VERARBEITUNG UND SCHUTZ VON PERSÖNLICHEN DATE

Manager of data:     Hotel Maxant s.r.o., Frymburk 80, 382 79 („Hotel“)

Subject of data:          A natural or legal person using the services of an operator, customer

Regulation:          Regulation (EC) No 2016/679 of the European Parliament and of the Council of 27 April 2016, General Regulation on the protection of personal data

GENERAL CONDITIONS

1.       These conditions and terms are to ensure safe processing of the personal data of the customers obtained in the Hotel's business activities, as well as an obligation to maintain confidentiality of the information obtained, to the extent and under the conditions set forth by these conditions.

2.       In accordance with these conditions, the hotel undertakes to process customer personal data. These conditions are embodied in the scope of the rights and obligations that arise from the applicable legislation in the processing of personal data under the preceding paragraph, in particular Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection Regulation (GDPR) ("the Regulation").

RIGHTS, OBLIGATIONS AND DIGNITY

1.       . The hotel undertakes to take such technical, personnel and other measures as may be necessary to prevent unauthorized or accidental access to personal data, alteration, destruction or loss, unauthorized transmissions, or any other unauthorized processing or other misuse of personal data .

2.        In connection in providing hotel services, the Hotel is obliged to process personal data of the guests. With data mainly work:

a.       Reception staff

b.       Hotel Manager

c.       Accountants

d.       Marketing Specialists

The above mentioned users have been informed about the sensitivity of personal data. Personal information of the guests is only used for services provided by the Hotel. The hotel or staff does not transmit personal data of guests to other entities.

3.        Personal data processors

a.       Hotel system provider - Previo

b.       Accountant

c.       Marketing companies managing PPC

d.       Google Inc.

The terms and conditions for the processing and handling of personal details of the guests are regulated in the processing agreement between the hotel and the respective processor.

PERSON IN CHARGE OF PROCCESING DATA - DPO

1. DPO of the Hotel is Martina Nemota. DPO was provided with the training required to perform this function in accordance with the Regulation.

LEGAL REASON FOR PERSONAL DATA PROCESSING

1.       The processing of personal data necessary to meet legal obligations

The hotel has the legal obligation to keep certain personal data about its customers, especially name, surname, date of birth, address and time of accommodation, ID number and type of ID, visa, and purpose of stay. This obligation is governed by the Act on the Residence of Foreign Nationals in the Czech Republic (326/1999) and the Act on Local Fees (565/1990). According to this legislation, the hotel is required to keep personal data about customers for 6 years.

The customer has the right to ask the hotel at any time for an overview of their personal information. This information is stored in (i) a guest card in the hotel system, (ii) a hotel book, and (iii) a registration book , which is stored in a printed form in a locked room. In the case of a request for the deletion of personal information, the Hotel will delete the guest card and will destroy the hotel and registration book. However, the hotel must meet the above-mentioned laws and the personal data listed above can only be deleted after the legal deadline which is 6 years.

2.       Processing of personal data to fulfill the contract  
pursuant to Article 6 (1) b) GDPR
Accommodation agreement, reservations via online reservation system and reservations confirmed by email or by phone
Personal data: name, surname, email and / or phone.

The customer has the right to ask the hotel at any time for an overview of his or her personal data or for correction.
The data are stored for 6 years. Upon request and after termination for the contracts (reservation) can be completely deleted.
These data are stored in a printed form in a locked place and in electronic form in the PC of the receptionist and marketing staff, to which only an authorized person has access.
We may also process these personal data for legitimate interest pursuant to Article 6 (1) f) GDPR and can be used for direct marketing eg: One-time email inquiring about the guest's satisfaction after his departure or a one-time request for a review.

Processing of personal data to implement measures taken before the conclusion of a contract at the request of the data subject 
Accommodation offer / quote 
Personal data: first and last name, email
The request is to make quote for an accommodation per e-mail or fill out a request form on www.hotelmaxant.cz or a telephone inquiry. 
The customer has the right to ask the hotel at any time for an overview of their personal data, correction or deletion.
These data are stored electronically in the PC of reception and marketing staff, to which only an authorized person has access. They are stored for 6 years and can be deleted upon request at any time.

