Book now Book

PRIVACY POLICY

This Privacy Policy explains the types of personal data, the purposes and rules of their processing, Adjara Group LLC (I/N: 404676169) processes about You and the rights that You, as a data subject, have in relation to the collection and processing of your personal data.

DEFINITIONS

Data Controller: Adjara Group LLC (I/N: 404676169, legal address: Kostava 14, Tbilisi, Georgia), legal entity who determines purposes and means of Your personal data processing and who, directly or through Data Processor processes Your personal data;

Data Processor: Adjara Collective Management LLC (I/C: 404707171, legal address: Kostava 14, Tbilisi, Georgia), a legal entity who processes Your personal data for and on behalf of Data Controller;

Data Controller and Data Processor shall collectively be referred to as “We”, “Us” or “Our(s)”;

Personal Data or Personal Information: information that relates to you and from which you can be identified, directly or indirectly, including data that we collect from you.

You: Our customer, who purchases/uses, intends to purchase/use or is interested in purchasing/using Our products and services; visits and/or registers on our website; subscribes to our marketing newsletter and/or otherwise uses our services/shares data with us.

We collect Your Personal Data in the following instances and from the following sources:

  • Visiting and/or signing up Your account/profile on the following websites operated by Us (hereinafter the “Websites”): stambahotel.com;
  • Subscribing to Our marketing newsletters and offerings by providing Your e-mail and declaring consent on direct marketing communication (for detailed information on how We handle Your personal data for the purposes of direct marketing, please refer to Our Direct Marketing Policy available on the following link: https://stambahotel.com/direct-marketing-policy);
  • Making bookings/reservations of Our hotel rooms / bars and restaurants through Our Website(s), telephone call, social media websites or other sources of communication made publicly available by Us for Our potential customers; and/or
  • Checking in at Our premises upon Your arrival as a primary booker or as an accompanying guest.

(jointly referred to as the “Activities” or the “Sources of Data Collection” and separately, in relation with one particular action, as the “Activity” or the “Source of Data Collection” ).

Therefore, by engaging in any of the foregoing Activities, we take measures for You to read and consent to this Privacy Policy and any amendments made hereto.

If You have any questions or concerns about privacy after reviewing this Privacy Policy, please address Us on the contact details indicated in Section 12 of this Privacy Policy.

1. PERSONAL INFORMATION WE COLLECT FROM YOU

Depending on the Activity You pursue, We may collect and process different Personal Data and by accepting this Privacy Policy, You confirm that you have read it and grant us permission to collect and process your personal data.

Herein below, please, find the detailed list of what We are collecting from You in relation with each respective Activity You are pursuing:

