INFORMATION ON PERSONAL DATA FOR GUESTS OF THE UMI HOTEL IN SOPOT
Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ L 119, 4.05.2016, p. 1–88) – "GDPR" and in connection with the processing of your personal data, we inform our current and potential Guests, that:
Controller of personal data of hotel guests
The administrator of the personal data of the Guests of the UMI Hotel is UMI Hotel Spółka z o.o. Aleja Niepodległości 659, 81-855 Sopot. NIP: 5851500426, REGON: 524641064, KRS 0001022505.
Mail: recepcja@umihotel.pl
Phone: 58 582 88 87
Purposes of processing personal data of Hotel Guests
The purpose for which the Hotel processes personal data is the conclusion and performance of the contract for the provision of hotel services. In addition, the purpose of the processing of personal data by the Hotel is:
- pursuing possible claims by the Hotel in connection with the damage suffered by the Hotel caused by the Guest or defending against the Guests' claims against the Hotel,
- documenting the performance of the service for tax purposes,
- providing the highest quality of services for hotel guests.
If the Guest has consented to the processing of personal data for marketing purposes, the Hotel processes personal data for this purpose, i.e. in order to send marketing information and offers about its products and services to the Guest. In addition, the Hotel processes the personal data of Guests collected by the hotel monitoring in order to ensure the safety of Hotel Guests and other persons staying on the premises of the Hotel.
Legal basis for processing personal data
The legal basis for the processing of the Guest's personal data obtained by the Hotel is the contract for the provision of hotel services. The legal basis for the processing of the Guest's personal data used for marketing purposes is the Guest's consent. The hotel informs that the consent may be withdrawn at any time. The withdrawal of consent does not affect the validity of the processing that took place before the withdrawal of consent. The legal basis for the processing of the Guest's personal data by monitoring is the protection of their vital interests and the protection of the vital interests of other natural persons, as well as the legitimate purpose of the administrator. Providing personal data in the field of name and surname and address of residence is a requirement for concluding a contract for the provision of hotel services. Failure to provide personal data will prevent the Hotel from concluding a contract for hotel services.
Transfer of personal data
The Hotel transfers personal data to the following categories of entities:
- companies providing IT support services for the Hotel and providing IT software,
- an accounting company providing accounting services,
- transport and taxi companies if the Guest orders transport or courier delivery.
Duration of personal data processing
Personal data:
obtained in connection with the concluded contract for the provision of hotel services will be processed for the period of limitation of tax claims or civil law claims of the Hotel or the Guest, depending on which of these events occurs later, obtained on the basis of consent for marketing purposes will be processed for the period of validity of the consent for marketing purposes, obtained in connection with the monitoring will be processed for 14 days from the date of recording, and then they will be permanently deleted.
Visitor's rights in relation to the processing of personal data
Each Guest has the right to access personal data, rectify it, delete it or limit its processing. In addition, each Guest has the right to object to the processing. Access to the data is possible at the Hotel's headquarters. Possibility to lodge a complaint in connection with the processing of personal data Each Guest has the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection.