Principles of personal data processing

GDPR
Principles of personal data processing

PRINCIPLES OF PERSONAL DATA PROCESSING BY SPLÁVEK S.R.O. AND BOJKA, S.R.O. (PRIVACY POLICY)

Based on EU Regulation 2016/679 (hereinafter referred to as the GDPR), we hereby inform you that:

The personal data controller, i.e., the person who determines the purpose and means of processing your personal data, is an operator of restaurant and accommodation services at "Matylda/Klotylda" of the Company Splávek s.r.o., address Melantrichova 970/17, 110 00 Prague 1, Company ID No.: 87583 and Bojka, s.r.o., Melantrichova 970/17, 110 00 Prague 1, Company ID No.: 28230248 (hereinafter referred to as the "Company").

The contact details of the person responsible for personal data protection in our Company are as follows: reservation@botelmatylda.cz, tel.: +420 777 986 177

And now let us tell you for what purpose and what personal data our Company actually processes:

We process your personal data for the purpose of entering into and an Accommodation Agreement and the due performance of obligations under that Accommodation Agreement between you, as guests, and our Company, as a provider of accommodation and hotel services in general. We collect this personal data directly from you, either in person at the reception desk, by phone or by e-mail when you make a reservation. In order to provide you with our services, we need to know your identification data (name, surname, date of birth, permanent address, ID card number) and contact data (phone number, e-mail address, postal address and such other potential data). If you provide us with your personal data and then do not enter into an Accommodation Agreement with us and do not use our hotel services, we will no longer retain your personal data. We only process your personal data for the necessary time and for the purpose of exercising our rights and fulfilling our obligations, and at the same time we do not process any other personal data that is not absolutely necessary.

In addition to processing your personal data so that you can use our hotel services, we also keep records of data about hosts in the form of a guest book. This allows us to ensure proper performance of our obligations under the Agreement (e.g. monitoring hotel occupancy).

We will keep the above-mentioned personal data and not only process it during your stay, but also until the end of the claims period, or a period within which any complaints related to the provided hotel services may be made and enforced.

Furthermore, our Company is obliged to report information on accommodated guests who are not Czech nationals to public administration bodies, in particular to the foreign and border police pursuant to Section 102 of Act No. 326/1999 Coll., on the stay of foreigners in the territory of the Czech Republic and on the amendment of certain acts, as amended. We are obliged to keep this personal data for 6 years after your stay.

Our Company further processes your personal data for the purpose of fulfilling statutory obligations relating to the collection of local fees (accommodation and spa fees), which we are obliged to pay for each accommodated guests.

In addition to the above-mentioned processing purposes, we process personal data contained in accounts and invoices to fulfil legal obligations relating to the tax office, and we are obliged to keep this data for a period of 10 years.

The provision of personal data is completely voluntary, but at the same time it is a condition for concluding an Accommodation Agreement and related hotel services – we cannot enter into an Agreement without your personal data, nor can we provide you with hotel services. At the same time, however, we inform you that if you provide us with your data, we will not process it for any purpose other than those described above.

In no case shall we transfer your personal data outside the EU or to any international organisation, nor do we plan to do so in the future.

As a data subject, i.e., an individual whose personal data is processed, you understandably have a number of rights regarding your personal data, and we wish to make it as easy as possible for you to exercise these rights. These rights include:

  1. The right of access to your personal data – you have the right to ask us to provide you with information about the personal data we process about your person in the form of a statement.
  2. The right to rectification of personal data – you have the right to ensure that the personal data we process for the above-mentioned purposes is accurate, up-to-date and complete. If you find that this is not the case, please ask us to correct or update it– we will do it in no time!
  3. The right to erasure (also known as the right to be forgotten) – we are obliged to delete personal data that we process for longer than the time mentioned above, or if we do not have valid legal grounds for such processing. We further inform you that we cannot delete data in cases where it is processed on the grounds of performing an Agreement or fulfilling a legal obligation, even if you ask us to delete it. In such cases, we will inform you of this fact within one month, stating the reason.
  4. The right to request restriction of processing – you are entitled to have the processing of your personal data restricted if you contest the accuracy of your personal data or if the processing of personal data is unlawful and, at the same time, we have not deleted the personal data, or if you have raised an objection against the processing. In such cases, we will restrict processing of the data until its legitimacy has been assessed.
  5. The right to object pursuant to Article 21 of the GDPR – you are entitled to object to the processing of your data in cases where it is processed on the grounds of a legitimate interest. If you object to us sending you commercial communications, we will always comply with your request. Unless we can prove that our legitimate reasons for processing your personal data outweigh your interests, rights and freedoms, we will no longer process your personal data.
  6. The right to withdraw consent to processing – you are entitled, at any time, to withdraw your consent to the processing of your personal data in cases where your consent is required (e.g. for sending commercial communications), even if you have previously granted us your consent.
  7. The right to lodge a complaint with a supervisory authority – if we fail to act for more than one month, you are entitled to contact and lodge a complaint with the competent supervisory authority, which is the Czech Office for Personal Data Protection.
  8. The right to data portability under Article 20 of the GDPR – if you want us to provide a third party with the personal data that we process about you in electronic form on the basis of an Agreement or consent that you have provided to us, you may use your right to data portability. However, if exercising this right would adversely affect the rights and freedoms of others, we will not be able to comply with your request.

Our Company does not perform any processing based on automated decision-making.

You may exercise all the rights described above in person at the reception of our hotel or restaurant, where an authorised employee will verify your identity according to the relevant identity document and, at the same time, we will inform of the date of processing your request. If you wish to exercise your rights by electronic means, however, we must be sure that it is really you. In this case, you can send your request to the e-mail address reservation@botelmatylda.cz attaching a valid electronic signature, which is sufficient proof of the identity of the applicant for us, or if you own a data box, you can send the request to one of our data boxes: e8p3pfi or 3t8sckr.

If we cannot be one hundred percent certain of your identity, we are entitled (to maintain the maximum level of protection and to meet obligations) to ask you to provide additional information to confirm your identity.

In addition to processing personal data in connection with the provision of hotel services, we also use surveillance cameras on the premises of our hotel and restaurant. Our Company operates these cameras in the legitimate interest of the safety of all our guests and of your property. A sign with text and information about the controller is displayed in a clear place in every area that is under camera surveillance. Hotel or restaurant employees will provide you with more detailed information about the camera system upon request.

Our employees are thoroughly trained in the area of personal data protection and are prepared to provide you with necessary explanations and cooperation. Information about the scope, purpose and principles of processing the personal data of our guests can also be found at the reception desk and in every hotel room, so this information will be at your disposal throughout your stay. Your safety is of paramount importance to us.

Protection of privacy and personal data is under the supervision of:

Office for Personal Data Protection
address: Pplk. Sochora 27, 170 00 Prague 7
tel.: +420 234 665 111
website: www.uoou.cz 

 

This GDPR is effective from 1 January 2021 and is regularly updated.

The policy was last updated on 15 January 2022

Further details of the processing of personal data can be found in this document:

https://www.botelmatylda.cz/admin/upload/data/gdpr_en.xlsx

###message