  • If You are merely accessing Our Website(s), without making any reservations and bookings through it, We collect:technical data (Your IP address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices You Use to access Our Website), usage data (information about how You use Our Website, products and services), marketing and communications data (Your preferences in receiving advertising from Us and Our third parties, Your experience as Our customer or user of the Website and Your respective preferences). We also provide cookies on Our Website(s). Please refer below to our Cookie Policy.
  • If You are signing-up as a subscriber and/or registering an account on Our Website(s), apart from technical data, usage data and marketing and communications data listed in the sub-paragraph “a” of this Section, We collect: identity data (Your name and surname) and contact data (Your e-mail address and phone number). For more information, please refer to Our Direct Marketing Policy;
  • If You are booking through and making reservations of Our hotel rooms on Our Website(s) (apart from technical data, usage data, marketing and communications data listed in the sub-paragraph “a” of this Section), We collect: identity data (Your name, surname, or similar identifier), contact data (Your postal address, email address and telephone/cell number(s)) transactional data (information about the purchases of Our services or products made by You through this Website), financial data (Your payment card requisites) and specific data per customer (Your reservations, Your arrival and departure dates at Our hotels, Your interests, preferences, special requests, feedback and survey responses);
  • If You are making reservations on Our hotel rooms through our communications center (call center), We collect: identity data as defined above in sub-paragraph “c” of this section, contact data and specific data per customer (Your reservations, Your arrival and departure dates at Our hotels, purchases or orders made by You, Your interests, preferences, health / dietary restrictions, feedback and survey responses (if provided)).
  • If you are making reservations on Our hotel rooms through other third parties` websites, We collect: Your identity data (name, surname and other similar identifier), specific data per customer (Your reservations, Your arrival and departure dates at Our hotel, purchases or orders made by You, Your interests, preferences, feedback and survey responses) and financial data (Your payment card requisites);
  • If You are checking in at Our hotel reception, We collect: Your identity data (name, surname, date of birth, nationality, country), Your passport or ID card copy for Your proper identification purposes and for implementing reasonable safety measures at the premises where Our hotels are located, Your contact data (e-mail address and cell-phone number (if provided)), specific data per customer (Your reservations, Your arrival and departure dates at Our hotel, purchases or orders made by You, language, title, Your interests, preferences, special requests, feedback and survey responses (if provided)) and Your financial data (Your payment card requisites);
  • If You are an accompanying guest, who is accompanying the individual who was/is the primary booker of Our hotel room and You are checking in at Our Hotel reception, We collect: Your identity data (name, surname, date of birth, nationality, country), passport or ID card copy for Your proper identification purposes and for implementing reasonable safety measures at the premises where Our hotels are located, contact data (e-mail address and cell-phone number (if provided)), specific data per customer (Your arrival and departure dates at Our hotel, purchases or orders made by You, language, title, Your interests, preferences, special requests, feedback and survey responses (if provided)), Transactional Data (Your purchases, if You are the one paying at Our premises);
  • If You are booking through and making reservations on our bars and restaurants on our Website (apart from technical and usage data and marketing and communications data as defined above in sub-paragraph “a” of this Section), We collect: Your identity data (Your name, surname, date of birth (if provided) or similar identifier), contact data (e-mail address and cell-phone number) and specific data per customer (which includes Your reservations, dates of reservations and visits, visited venues, Your arrival date and time at Our bars and restaurants, purchases or orders made by You, health, dietary and food related restrictions, personal preferences, special occasions, special requests interests and notes, feedback and survey responses (if provided));
  • If You are making reservations on our bars and restaurants through Our communications center:identity data (name, surname and other similar identifiers), contact data (e-mail address and/or cell-phone number) and specific data per customer (Your reservations, dates of reservations and visits, purchases or orders made by You, Your arrival date and time at Our bars and restaurants, Your health, dietary and food related restrictions, interests, preferences, special requests, special occasions, feedback and survey responses (if provided)).
  • If you are making reservations on Our hotel rooms through third-party entities (including but not limited to Your employers, tour operators, travel agencies) that have agreements with Us, We collect: Your identity data (name, surname) and Your passport or ID card copy for proper identification purposes and/or implementing reasonable safety measures at the premises where Our hotels are located.
  • When visiting our hotels, restaurants and bars, and our other spaces, you will be subject to video monitoring via CCTV cameras located in the buildings and on the external perimeter of our facilities, regarding which relevant warning signs are placed in a visible place.

In cases where the provision of the above data is not mandatory, this is indicated in the relevant application fields.

2. THIRD PARTY CONTRACTORS

We use Our contractors’ services, such as booking engines (Selfbook, Sevenrooms, SynXis), who We ensure to have obtained and maintained all the adequate data protection measures and who are bound by contractual undertakings to keep Personal Information confidential and to use solely for the purposes for which We instruct them. By pursuing any of the Activities, Our contractors collect and process Your Personal Data within the scope and for the purposes of providing services to Us.

Please Note: The Personal Data collected by them is at the same time collected and processed in compliance with their Privacy and Cookies Policies. Respectively, Your Personal Information will be subject to such third-parties privacy and cookies policies as well, apart from this Privacy Policy and by engaging in any of the above-cited Activities, You consent to authorize them to collect, store and process Your Personal Information in accordance with their Privacy Policy.

3. WHEN AND HOW DATA IS COLLECTED

Personal Information may be obtained through following Sources of Data Collection:

  • When You pursue any of the Activities, listed in Section 1 of this Privacy Policy, We collect data in accordance with detailed differentiated list elaborated in Section 1 herein above.
  • We may also receive Your Personal Information from other Sources of Data Collection, such as joint marketing partners, booking engines, social media platforms, apps and other third parties. When You access our Website through Your social media account, Personal Information of Your social media account will be shared with Us.

4. OUR PRIVACY PRINCIPLES

We collect and process Your Personal Data in compliance with the following Personal Data Processing Principles:

  • We collect and process Your Personal Data explicitly for and only to the extent of the purposes of collection and processing of the Personal Data, stipulated under Section 5 of this Privacy Policy and it is not further processed in a manner that is incompatible with those purposes. Therefore, We undertake that the Personal Data collected and processed lawfully, fairly and is adequate, relevant and limited to these purposes.
  • Your Personal Data is kept in a form which permits its processing and use for no longer than is necessary for the purposes under this Privacy Policy; We take reasonable steps to ensure data accuracy.
  • We protect all non-public and public personal information We collect about You in compliance with strict standards of security and confidentiality;
  • We implement and maintain all the adequate and necessary internal technical and organizational safeguards to store and protect Your Personal Data in utmost secure and confidential manner. This implies the storage of Your Personal Data on a secure electronic data base accessible only to a limited number of individuals, in accordance with internal standard operational procedures implemented and made binding by Us for Our employees/personnel to comply with;
  • We require any third-party providing products/services to Us to protect and respect the confidentiality of Your Personal Information;
  • We permit only authorized employees and contractors to have access to Your Personal Information, who need to have access to and process Your Personal Data solely for the purposes indicated in this Privacy Policy and who are bound by the same degree of confidentiality obligations with respect to processing, storing and non-disclosure of Your Personal Data.

