Data administrator: HOTEL BOSS, s.r.o., Čepiel 1, 010 01 Žilina (hereinafter referred to as "Accommodation facility") Customer: Natural or legal person using the services of the operator
Regulation: Regulation (EU) No ... of the European Parliament and of the Council 2016/679 of 27 April 2016, the General Regulation on the protection of personal data
1. The subject of these terms and conditions is to ensure the processing of personal data of customers obtained as part of the business of the Accommodation Facility, as well as an obligation to observe confidentiality of such information obtained, to the extent and under the conditions set forth by these conditions.
2. Accommodation facilities shall undertake to process customer personal information in accordance with these conditions. These conditions are made to the extent of the rights and obligations arising from the relevant legislation in the processing of personal data under the previous paragraph, in particular Regulation (EU) No. 2016/679 of 27 April 2016 of the General Regulation on the protection of personal data ("the Regulation").
RIGHTS, OBLIGATIONS AND MILITARY RIGHTS
1. The accommodation facility undertakes to take technical, personnel and other necessary measures to prevent unauthorized or accidental access to personal data, alteration, destruction or loss, unauthorized transmission, other unauthorized processing or other misuse of personal data.
2. In connection with the provision of accommodation services, the Accommodation facility is obliged to process the personal data of the guests. These data mainly work: a. Receptionist b. Manager c. Marketing employee
3. The above mentioned users have learned about the sensitivity of personal data. With personal data, guests are solely responsible for the services provided by the accommodation facility. The accommodation and staff do not provide personal information to other guests. Other personal data processors are: a. Hotel system HORES b. IMMUNITAS s.r.o ..
4. The terms of processing and handling of personal data of the guests are regulated in the processing agreement between the accommodation facility and the processor concerned.
DPO (DATA PROTECTION OFFICER)
1. The Commissioner of Ing. Stanislav Babic. firstname.lastname@example.org The facility provided the officer with the necessary training to carry out this function in accordance with the Regulation.
1. The accommodation has the legal obligation to keep certain personal information about its guests, including first name, surname, date of birth, permanent address, number and type of document, possible visa and purpose of residence. This obligation is governed by the Act on the Stay of Aliens and on Amendments to Some Acts no. 404/2011 Coll. and the Local Tax Act and the local fee for municipal waste and small construction waste. 582/2004 Coll. Under this legislation, the Accommodation facility is required to store these personal customer data for 5 years.
2. In addition to statutory personal data, the accommodation facility stores and processes an email address and telephone number. These personal data are used to communicate before, during and after the customer's stay. The facility declares that the e-mail addresses are not provided to third parties and entities.
3. The Customer has the right at any time to ask the Accommodation facility for an overview of its personal data. This information is stored on the guest card in the HORES hotel system. A notarially verified request for the deletion of personal data must be delivered by mail to the address of the accommodation facility. In case of a legitimate request for deletion of personal data, the accomodation facility will remove the guest card. However, the accommodation must be governed by the aforementioned laws and the personal data listed can only be erased after the expiry of the statutory time limit.
TECHNICAL AND ORGANIZATIONAL PROTECTION OF PERSONAL DATA PROTECTION
1. The accommodation shall undertake to provide technically and organizationally the protection of the processing of personal data in such a way that unauthorized or accidental access to the data, modification, destruction or loss, unauthorized transmission, other unauthorized processing or other misuse personal data and that all personal data controller obligations arising from the legislation, in particular the Regulation, are ensured throughout the personal and organizational continuity of the processing of personal data.
2. The accommodation facility undertakes that the processing of personal data will be ensured in particular as follows:
a. personal data will only be accessible to authorized persons of the accommodation facility that will have the accommodation conditions set and the scope of the data processing and any such person will access personal data under its unique identifier;
b. personal data will be processed on the premises of the Accommodation facility, to which only authorized persons will have access;
c. c. The facility shall prevent the unauthorized reading, creation, copying, transmission, modification or deletion of personal data records; d. The facility will take steps to identify and verify the personal data being sold, processed, altered or deleted. 3. By means of its own internal regulations, the accommodation is obliged to ensure that employees and other persons who process personal data will do so only under the conditions and to the extent specified by the Accommodation facility. The facility and staff will maintain confidentiality of personal data and security measures, the disclosure of which would jeopardize the provision of personal data even after termination of employment at the Accommodation Facility.
1. The accommodation facility uses the CCTV system to prevent and protect its customers. The lodge declares that it does not work in any way and does not provide it to third parties or entities.
Last update: 1.5.2018