Terms and Conditions for Processing Personal Data ("Terms")

Terms used:

Data Controller: ATS INVEST s.r.o., Rybná 669/4, Prague 1, 110 00 (hereinafter "Hotel")

Customer: natural or legal person using the services of the operator

Regulation: Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection Regulation

General provisions

  1. The object of these terms and conditions is to ensure the processing of the personal data of customers obtained in the course of the Hotel's business activities, as well as to establish the obligation to maintain the confidentiality of such information obtained, to the extent and under the conditions set out in these terms and conditions.
  2. The Hotel undertakes to process customers' personal data in accordance with these terms and conditions. These terms and conditions are made within the scope of the rights and obligations arising from the relevant legislation when processing personal data pursuant to the preceding paragraph, in particular Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation ("the Regulation").

Rights, obligations and confidentiality

  1. The Hotel undertakes to take such technical, personnel and other necessary measures to prevent unauthorised or accidental access to, alteration, destruction or loss of personal data, unauthorised transmissions, other unauthorised processing or other misuse of personal data.
  2. In connection with the provision of accommodation services, the Hotel is obliged to process the personal data of guests. These data are handled in particular by:
    1. Hotel receptionists
    2. Hotel Manager
    3. Accountant
    4. Marketing department employee
  3. The above-mentioned users have been instructed on the sensitivity of personal data. They handle guests' personal data exclusively within the scope of the services provided by the Hotel. Neither the Hotel nor its employees pass on guests' personal data to other entities. Other processors of guests' personal data are:
    1. Hotel system Previo
    2. Marketing company Inzio
  4. The conditions for processing and handling of guests' personal data are regulated in the processing contract between the Hotel and the processor.

DPO, Trustee

  1. Petr Novotný (novotny@residence-hotels.com) is the DPO of the Hotel. The DPO has attended the training required to perform the duties of the DPO in accordance with the Regulation.

Information about customers

  1. The Hotel has a legal obligation to keep certain personal data about its guests, in particular name, surname, date of birth, address and period of accommodation, document number and type, visa if applicable, purpose of stay. This obligation is governed by the Act on the Residence of Foreigners in the Czech Republic (326/1999) and the Act on Local Taxes (565/1990). According to this legislation, the hotel is obliged to keep personal data on customers for 6 years.
  2. The customer has the right to ask the hotel for an overview of their personal data at any time. This information is stored in (i) the guest card in the hotel system, (ii) the housekeeping book and (iii) the register book, which are kept in hard copy in a locked room. In the event of a request for deletion of personal data, the Hotel will delete the guest card and shred the guest register and the register book. However, the Hotel must comply with the above laws. The personal data listed above can only be deleted after the legal deadline has passed.

Technical and organisational safeguards for the protection of personal data

  1. The Hotel undertakes to ensure the technical and organisational protection of the personal data processed in such a way that unauthorised or accidental access, alteration, destruction or loss of data, unauthorised transmission, other unauthorised processing or other misuse of data cannot occur and that all obligations of the data controller arising from legal provisions, in particular the Regulation, are ensured by staff and organisation at all times during the processing of the data.
  2. The hotel undertakes to ensure that the processing of data is secured in particular as follows:
    1. only authorised persons of the Hotel who have been given the terms and scope of the data processing by the Hotel will have access to the personal data and each such person will access the personal data under their unique identifier;
    2. personal data will be processed on the Hotel's premises, to which only authorised persons or its contractors (subcontractors) bound by the same obligations will have access;
    3. The Hotel will prevent the unauthorised reading, creation, copying, transmission, modification or deletion of records containing personal data;
    4. take measures to identify and verify to whom personal data has been transmitted, processed, altered or deleted.
  3. The Hotel undertakes to ensure, through its own internal regulations or specific contractual arrangements, that its employees and other persons who will process personal data will do so only under the conditions and to the extent specified by the Hotel and in accordance with the Hotel's instructions. In particular, he/she will himself/herself (and will also bind such persons named) to maintain the confidentiality of personal data and security measures, the disclosure of which would compromise the security of personal data, even after termination of employment or relevant work with the Hotel.

Video surveillance system

  1. The Hotel uses a CCTV system to prevent the protection of its customers, itself and their property. The Hotel declares that it does not work with the recordings in any way, does not provide them to third parties or entities.

Cookies

When you browse our website, we record your IP address, how long you stay on the page and from which page you come. We see the use of cookies to measure website traffic and to customize the display of the website as a legitimate interest of the administrator, as we believe that this allows us to offer you an even better service.

Our website can also be browsed in a mode that does not allow the collection of personal data. You can disable the use of cookies on your computer.

Date last updated: 25 May 2018