5. PURPOSES AND GROUNDS FOR DATA PROCESSING

We collect and process Your Personal Data only to the extent of and limited to the following purposes:

  • To provide You with the products and services;
  • To ensure all the adequate and necessary safety measures when You check in at Our premises; Also, to protect our and our client's property and safety;
  • To carry out automatic payment procedures in case of no show-up after making Our hotel room reservations and bookings through Our Website;
  • To improve Your experience and customize Our services to Your needs, taking into account Your preferences;
  • To obtain our users' preferences; For statistics and analysis of users and their experiences;
  • For marketing purposes, which means developing marketing activities about our products and services, as well as periodically offering them as described in the Direct Marketing Policy;
  • To protect Our legitimate and lawful interests in the event of any dispute arising out of or in connection with this Privacy Policy and/or on the basis or within the scope of or in relation with Our activities.

Video Monitoring

In order to prevent and detect crime, ensure public safety; ensure the safety of clients, visitors, third parties and employees (including health and property safety) and protect property; ensure labor and product safety, video monitoring is carried out using CCTV cameras installed in our facilities and on their external perimeter. Appropriate warning signs are placed in the spaces subject to monitoring.

We process “personal data” based on the legal grounds stipulated in the Law of Georgia On Personal Data Protection:

  1. Upon your consent;
  2. if the processing of data is necessary for the performance of an obligation under a contract concluded between You and Us, or for the conclusion of a contract at your request;
  3. if the processing of data is provided for by law;
  4. if the processing of data is necessary for the performance of obligations imposed by law;
  5. if, according to law, the data is publicly available, or if you have made the data publicly available;
  6. if the processing of data is necessary for the consideration of your application/provision of services;
  7. if the processing of data is necessary for the purposes of the legitimate interests pursued by Us or by third party and there is no overriding interest in protecting your rights. Such interest may include: effective performance of legal and contractual obligations; storage of proof of transactions and other evidence; protecting information assets, ensuring the proper functioning of network security and electronic channels; developing products and services, growing Our business, defining customer categories and implementing relevant marketing activities, improving Our service.

Withdrawal of consent

You may withdraw your consent to the processing of your data by submitting a request to the contact details specified in Section 12 of this Policy at any time, without giving any explanation or justification. In the event of withdrawal of consent, the processing of your data will cease and/or will be deleted/destroyed only if such consent is the sole basis for the processing of the data. Withdrawal of consent may result in restrictions on the use of some of our services.

6. DATA SHARING / DATA TRANSFER

We may share Your Personal Information with the Following Parties:

  • • Our affiliates, which implies entities affiliated with/related to Us, i.e. any entity and/or person that is directly or indirectly controlled by Us, is under common control with Us or is controlled together with Us by other affiliated entity in consideration of common business interests. For the purposes of this Section, term “control” means possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity/person, whether through the ownership or control of interests or voting securities, by contract or otherwise.

Sharing is carried out in the frame of corporate governance/management structure among the affiliates for joint legitimate financial / legal / marketing and other corporate governance purposes. We share Your Personal Data explicitly with any of such affiliate companies from Our group of companies who need to process Your Personal Data solely for the purposes indicated in this Section 6 and who are bound by the same degree of confidentiality obligations with respect to processing, storing and non-disclosure of Your Personal Data.

  • Our employees, who need to have access to and process Your Personal Data solely for the purposes indicated in this Privacy Policy and who are bound by the same degree of confidentiality obligations with respect to processing, storing and non-disclosure of Your Personal Data;
  • Third-Party Data contractors, acting as authorized persons to collect and process Your Personal Data on Our behalf, for the purposes of and in accordance with Section 2 of this Privacy Policy. Data sharing (Data transfer) with those third-party contractors which are registered and operate abroad, is carried out in accordance with the rules established for the international transfer of data, under the applicable laws of Georgia;
  • Governmental and public authorities, as required under applicable laws of Georgia.

