Personal Data Protection Policy
Who we are?
Bakuriani Kokhta LLC is a company registered under the legislation of Georgia (hereinafter referred to as the “Company”, “We”, “Our”), which owns the Dialogue Kokhta Hotel. It is located in Bakuriani, near Tsekavshiri building.
Our identification code: 405385364;
Our legal address: 113, Tsinamdzghvrishvili str., I floor, Chughureti district, Tbilisi, Georgia, commercial premises;
Actual address of the company: Kipshidze 15str., Tbilisi.
Actual address of the hotel: Bakuriani township, near Tsekavshiri building.
Website: www.dialoghotels.ge
Introduction
It is important for us to ensure a consistent and high level of protection and security of the personal data of our users (your)/guests.
In this document we would like to share with you on what basis and for what purpose we collect and process your personal data and by what legal and technical means we protect it.
In addition, this document will also inform you about your rights and the means available to protect them.
Who is this document intended for?
The document is intended for:
Hotel guests (including potential, existing and/or former guests);
Any person who contacts us and expresses an interest in a particular product or service (within the hotel);
Any other person with whom the hotel does not have a direct relationship, although the processing of his/her information is necessary to carry out the hotel’s activities or improve our services.
How do we collect your data?
We collect your data from the following sources:
Your request for services and goods (including telephone communication, electronic contact and/or visit/accommodation at the hotel);
Your use of our hotel services/products;
Use of our remote channels;
Your use of our official website and its functionals (e.g.: chat);
Additionally, we obtain information about you on the basis of your consent.
What kind of information do we process about you?
The information we process may include the following categories of data in proportion to the purpose of processing:
Identification data;
First name, last name
Cntact information;
Address (country and city), e-mail, telephone number, etc.;
Information about services and products provided by the hotel;
Special category data:
Data about technological device
IP address, cookies,
Records;
Audio and video recordings;
Data obtained in the course of communication;
Data received via email, telephone, chat, social media or other communication channels; Data created by the hotel;
Data created as a result of the hotel’s analysis of guest data (e.g.: behavioral data, etc.);
Cookies
We are committed to continually improving the service and experience you receive when using our website and to protecting your security. Accordingly, when you use our website and other remote platforms, we collect so-called ready-made records – cookies – about you. Cookies are used to personalize, improve and protect your experience when using the website and other remote platforms, in particular for the purposes of simplifying navigation, offering information in the right format, improving search parameters, securing user authentication, optimizing marketing, web pages design of and better adapting to the user.
Through these cookies, we collect operating system version, device model and other unique device identifiers, length of time spent on websites, information about open pages, online browsing history, browser information, information about the actions taken on our website, from which geolocation you accessed it and in what language you read the information. We try to understand how you use our website.
When you visit our website and remote channels, you have the option to accept/reject the use of cookies and/or manage the targeting of the use of cookies according to your wishes (for example, you may opt-out of the use of cookies for analytical and/or marketing purposes).
Purpose of data processing
We process your data for lawful purposes only and to the extent appropriate to them, including but not limited to:
For the provision of services (payment, transfer, etc.);
For offering and improving services (change of conditions, new or additional products, promotions). To prepare various reports, studies and/or surveys;
To ensure data security;
To protect the safety and property of employees, visitors/clients or others.
To send/deliver relevant correspondence/messages to guests;
For the purpose of monitoring the fulfilment of contractual obligations by the hotel/company in full and on time and/or the performance of contractual obligations by the guest/customer;
For marketing purposes, which means, with the consent of the data subject, the periodic offering of various products/services by the hotel/company and the development/planning of marketing activities;
For the defense of the legitimate interests and/or legal rights of the company/hotel.
Basis of personal data processing:
The basis for our processing of your data is:
Your voluntary consent;
Obligations stipulated by law;
The need for data protection to enter into or to fulfil a contract;
The need to process data to protect the legitimate interests of the company or third parties;
Availability of data publicly;
The video surveillance system is used in the hotel area for the purposes of crime prevention, detection, protection of personal safety and property, as well as protection of secret information.
We process special categories of data only with your written consent, and in the case of biometric data – the data is processed if it is necessary for the performance of activities to protect the safety and property of a person, as well as to prevent the disclosure of confidential information.
When we share your data with third parties
We may share your data with third parties in order to fulfill legal or contractual obligations, with appropriate legal basis.
In order to properly protect your data, we check that we have taken appropriate organizational and technical data protection measures before transferring your personal data to third parties.
You have the right to:
Receive information about the processed data about you, in particular, what data is processed, what is the purpose and legal basis of their processing, information about the source of data collection and data transfer;
Get acquainted with the data about you protected in the company and receive copies of documents/records containing your personal data in the manner established by the legislation of Georgia;
Request correction, update and/or completion of erroneous, inaccurate and/or incomplete data; Request the termination, erasure or destruction of data processing if:
You revoke your consent, which is the only basis for data processing;
The processing of the data is no longer necessary for the purpose for which it was processed; Data processing is illegal;
Request data blocking if:
The validity or accuracy of the data is disputed;
The processing of data is illegal, however you do not want them to be deleted and you only ask for them to be blocked;
The data is no longer necessary to achieve the purpose of its processing, although you need it for legal proceedings;
The request for termination of data processing, erasure or destruction is under review; There is a need to store data for evidence.
Withdraw/refuse your consent to data processing at any time and request the deletion of data processed based on it. We will stop processing the data and delete the data already processed, unless there is another basis provided by data processing legislation.
