Pema e Thate Beach Bar & Sunbed Rental

Pema e Thate is committed to protecting your privacy and processing your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), applicable Albanian data protection laws, and other relevant privacy regulations.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our premises, use our services, visit our website, contact us, or make reservations.


1. Data Controller

The data controller responsible for your personal data is:

Pema e Thate
Address: Lagjia nr.3, rruga Pema e Thate, nr.2, Ksamil, Sarande 9706
Email: info@pemaethate.com
Phone: 355693103331

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact us using the details above.


2. Personal Data We Collect

We may collect and process the following categories of personal data:

Information You Provide Directly

Information Collected Automatically

When you visit our website, we may collect:

CCTV Monitoring

For security and safety purposes, CCTV cameras may operate in selected areas of our premises. CCTV recordings may capture images of visitors and staff.


3. Purpose of Processing Personal Data

We process personal data for the following purposes:


4. Legal Basis for Processing

Under GDPR, we process personal data based on one or more of the following legal grounds:

Contractual Necessity

Processing required to provide services you request, such as reservations or purchases.

Legal Obligation

Processing necessary to comply with applicable laws, tax regulations, accounting obligations, or requests from public authorities.

Legitimate Interests

Processing necessary for:

Consent

Where required by law, we rely on your consent for:

You may withdraw your consent at any time.


5. Cookies and Similar Technologies

Our website may use cookies and similar technologies to:

Where required by law, non-essential cookies will only be used after obtaining your consent.

You may manage cookie preferences through your browser settings or our cookie consent banner.


6. Sharing of Personal Data

We may share personal data with:

Service Providers

Authorities

Where required by law, we may disclose personal data to:

All third-party service providers are required to process personal data securely and only for authorized purposes.


7. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we will ensure that appropriate safeguards are implemented, including:


8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

When data is no longer needed, it will be securely deleted or anonymized.


9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

Despite these measures, no method of transmission or storage can be guaranteed as completely secure.


10. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You may request confirmation of whether we process your personal data and obtain a copy of that data.

Right to Rectification

You may request correction of inaccurate or incomplete information.

Right to Erasure

You may request deletion of your personal data where applicable.

Right to Restriction of Processing

You may request that we limit the processing of your personal data in certain circumstances.

Right to Data Portability

You may request a copy of your data in a structured, commonly used, machine-readable format.

Right to Object

You may object to certain processing activities based on legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw your consent at any time.

Right to Lodge a Complaint

You have the right to submit a complaint to the competent data protection authority if you believe your rights have been violated.


11. Marketing Communications

If you subscribe to our newsletter or marketing communications, we may send promotional information about our services, events, and special offers.

You may opt out at any time by:

We will not send marketing communications without an appropriate legal basis.


12. Third-Party Websites

Our website may contain links to third-party websites or social media platforms. We are not responsible for the privacy practices of those external websites. We encourage users to review their privacy policies separately.


13. Children’s Privacy

Our services are not specifically directed toward children under the age of 16. We do not knowingly collect personal data from children without appropriate parental authorization where required by law.


14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect legal, operational, or regulatory changes.

Any updates will be published on our website with a revised “Last Updated” date.


15. Contact Us

If you have any questions regarding this Privacy Policy or wish to exercise your GDPR rights, please contact:

Pema e Thate
Address: Lagjia nr.3, rruga Pema e Thate, nr.2, Ksamil, Sarande 9706
Email: info@pemaethate.com
Phone: 355693103331

We will respond to privacy-related requests in accordance with applicable data protection laws.


By using our website, making a reservation, or using our services, you acknowledge that you have read and understood this Privacy Policy.