3.       Processing of personal data based on consent of data subject
pursuant to Article 6 (1) a) GDPR in conjunction with § 7 paragraph 2 of Act No. 480/2004 Coll.

Newsletter
Personal data: first and last name, email
Newsletter subscription is voluntary and revocable at any time.
Newsletter subscription is not necessary for use of any hotel service.
Personal date are stored in a printed form in a locked place and in electronic form in the PC of reception and marketing staff, to which only the authorized person has access.
For this purpose, personal data may be processed until request for withdrawal by customer.
The customer has the right to ask the hotel at any time for an overview of their personal data, correction or deletion.

Loyalty system
Personal date: first and last name, email, date of birth, address
Membership of the loyalty program is voluntary and revocable at any time.
For this purpose, personal data may be processed until request for withdrawal by customer.
Membership of the loyalty program is not necessary for use of any hotel service.
Personal information is stored in a printed form in a locked place in electronic form in the PC of the reception and marketing staff, to which only the authorized person has access.
The customer has the right to ask the hotel at any time for an overview of their personal data, correction or deletion.

Website of hotelmaxant.cz and lipnolyzovani.cz
We use these types of cookies on our site:
Functional cookies - that are necessary for the optimal functioning of the website.
Analytical Cookies – that help us measure site traffic and other statistics.
Remarketing / Advertising cookies – that help us with marketing – better target and customize ads that you see elsewhere on the web.

We use these services:
•     Google Analytics and Google AdWords - web analytics and ads provided by Google Inc. ("Google"). The information provided by the cookie about the use of this website is usually transferred to a US server in the US and stored there.
More at https://www.google.com/intl/en/policies/technologies/cookies/ .

•     Sklik - Our website uses retransfer technologies from Sklik, operated by Seznam.cz, a.s. This allows us to show visitors, who have already shown interest in our services, our ads on the Seznam.cz There is no personal data processing by retargeting by Sklik.

TECHNICAL AND ORGANIZATIONAL PROTECTION OF PERSONAL DATA PROTECTION

1.       The hotel undertakes to provide technically and organizationally the protection of processed personal data to prevent unauthorized or accidental access to the data, its alteration, destruction or loss, unauthorized transmissions, any other unauthorized processing, as well as other misuse.

2.      The hotel undertakes that the processing of the data will be ensured in particular as follows:

a)       personal data will only be accessible to authorized hotel employees who were informed about the sensitivity of personal data and how to work with personal data of the guests.

b)       personal data will be processed on the premises of the Hotel, to which only authorized persons or their suppliers (subcontractors) will have access, bound by the same obligations;

c)       The hotel will prevent the unauthorized reading, creating, copying, transmission, modification or deletion of records containing personal data;

d)       Take measures to identify and verify to whom personal data have been transmitted, processed, altered or deleted.

3.       The hotel undertakes, by means of its own internal regulations or special contractual arrangements, to ensure that its employees and other persons processing the personal data will do so only under the conditions and to the extent of the Hotel. In particular to maintain confidentiality about personal data, even after termination of employment by the Hotel.

CCTV

1.       The hotel uses a camera system for protection of its customers, their belongings and hotel property. The hotel doesn't process these data and does not provide them to third parties or entities.
Monitored sites are visibly marked with signs.

YOUR RIGHTS
  1. Under the terms of the GDPR you have
    • The right to access your personal data under Article 15 of the GDPR,
    • The right to correct personal data pursuant to Article 16 of the GDPR or, where applicable, the restriction of processing under Article 18 GDPR,
    • The right to delete personal data under Article 17 of the GDPR,
    • The right to object to processing under Article 21 GDPR,
    • The right to data portability under Article 20 GDPR,
    • The right to withdraw consent to processing

Date of last update: 21.5.2018