With effect from 25 May 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Regulation on Personal Data Protection), the so-called GDPR. In connection with this, we provide you with the following information on the processing and protection of your personal data.
The administrator of your personal data is the company Baltaci Napajedla s.r.o., with its registered office at Masarykovo náměstí 212, 763 61 Napajedla, IČO: 06410103, registered at the Regional Court in Brno under file number C 101943, which operates the Hotel Baltaci Starý Zámek at Masarykovo náměstí 75, 763 61 Napajedla and Restaurant Baltaci Napajedla at Masarykovo náměstí 212, 763 61 Napajedla (hereinafter referred to as the Hotel or the Administrator).
The personal data we process about you includes your:
We obtain personal data directly from you or from your accommodation providers when concluding an accommodation reservation contract or accommodation contract and further during our contractual relationship. Providing your personal information is voluntary. However, if you choose not to provide us with your personal data, it will not be possible to conclude an accommodation reservation contract or an accommodation contract.
There is no automated decision-making process when processing your personal data.
To ensure the security and confidentiality of your personal data, which is extremely important to us, we use technical and organizational measures, especially to protect against unauthorized access to and misuse of personal data, including ensuring the security of our IT systems. We regularly evaluate and update all measures.
We process your personal data for the purposes of:
To ensure the proper operation of the Hotel, in providing services and fulfilling its obligations under contracts, we use professional and specialized services of other entities, such as providers of catering services, IT services, accountants, auditors and other entities that provide us with their services. If these entities process your personal data provided to them by the Administrator, they have the status of processors of personal data and process them only within the framework of our instructions and cannot use them otherwise. We carefully select each such entity and enter into a contract with each
on the processing of personal data, in which such an entity as a processor has strict obligations to protect and secure personal data.
The recipients to whom we provide your personal data are also state authorities and state-established institutions, but only if the Administrator is obliged to do so on the basis of applicable law or it is necessary to protect the rights and legitimate interests of the Administrator.
The controller does not transfer your personal data to a third country or international organization.
We process your personal data only for the duration of any of the above purposes of processing, ie especially for the duration of the contract and the duration of the parties’ claims under this contract or for the period specified by applicable law to archive relevant documents containing your personal data or for the existence of your consent to the processing of personal data in cases where it is necessary to process your consent.
In connection with the processing of your personal data, you have:
-your personal data is no longer needed for the purposes for which it was collected or processed;
-you have revoked your consent to the processing of your personal data;
-you have raised an objection to the processing of your personal data and our legitimate interest in the further processing of your personal data does not take precedence in this case or you have raised an objection to the processing of your personal data for direct marketing purposes;
Your personal data has been processed illegally;
-Your personal data must be deleted in accordance with legal regulations.
the right to restrict the processing of your personal data if:
-you deny the accuracy of your personal data until we verify their accuracy;
-the processing of your personal data is illegal and instead of deleting your personal data, you only request restrictions on their use;
-we no longer need your personal data, but you request it to exercise your legal claims;
-you have objected to the processing of your personal data, as long as we do not verify whether our legitimate interests outweigh your interests.
The Administrator does not have a data protection officer.
If you have questions or comments about the processing of your personal data or you want to exercise your rights under point VI., You can do so: