Privacy policy

Processing of Personal Data

Personal data will be processed for the purpose of:

  • making a reservation,
  • explaining the conditions of possible violation of regulations or mandatory legal provisions,
  • consideration of a complaint.

In accordance with the Article 13 Low 1 and 2 – the Resolution by the European Parliament and Council (EU) 2016/679 dated 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (general data protection regulation “RODO”) we inform:

The Administrator of the data is the company Usługi Gastronomiczne i Hotelarskie Joanna i Jerzy Frycowscy s.c. registered at the address Ligota Górna 1, 46-200 Kluczbork.

Personal Data

  1. The company collects personal information on its guests needed for making reservation/ the issuance of sale note. Personal information is provided voluntarily by the guests, though it is necessary in order to process your reservation.
  2. The guest has the right to access his personal data, as well as correct, delete or limit its processing.
  3. The optional agreement about processing personal data for marketing purposes requires to check the appropriate text in the checkbox while making reservation.
  4. If you feel your data is processed in violation of current law you may lodge a complaint with the President of the Office of the Personal Data Protection. This action may be undone by sending an appropriate message to info@restauracjajoanna.eu
  1. Specific objectives and scope of processing personal information:
Sl.No.

OBJECT

SCOPE

PURPOSE OF PROCESSING CATEGORY OF PEOPLE RETENTION PERIOD

1

Service contract

first name, surname

e-mail address

phone number

personal number/ ID number / passport number

information about your stay/accommodation

information about your preferences for your stay/accommodation

number of adults covered by the contract

number and age of children covered by the contract

home address

payment/credit card numbers/bank account numbers

company information

contact language

Conclusion of the contract Potential hotel customers One year after completion of the service

Payment/credit card numbers – 7 days after completion of the service.

2

Handling/processing complaints of the ordered service first name, surname

e-mail address

phone number

personal number/ ID number / passport number

information about your stay/accommodation

information about your preferences for your stay/accommodation

number of adults covered by the contract

number and age of children covered by the contract

home address

payment/credit card numbers/bank account numbers

company information

contact language

Conclusion of the contract / handling complaints. Building customers One year after completion of the service

Payment/credit card numbers – 7 days after completion of the service

3

Bookkeeping service
company information

e-mail address

phone number

Issuance of financial – accounting document Building customers 5 years after issuing of the document

4

Sending stay offers and information about events and promotion first name, surname

e-mail address

phone number

information about your preferences for your stay

Maintaining contact with the customer/CRM. Persons who have consented to receive information Until further notice
  1. In order to ensure the safety of employees and restaurant guests, prevent from fraud, we process following personal data:

– data of key-card system

– facial image from the surveillance cameras

– e-mail address

– phone number

– IP address

The legal basis for processing personal data is Art. 6 Paragraph 1f GDPR which allows processing personal data when the Administrator carries out a legitimate interest in this way. Data from the CCTV is deleted 30 days after the day of its recording.

Administrator obligations

  1. The Administrator ensures that customer’s data will not be shared with a third party and in this respect he will take measures and provide his knowledge and experience to do this ensuring.
  2. The Administrator reserves the right to share personal information with the entitled subject (subprocessor) and in cases provided by generally applicable law regulations. This refers in particular to entities such as on-line payment system and reception software.
  3. The Administrator is obligated to observe confidentiality and professional secrecy of information obtained in order to process the reservation.

Liabilities of Hotres.pl system

  1. Hotres.pl as a processor of personal information of the guest ensures to implement appropriate technical and organisational measures and additional IT security based on verified servers and systems used for processing personal data in servicing by electronic channels.
  2. Hotres.pl declares that the computer systems used for processing personal data comply with the existing law requirements and are highly protected within the meaning of the Regulation of the Minister for Internal Affairs and Administration of 29 December 2004 on the documentation of personal data processing, and technical and organizational conditions  which shall be met by devices and IT systems used for personal data processing.
  3. Subcontractors and employees of Hotres.pl will be duly empowered to process personal data for the purpose of reservation. Both, the Administrator and the guest, agree with this condition.
  4. To ensure the highest level of safety of personal data storage required by GDPR, Hotres.pl undertakes following steps:
  1. encryption and anonymisation of personal data
  2. providing for, confidentiality, integrity,  availability and resilience of systems and processing services
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

Final provision

The Administrator reserves the right to implement changes in policy provisions in all times and depending on his own decision. In particular, he may modify this policy in case of:

  1. the need to comply the policy with mandatory rules or with the changes in provision of national law affecting the content of the policy
  2. the need to comply the policy with recommendation, interpretation, judgment, provision or order by the public authority or judicial decision affecting the content of the policy
  3. extension or change of functionalities of Hotres.pl
+
Zadzwoń teraz