If the basis for data processing is your consent and it is technically possible, you can request the porting of the personal data provided by you to the company, i.e., receive it in a structured, usable and electronic form or transfer it to another processor;
When making a decision about you by automated means that produces a legal, financial or other significant result for you, you can request the involvement of a human resource in the decision-making process, unless the data processing by automated means is carried out with your consent, is necessary for the conclusion/performance of a contract or is required by law;
In case of violation of your rights, you can apply to the company;
Restrictions on your rights:
Your rights may be restricted if their exercise threatens:
National security, information security and cyber security and/or defense interests; Interests of public safety;
Crime prevention, investigation of crime, prosecution, administration of justice;
Detection of violations of professional, including regulated profession, ethics norms by the data subject and assigning responsibility to him/her;
Your rights and freedoms or those of others;
Protection of state, commercial, professional and other types of secrets provided for by law; Justification of a legal claim or objection.
The company shall only use a measure of restriction of rights that is adequate and proportionate to the purpose of the restriction.
Data security protection:
We store the processed data about you in accordance with the requirements of the law. We provide physical, technical and organizational safeguards to protect your data. We protect the security of our electronic devices, files, premises. We also have physical, electronic and procedural controls in place to protect your data from unauthorized access, use, transfer, loss or destruction.
Our employees adhere to data privacy, security policies and procedures in accordance with legislation and internal organizational documents.
More information about the security measures we take can be found in the data security notice.
Data storage period
We store your data:
In accordance with the terms defined by the legislation of Georgia
or for the period that is necessary to achieve the specific purpose of the processing, established within the scope of service provision and/or in the contract.
Contact information:
You can contact the company at any time on the issues related to personal data protection at the following e-mail address: Info.kokhta@dialoghotels.ge
Additionally, you can contact the company at 0322 502 302
Changes:
We may make changes to this document from time to time. The updated document indicating the date of change will be posted on our website.
Date: May 31, 2024
Direct Marketing Policy
Published on: May 31, 2024
Please, carefully read this Direct Marketing Policy, as for the purposes of direct marketing, “Hotel” (I/N: 405385364) (“Data Controller“) and hotel (I/N:405385364;) („Data Processor“) (jointly – „We“, „Us“ or „Our“) will process your following personal data (the “Personal Data” or the “Personal Information”), if you click the direct marketing acceptance button on this website:
Your Name and Surname;
Your E-Mail Address;
Your Phone Number (if provided).
Please, also refer to Our Privacy Policy which can be found here, to understand the further basis for processing the Personal Data, the principles we apply while processing your Personal Data and the rights that You, as the data subject (“You” / “Yours”), have in this regards.
Please, further note that, upon your consent to this Direct Marketing Policy, it automatically becomes an integral part of Our Privacy Policy, cited above.
How We use Direct Marketing
We use e-mail provided by You for Direct Marketing to send you information about Our products and services, marketing newsletters and special offerings, advertisements, sales and promotions and collaborations with third parties (the “Marketing Communication”);
We do not send Marketing Communication automatically to Our existing or prospective customers. We refer to an “Opt-in and Opt-out Policy” in this process, which implies that You will only receive Our Marketing Communication if We have Your express consent to this Direct Marketing Policy. Should you withdraw your consent to receive such communications from us, we will promptly cease all further Marketing Communication, no later than within 7 (seven) working days from the date of such withdrawal;
You will not be receiving any Marketing Communication from Us via text message, phone call, post or fax.
What Kind of Marketing Communication You Might Receive from Us
Within the scope of your consent to receive Marketing Communication from Us, you will be receiving information about:
Our products and services, which is customized to your interests and preferences; Our latest marketing newsletters and special offerings;
Advertisement;
News updates about Us and Our collaborations with other third parties;
Our upcoming sales and promotions;
Products and services offered by Our affiliate companies, including their marketing newsletters, special offers, advertisements, sales and promotions, as outlined in section 3 of this Direct Marketing Policy.
With Whom We Share Your Data for Direct Marketing Purposes
We may share your personal data with the following parties for direct marketing purposes:
Our affiliates, which implies entities affiliated with/related to Us, i.e. any entity and/or person that is directly or indirectly controlled by Us, is under common control with Us or is controlled together with Us by other affiliated entity in consideration of common business interests. For the purposes of this Section, term “control” means possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity/person, whether through the ownership or control of interests or voting securities, by contract or otherwise.
Sharing is carried out in the frame of corporate governance/management structure and common business and marketing interests within Our group of affiliates, to provide you with their marketing newsletters and special offerings regarding their products and services.
Our employees, who need to have access to and process Your personal data solely for direct marketing purposes and who are bound by the same degree of confidentiality obligations with respect to proper handling, processing, storing and non-disclosure of your personal data;
If You Do Not Wish to Receive Marketing Communication from Us Anymore
Withdrawing your consent from direct marketing is just as easy as giving consent:
Every Marketing Communication sent to you has an integrated Unsubscribe tool allowing you to easily opt-out of receiving any Marketing Communication from Us;
Alternatively, you can also address us on the contact details indicated in section 6 of this Direct Marketing Policy.
Please, Note: If you opt-out of receiving direct marketing from Us, You will no longer receive any of Our Marketing Communications. We will ensure this opt-out request is processed within statutory timeframes
Withdrawing Your consent with Us will automatically result in withdrawing consent on receiving Marketing Communication from Our affiliates too. Therefore, You will not need to take any extra actions for them to cease Marketing Communication.
Storage Security and Duration
We treat Your Personal Information with utmost diligence and confidentiality and have implemented all the necessary technical and organizational security measures for the purposes of protecting this Information from unlawful usage, loss, alteration, erasure, processing or any other unauthorized forms of access to and impact on such Personal Data. These measures imply the storage of Your Personal Data on a secure electronic data base accessible only to a limited number of individuals, in accordance with internal standard operational procedures implemented and made binding by Us for Our personnel to comply with.
We further ensure that all the third parties comply with the same rules and procedures.