Privacy policy
1. What does this Privacy Policy mean?
This Privacy Policy (hereinafter – the “Policy”) provides information on how UAB Hotel Neris (hereinafter – the “Company,” “we”) processes the personal data of visitors to the website www.twosenses.lt (hereinafter – the “Website”) and individuals who submit inquiries through the Website. It also explains the rights of data subjects and how they can be exercised.
Any individual whose personal data is processed by the Company is hereinafter referred to as the “Data Subject.”
2. About the Data Controller
UAB Hotel Neris
K. Donelaičio g. 27, Kaunas
Phone: +370 37 306226, +370 640 25879
Email: info.kaunas@radisson.com
3. What is personal data?
Personal data is any information collected by the Company about an individual that can be used to identify them and is stored electronically or otherwise.
Personal data includes any information such as name, surname, address, etc., collected by the Company for the purposes specified in this Policy.
When processing personal data, the Company follows Regulation (EU) 2016/679 (GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania, the Electronic Communications Law, and other relevant data protection legislation.
Below you will find information about how we process your personal data: what data we process, for what purposes, how long we retain it, and what your rights are. You can explore this information by clicking on the relevant section.
4. What rights do you have and how can you exercise them? This section explains your rights related to our processing of your personal data and when you can exercise these rights. For more information or to exercise your rights, contact us at the email address provided in this Policy. The Company will, without undue delay and no later than within one (1) month of receiving your request, inform you about actions taken to fulfill your rights. In complex cases or if we receive many requests, this deadline may be extended by two (2) months. We will notify you within one (1) month if such an extension occurs. We will only refuse to fulfill your rights where permitted by law. 4.1. Right to access your personal data We aim to ensure you clearly understand how we use your personal data and avoid any inconvenience. This Policy already provides information (right to be informed). You may contact us anytime to ask whether we process your data. If we do, you have the right to access it. Submit a written request to the email provided in this Policy and confirm your identity (if required). We expect that you will use this right fairly and reasonably. 4.2. Right to withdraw consent If you have given explicit consent for us to process your data, you may withdraw it at any time. Withdrawal does not affect the lawfulness of data processing prior to the withdrawal. 4.3. Additional rights You also have the following rights, subject to certain procedures: (a) You may request correction of inaccurate or incomplete data. We may ask you to confirm the corrections. (b) You may request deletion of your data, in accordance with Article 17 of the GDPR. (c) You may request restriction of processing or object to processing: While verifying the accuracy of the data after you've contested it. When the processing is unlawful, but you choose not to request deletion. When the data is no longer needed by us but is needed by you for legal claims. While we determine whether our legitimate grounds override yours after you've objected to processing. (d) You have the right to receive data you provided to us in a structured, commonly used, machine-readable format and transfer it to another data controller. (e) You may object to processing based on legitimate interests, as outlined per Article 21 of the GDPR. 4.4. Right to request more information We understand it’s hard to describe every possible data processing scenario. We strive to be clear and update the Policy as needed. If you have any questions, we are happy to provide more details.
5. Processing of personal data for event space inquiry administration Via the Website, you can submit an inquiry regarding event space rental. For this purpose, we ask for: name, number of guests, email, phone number, event date, and optional comments. This data is processed based on your consent (GDPR Article 6(1)(a)). If you do not provide this data, we cannot respond or assess our ability to provide space. We retain the data: a) Until the offer expires or until you withdraw consent, whichever occurs first if the offer is not accepted. b) Until service is provided, if you accept the offer. In this case, we also process the data for 10 years based on legitimate interest (GDPR Article 6(1)(f)) in case of legal disputes. Data recipients include a cloud service provider for storage. If data is processed for legal purposes, it may be shared with courts, government authorities, dispute parties, lawyers, or other legal representatives.
6. Processing of personal data for Christmas meal orders Via the Website, you can also submit Christmas meal orders. We ask for: name, surname, meal selection, pickup date, email, phone number, and optional comments. This data is processed based on your consent (GDPR Article 6(1)(a)). Without this data, we cannot fulfill your order. The data is stored until the order is fulfilled or consent is withdrawn, whichever comes first. Data recipients may include service providers (e.g., system providers or maintainers) acting on our instructions.
7. Website and Cookies We use cookies on our Website. A cookie is a small file stored in your browser or on your device. We only use essential cookies necessary for the site’s functionality. These are based on Article 73(4) of the Lithuanian Electronic Communications Law. These cookies: Cannot be turned off in our systems. Do not store personally identifiable information. Are deleted when you leave the Website.
8. Social Media Platforms Information you provide via social media (e.g., messages, likes, follows) is controlled by the social media platform provider. We manage the following social media accounts (Social Accounts): Facebook: https://www.facebook.com/twosenses.restaurant Instagram: https://www.instagram.com/two_senses_restaurant/ We process information on these accounts for account management based on your consent. We do not store data separately unless needed for legal reasons. When you visit our Social Accounts, cookies may be placed on your device by the platform, even if you do not have an account. We do not have access to personal data collected in this way—only to aggregated statistics. Please review third-party privacy notices or contact them directly for more information on how they use your data.
9. Data Transfers to Third Countries We do not transfer personal data processed under this Policy outside the European Union / European Economic Area.
10. Data Collection and Disclosure We obtain your data from you and your devices. We disclose information about you to the data processors we use, whose categories are listed in this Privacy Policy under the specific purposes of personal data processing. Additionally, we may disclose information about you: ● If we are required to do so by law; ● In the event of an intended sale of the Company's business or part of its assets, disclosing your personal data to a potential buyer of the business or part of it; ● If the Company's business or a significant part of its assets is sold to third parties. Except as outlined in this Privacy Policy, we do not provide your personal data to any third parties. The list or categories of recipients specified in the Privacy Policy may change, so if you wish to be informed about changes in the recipients of your personal data, please notify us via the email address provided in this Privacy Policy. In the message, include the text: "I wish to receive information about changes to the recipients of my personal data, first name, last name."
11. Security of Your Personal Data Your personal data will be processed in accordance with the General Data Protection Regulation (GDPR), the Law on the Legal Protection of Personal Data of the Republic of Lithuania, and other applicable legal requirements. While processing your personal data, we implement organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as against any other unlawful processing.
12. Complaints If you believe that your rights as a data subject have been or may be violated, please contact us immediately via the email provided in this Privacy Policy. We ensure that upon receiving your complaint, we will contact you within a reasonable period and inform you about the progress of the investigation, and later about the outcome. If you are not satisfied with the outcome of the investigation, you may file a complaint with the supervisory authority – the State Data Protection Inspectorate: https://vdai.lrv.lt/.
13. Responsibility You are responsible for the confidentiality of the data you provide and for ensuring that the data you provide to us is accurate, correct, and complete. If the data you have provided changes, you must inform us immediately via email. We are not liable for any damages that may occur to you due to incorrect or incomplete personal data provided by you or your failure to notify us of any changes.
14. Changes to the Privacy Policy We may update or change this Privacy Policy at any time. If you wish to receive the updated Privacy Policy, please inform us via the email address provided in Section 2.