Data Controller: Chata U Šumavských pramenů, Podlesí 4, 341 92 Kašperské Hory, operated by Synergy Assets a.s., ID No.: 09952713 (hereinafter “Chata”)
Customer: Natural or legal person using the services of the operator
Regulation: Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection Regulation
The subject of these terms and conditions is to ensure the processing of personal data of customers obtained in the course of the business activities of the Chalet and to establish the obligation to maintain confidentiality of such information obtained, to the extent and under the conditions set out in these terms and conditions.
The Chalet undertakes to process customers’ personal data in accordance with these terms and conditions. These terms and conditions are made within the scope of the rights and obligations arising from the relevant legislation when processing personal data pursuant to the preceding paragraph, in particular Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation (“the Regulation”).
RIGHTS, OBLIGATIONS AND CONFIDENTIALITY
The Chalet undertakes to take such technical, personnel and other necessary measures to prevent unauthorised or accidental access to, alteration, destruction or loss of personal data, unauthorised transmission, other unauthorised processing or other misuse of personal data.
In connection with the provision of accommodation services, the Chalet is obliged to process the personal data of guests. These data are handled in particular by:
The aforementioned users have been informed of the sensitivity of personal data. They handle the personal data of guests exclusively within the scope of the services provided by the Hotel. Neither the Hotel nor its employees pass on guests’ personal data to other entities.
The terms and conditions of processing and handling of guests’ personal data are regulated in the processing contract between the Chalet and the respective processor.
PERSONAL DATA PROTECTION OFFICER
The trustee of the Chalet is Jaromír Grégr (firstname.lastname@example.org).
The cottage has a legal obligation to keep certain personal data about its guests, in particular name, surname, date of birth, address and period of accommodation, number and type of document, any visa, purpose of stay. This obligation is governed by the Act on the Residence of Foreigners in the Czech Republic (326/1999) and the Act on Local Fees (565/1990). According to this legislation, the lodge is obliged to keep personal data on customers for a maximum of 10 years.
The customer has the right to ask the chalet for an overview of their personal data at any time. This information is kept in (i) a house book, which is kept in hard copy in a locked room. In the event of a request for deletion of personal data, the Chalet will delete the guest card and shred the house and record book. However, the Cottage must comply with the above laws. The personal data listed above can only be deleted after the legal deadline has passed.
TECHNICAL AND ORGANISATIONAL SAFEGUARDS FOR THE PROTECTION OF PERSONAL DATA
The Chalet undertakes to ensure the technical and organizational protection of the personal data processed so that no unauthorized or accidental access, alteration, destruction or loss, unauthorized transfer, other unauthorized processing or other misuse of the data can occur and that all obligations of the data controller arising from legal regulations, in particular the Regulation, are ensured by staff and organization at all times during the processing of the data.
The Chalet undertakes that the processing of data will be secured in particular in the following way:
- only authorised persons of the Chalet will have access to personal data
- personal data will be processed on the premises of the Cottage, to which only authorised persons will have access
- The Chalet will prevent the unauthorised reading, creation, copying, transmission, modification or deletion of records containing personal data
- take measures to identify and verify to whom personal data have been transmitted, processed, altered or deleted
The Chalet undertakes to ensure, through its own internal regulations or special contractual arrangements, that its employees and other persons who will process personal data will do so only under the conditions and to the extent specified by the Chalet and in accordance with the instructions of the Chalet. In particular, he will himself (and will also bind those persons named) to maintain confidentiality of personal data and security measures, the disclosure of which would compromise the security of personal data, even after the termination of his employment.