Sharing of personal data may also occur if our structure changes in the future, for example, if we decide to sell or dispose of our assets, or if we carry out a merger or reorganization in another manner provided for by law.

7. COOKIES

By visiting Our Website, Your computer or device may be provided a cookie, which tracks Your preferences. This Information helps Us improve Our services and update/improve Our Website. We process Personal Information by Using cookies as per Our Cookie Policy provided herein below.

8. PROFILING

We process Your Personal Data to detect Your preferences that help us in further sophistication of Our products and services. Profiling serves the goals of analyzing Your needs, wishes and preferences to make Your stays / visits more enjoyable with Us and to provide You with personalized experience at Our premises. This is in our legitimate interests to develop our products and services in line with our customers' preferences and to develop and offer you relevant marketing activities.

More specifically, We analyze the following information about You for profiling purposes:

When you stay at Our hotel:

  1. Number of reservations (including number of completed or cancelled reservations);
  2. Number of guests;
  3. Orders and purchases made;
  4. Amount of spending;
  5. Seasonality;
  6. Frequency of stays;
  7. Intervals between stays;
  8. Acquisition source.

When you visit our bars and restaurants:

  1. Sitting area;
  2. Orders and purchases made;
  3. Amount of spending;
  4. Seasonality;
  5. Frequency of visits;
  6. Intervals between visits;
  7. Food, health or dietary restrictions;
  8. Acquisition source;
  9. Purpose of reservation.

By agreeing to this Personal Data Protection Policy, you confirm that you have read the terms of processing your personal data through profiling and grant us your permission to do so.

You, as the data subject, have the right to request erasure, deletion or destruction of profiling data as well as refuse to use Your data for profiling which We have to comply with within statutory timeframes of no later than 10 business days.

Please, note that if You withdraw Your consent on profiling Your Personal Data by Us or request Us to suspend its profiling, We might be limited in providing Our products and services in the same quality as in relation with other customers or customized to Your needs, preferences and interests.

9. STORAGE DURATION AND SECURITY

We treat Your Personal Information with utmost diligence and confidentiality in accordance with the principles stipulated under Section 4 of this Privacy Policy and have implemented all the technical and organizational security measures for the purposes of protecting this Information from unlawful usage, loss, alteration, erasure, processing or any other unauthorized forms of access to and impact on such Personal Data. These measures are implemented as per applicable law and in accordance with the principles indicated in sub-paragraph “d” of section 4 of this Privacy Policy.

We shall keep Your Data to the extent and for the period of what is necessary to achieve the purposes of collecting and processing Personal Data, indicated in Section 5 of this Privacy Policy, including for the purposes of meeting legal, regulatory, tax or reporting requirements. For each information asset, a data retention period is defined, which is based on both the legal obligation and the relevant need for data processing. We generally retain customer data, including the information related to reservations, up to 10 years; information regarding the finances and payments up to 6 years. In other cases, data may be stored for a longer or shorter periods if this is established by law, is necessary to meet our legal requirements or an appropriate period is defined for the relevant information asset (for example, a video recordings).

We routinely erase and destroy such data or keep it in unidentifiable and depersonalized manner for our analytical and statistical purposes, if the purpose of its processing no longer exits and minimize the Personal Data collected by Us only to the extent which is necessary to store and process for any then current and valid purpose.

We further ensure that all the third parties indicated in clause 6 of this Privacy Policy, comply with the same rules and procedures.

10. YOUR RIGHTS AND OBLIGATIONS

Under this Privacy Policy, You, as the data subject, are entitled to address the following rights with respect to Your Personal Data at any time and without any costs/charges from Our side:

  • which Personal Data concerning You, are being processed, as well as the grounds for and the purpose of the processing;
  • the source from which the Personal Data were collected/obtained;
  • the period for which the Data will be stored and, if no specific period can be determined, the criteria used to determine that period;
  • the legal basis and purposes of the data transfer, as well as the appropriate data protection safeguards if the data are transferred to another state; the categories of recipients, including information on the ground for and purpose of the transfer, if the data are transferred to a third party;
  • the decision made as a result of automated processing, including profiling, and the logic involved in making such a decision, as well as its impact on the processing and the expected results of the processing.
  • To request the transfer of Your Personal Data collected and processed by Us to other third-parties;
  • To withdraw Your consent on processing Your Personal Data by Us; and/or
  • To appeal to the Personal Data Protection Service (please, refer to the contact details indicated below in section 12 of this Privacy Policy) or common courts of Georgia.

You also have the right to request access, correction of erroneous Personal Data, renewing the Data, the right to request suspension of Data processing, erasure of Data or destruction. Your request should be satisfied within 10 business days. Before responding to such a request, we may require the data subject to identify themselves.

