PRINCIPLES OF PERSONAL DATA PROCESSING

Wednesday March 4th, 2020

PRINCIPLES OF PERSONAL DATA PROCESSING

(“Principles”)
Data Manager: Hotel Zátkův dům, Krajinska 214/41, 2370 01 České Budějovice (hereinafter referred to as “Hotel”)
Customer: A natural or legal person using the services of an operator
Regulation: Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, Regulation on the protection of personal data.

GENERAL CONDITIONS
1. The subject of these terms and conditions is to ensure the processing of the personal data of customers obtained in the course of the Hotel’s business activities and to establish the obligation to maintain confidentiality of such information obtained, to the extent and under the conditions set forth by these principles.
2. In accordance with these policies, the hotel undertakes to process customer personal information. These principles are embodied in the scope of the rights and obligations that arise from the applicable laws, such as Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April, in the processing of personal data under the previous paragraph, the General Regulation on the protection of personal data (“Ordinance”)

RIGHTS, OBLIGATIONS AND DIGNITY
1. The hotel undertakes to take such technical, personnel and other measures as may be necessary to prevent unauthorized or accidental access to personal data, alteration, destruction or loss, unauthorized transmissions, any other unauthorized processing or other misuse of personal data .
2. In connection with the provision of accommodation services, the Hotel is obliged to process personal data of the guests. The receptionist and hotel manager work with this information.
3. The abovementioned users have been informed about the sensitivity of personal data. With personal information, guests only use the services provided by the Hotel. The hotel or staff does not transmit personal data to guests to other entities. Another personal data processor is the Hores Hotel System.
4. The principles of processing and handling personal details of guests are regulated in the processing agreement between the hotel and the particular processor.

RESPONSIBLE PERSON
1. The person in charge of the Hotel Jana Vlčková, company executive.

CUSTOMER INFORMATION
1. The hotel has the legal obligation to keep certain personal data about its guests, especially name, surname, date of birth, address and time of accommodation, number and type of document, visa, purpose of stay. This obligation is governed by the Act on the Residence of Foreign Nationals in the Czech Republic (326/1999) and the Act on Local Fees (565/1990). According to this legislation, the hotel is required to keep personal data about customers for 6 years.
2. The Customer has the right to ask the hotel at any time for an overview of its personal data. This information is stored in the 1st guest card, 2 in the housebook, and 3 in the record book, which are stored in a safe deposit box in a locked room, accessible only to the receptionist and hotel manager. In the case of a request for the deletion of personal information, the Hotel will delete the guest card and will destroy the house and registration book. However, the above-mentioned laws must meet the hotel. The personal data listed can only be deleted after the legal deadline.

TECHNICAL AND ORGANIZATIONAL PROTECTION OF PERSONAL DATA PROTECTION
1. The hotel undertakes to provide technically and organizationally the protection of the processed personal data in such a way that unauthorized or accidental access to data, alteration of its destruction or loss, unauthorized transmissions, any other unauthorized processing as well as other misuse may occur personnel and organizational continuity throughout the processing of the data is ensured by all obligations of the personal data controller, resulting from the legislation, in particular the Regulation.
2. The hotel undertakes that the processing of the data will be ensured in particular as follows:
a) Personal data will be accessed only by authorized hotel persons who will have the conditions and extent of data processing set up by the Company and any such person will access personal data under its unique identifier;
b) Personal data will be processed on the premises of the Hotel, to which only authorized persons or their suppliers (subcontractors) will have access, bound by the same obligations;
c) The hotel will prevent the unauthorized reading, creation, copying, transmission, modification or deletion of records containing personal data;
(d) Take measures to identify and verify to whom the personal data have been transmitted, processed, altered or deleted.

3. The hotel undertakes, by means of its own internal transcripts or special contractual arrangements, to ensure that its employees and other persons processing the personal data will do so only under the conditions set by the Hotel and the corresponding instructions of the Hotel. In particular, it will (and impose on such persons) also maintain confidentiality of personal data, even after termination of employment or related work at the Hotel.

CCTV
1. The hotel uses a camera system to prevent the protection of its customers, their and their property. This system is made up of two cameras, where it is aimed at the hotel’s parking lot and the other at the lobby of the hotel. The Hotel declares that the records are not working in any way, it is not provided to third parties or entities.
Updated May 25th