;
2.7.2. where the data is provided to data processors providing accounting, IT, payment, or other services;
2.7.3. where the data is provided to processors related to the Data Controller or cooperating with the Data Controller in real estate short-term rental, maintenance, management, purchase-sale, and related areas, or providing services/works at the request of the Data Controller (e.g., banks/companies assisting in payment operations). These parties’ ability to use the data is limited to the purposes of providing services/works to the Data Controller;
2.7.4. to other parties when required by law or necessary to protect the provision of information society services;
2.7.5. when data is provided for other necessary actions in compliance with legal obligations.
2.8. Cases when the Data Controller may disclose the Data Subject’s information to other parties:
2.8.1. in order to comply with the law or respond to a mandatory court order;
2.8.2. to confirm the lawfulness of its actions;
2.8.3. to protect the Data Controller, its rights, property, or ensure their safety;
2.8.4. to any third party in the event of a merger, transfer, or bankruptcy;
2.8.5. in other cases with the Data Subject’s consent or a legitimate request.
2.9. By providing personal data, the Data Subject grants the Data Controller the right to collect, accumulate, systematize, use, and process all personal data provided directly or indirectly while visiting the Website, for the purposes specified in this Policy.
2.10. The Data Subject is responsible for ensuring that the data provided is accurate, correct, and complete. Providing knowingly false data is considered a violation of the Policy. If the provided data changes, the Data Subject must promptly correct it or inform the Data Controller. The Data Controller shall not be liable for any damage caused to the Data Subject and/or third parties due to incorrect and/or incomplete data provided or failure to request data updates.
2.11. The Data Controller does not collect sensitive data of the Data Subject.
2.12. The Data Controller does not engage in automated decision-making or profiling based on Data Subject information.
2.13. The Data Controller does not share the Data Subject’s personal data with entities located outside the European Economic Area.

3. DATA SUBJECT RIGHTS

3.1. The Data Controller guarantees the implementation of Data Subject rights and the provision of any related information at the Data Subject's request:
3.1.1. to be informed about the processing of their personal data;
3.1.2. to access their personal data and information on how it is processed;
3.1.3. to request rectification, deletion, or suspension (except storage) of processing of their personal data;
3.1.4. to object to the processing of personal data, including for direct marketing;
3.1.5. to request deletion of personal data (the 'right to be forgotten');
3.1.6. to request data portability, i.e., to access their personal data in a commonly used, machine-readable format;
3.1.7. to lodge a complaint with the State Data Protection Inspectorate.
3.2. The Data Controller may restrict the exercise of the above rights in cases provided by law, in order to ensure the prevention, investigation, and detection of crimes, breaches of professional or ethical standards, as well as to protect the rights and freedoms of the Data Subject or others.
3.3. By presenting an identity document or verifying identity as required by law or via electronic communication (if sufficient for proper identification), the Data Subject has the right to access the personal data processed by the Company free of charge and obtain information on the sources, purposes, and recipients of their data for the past year. The Data Subject also has the right to request rectification of inaccurate, incomplete, or incorrect data, and to request suspension of unlawful data processing, except for storage.
3.4. Requests regarding the exercise of these rights may be submitted at the Company's office (Liepų g. 1-314, LT-66116 Druskininkai) by filling out a request form, or by email to info@nemunasaparthotel.lt.
3.5. Where data processing is based on consent, the Data Subject has the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
3.6. The Data Controller’s website(s) or social media accounts may contain links to third-party websites and services, which are not controlled by the Data Controller. The Data Controller is not responsible for the security and privacy of information collected by third parties. The Data Subject should carefully review the privacy policies applicable to such third-party websites and services.
3.7. If dissatisfied with the Data Controller’s response or believing that their personal data is being processed unlawfully, the Data Subject has the right to lodge a complaint with the State Data Protection Inspectorate of the Republic of Lithuania.

4. FINAL PROVISIONS

4.1. Legal relations related to this Policy are governed by the law of the Republic of Lithuania.
4.2. The Data Controller shall not be liable for damages, including those caused by website interruptions, data loss, or damage arising from the actions or omissions of the Data Subject or third parties acting with the knowledge of the Data Subject, including incorrect data entry, errors, deliberate harm, or other improper use of the Website. The Data Controller is also not responsible for disruptions or damage caused by third parties unrelated to the Data Controller or the Data Subject, including power outages, internet access disruptions, etc.
4.3. The Data Controller has the right to amend the Policy in whole or in part. This Privacy Policy is reviewed once every two (2) years and updated as necessary.
4.4. Amendments or supplements to the Policy shall take effect from the date of publication on the Website.
4.5. If, after amendments or supplements, the Data Subject continues to use the Company’s services, it shall be deemed that the Data Subject does not object to such changes.

This site uses Cookies. We provide you with information on how and for whom cookies are used and how you decide whether to leave cookies or to remove them.What is a cookie?Cookies are information items that are transferred from the website to your computer and stored on hard drive. These are small text files that allow web sites to save and regain access to information about user browsing habits. Cookies are used by most web sites as they are one of the many tools that help to tailor web content to user needs. Cookies allow web sites to provide user-driven services (for example, by remembering login data, keeping purchases in a shopping cart, or displaying only specific content that interests the user). Cookies are different: Temporary Cookies (or Session Cookies) - removed when the browser is closed; permanent cookies - are not removed and remain until they are removed by user or until their validity expires.How to remove a cookie?Most browsers are set to automatically accept cookies. You can disable cookies in your browser, but be aware that if you do so, you may lose the ability to use the many features necessary to make the website work as well. If you need more information about cookies, visit www.aboutcookies.org for detailed, independent information on how to disable cookies through your browser preferences and how to remove cookies that are already on your computer. To remove cookies from your mobile phone, you will need to read the phone's instruction manual.Types of cookiesNecessary cookies: These cookies are essential for you to look after the website and use its features, such as access to secure website areas. In addition to these cookies, you would not be able to have your desired services, such as online shopping. Performance enhancing cookies: These cookies collect information about when users are using a particular web site, such as which pages are visited most often, and whether visitors to web pages receive error messages. These cookies do not collect information that allows you to identify the site visitor. All information collected by these cookies is generic and therefore anonymous. It is used only to improve site performance. Functional cookies: these cookies allow the website to remember your chosen things (such as your name, language, or region) and offer enhanced personalized features. The information collected by these cookies can be made anonymous, and they can’t monitor your browsing activity on other websites. Target or promotional cookies: These cookies are used to display advertisements that should be of interest to you. They are also used to see certain ads for a limited number of times and to help measure the effectiveness of your campaign.

Name of cookie	The purpose of the cookie	Creation time	Period of validity	Data used
XSRF-TOKEN	Increasing the application security.	On entering the web site	2 hours
laravel_session	Session cookie generation	On entering the web site	Until the leaving the web site	PHP session identifier
_ga	Google Analytics	On entering the web site	2 years
_gid	Google Analytics	On entering the web site	4 metai
agree_with_cookies	Indicates that the user has accepted the use of cookies.	On press "I agree" button	4 years
extend_reservation_in	Save time until booking is over	On reservation creation .	1 day

Custom permissions