We retain the right of refusal, in cases prescribed by law.. Our decisions on refusal(s) mentioned above will be served with respective justification and the explanation on the ways of its appeal.

Please also note, that if You request deletion, erasure or destruction of the Data that is necessary for providing Our services, We will be unable to continue rendering Our services to You.

If You would like to submit Your request with any of the foregoing inquiries regarding Your Personal Data, please address us on the contact information indicated in Section 12 of this Privacy Policy.

Please, further note that We are solely liable and responsible for reviewing and satisfying or rejecting Your request within the scope and to the extent of Personal Data processed by Us.

You are liable for any loss or damage inflicted to Us or third party for submitting erroneous, inaccurate or incomplete Information. Please note, that You should provide only Your own data and You are not allowed to provide Information on the third parties. If You share with Us Personal Data that belongs to the third parties, We imply, that such data is legally obtained by You from such third party, on the basis of respective consent and You have due authority and legal capacity to collect and transfer such third party's Personal Data to Us.

Please Note: Certain Information should be kept by Us for recordkeeping purposes and for completing transactions that were commenced by You prior to requesting rectification or erasure.

11. APPLICABLE LAW

Our Website, this Privacy Policy and any document / form which we might further execute on the basis of this Privacy Policy, are subject to the applicable laws of Georgia.

12. CONTACT INFORMATION

For any questions, claims, requests or other inquiries, please contact Us or Our Personal Data Protection Officer (LTD Privacy Logic Group, I/N: 405222619) here:

Adjara Group LLC (I/N: 404676169), Adjara Collective Management (I/N 404707171)

Postal Address: 14 Kostava Street, Tbilisi, Georgia

E-mail address: pdsupport@adjaragroup.com

or, contact Personal Data Protection Service on the following information:

Postal Address: 7 Nato Vachnadze Street, Tbilisi 0105

Phone: 032 242 10 00

E-mail Address: office@pdps.ge

13. COOKIE POLICY

WHAT ARE COOKIES?

Cookies are small sized text files kept in Your computers, pads, mobile phones or other devices. Information kept in cookies is not damaging for Your devices. Cookies are used for improving Our Website and Your experience here. Cookies are keeping the information on Your navigation on Our Website.

WHAT KIND OF COOKIES WE USE?

  • Social media cookies: used for sharing pages and content in social media. Such cookies may also be used for advertising purposes. These cookies collect statistical information about gender, age, preferences and interest of Our visitor;
  • Necessary Cookies. Cookies that are necessary to enable Our Website to work. These cookies also enable You to move around on Our Website. These cookies do not identify personal information. They are used regardless of your consent.
  • Targeting or Advertising Cookies. These cookies are used to deliver content that is more relevant to You and Your interests. They are also used to deliver targeted advertising or limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. Most types of these cookies track consumers via their Device ID or IP address therefore they may collect personal data.
  • Analytical cookies: these files preserve information on your usage of Our Website. For instance, the pages, that are most visited by the user. These files do not receive any personal information of specific user. All data obtained through these cookies are anonymous and carry merely statistical value. Analytical cookies are used to make Our Website more interesting, to let Us know which pages are the most popular among the visitors, which advertisement/information is the most efficient and etc.

    • We do not store Your address, Your password, Your credit or debit card data, etc. in the cookies We use.

Third Party Cookies

Google analytics/facebook pixel:

We use Google Analytics, Facebook Pixel and Triptease services. This service enables Us to obtain statistical data about visitors of Our Website (content of search, certain page of the web they visit and etc.). We get the information from which city/state the user reached Our Website, what is the time spent by the visitor on Our Website, which operational system is used by the visitor of the Website and etc. We also get the information on Our visitors' age, gender, interests, device language, location, device type, behavior (engagement, interaction with the Website, frequency and recency of website visits).This information is processed merely for statistical purposes and does not enable Us to identify the user unless You subscribe to Our newsletter or book Your stay with Us.

Who uses cookies?

We are the main users of cookies and the information stored on them. From time to time, We may transfer them to the third party contractors in accordance with the principles stipulated in Section 2 of this Privacy Policy. The purpose of such transfer is to obtain access statistics and to improve Your experience on the Website.

Managing cookies.

You can prevent your browser from using cookies, delete saved cookies, or have your browser notify you of new cookies. You can find instructions on how to delete cookies at www.aboutcookies.org.

For detailed information on how to delete cookies in different browsers, see:

Disabling or removing cookies may prevent some of the functionality of our website.

We reserve the right to update our cookies policy, for example, to improve the service or to comply with legal requirements.