Data Privacy Notice

    Data Privacy Notice

    1.The controller of the Visitor’s personal data is Poznańska 15 Spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw, ul. Poznańska 15, 00-680 Warsaw, NIP (tax ID): 7010011948, REGON (business ID): 140490174.

    2.One of the main objectives of the Hotel is to provide services at the highest level, which should also mean a special care to protect the privacy of Guests and other people whose data is processed by the Hotel. The purpose of this Data Privacy Notice is to provide interested parties with complete information about the scope, purpose and method of processing their data and to provide information about their rights.

    3.The controller processes data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter referred to as „GDPR”.

    4.The Visitor’s personal data is processed under the hotel services agreement concluded between the Visitor and the Hotel. The objective of personal data processing is to provide hotel and similar services, as rendered by the Hotel at the Visitor’s request. Moreover, the Visitor’s personal data may be processed by the Hotel’s CCTV monitoring system. The purpose of the system is to ensure security of the Visitor and other people present in the Hotel and in its vicinity.

    5.If the Visitor decides to provide personal data regarding their preferences as to the stay or provided services as well as information such as telephone number or e-mail address, the Hotel may process such personal data in order to improve the quality of provided services or to ensure the Visitor’s comfort, or to render additional services to the Visitor. The same applies to the processing of sensitive data. The legal basis of processing of personal data for this purpose is the legitimate interest of the Hotel (Article 6(1)(f) of GDPR). The Hotel has evaluated the impact of their activities in this respect on the Visitor’s privacy and has concluded that the processing of personal data on the basis of a legitimate interest will not excessively encroach on the Visitor’s privacy since this form of processing of the Visitor’s personal data is intended to improve the quality of services rendered by the Hotel, which will benefit the Visitor and ensure a better understanding of their needs. Therefore, the Visitor’s interests and privacy will not be infringed.

    6.The Visitor’s personal data may also be processed in order to analyse their satisfaction with the services rendered by the Hotel. The legal basis of processing of personal data for this purpose is the legitimate interest of the Hotel (Article 6(1)(f) of GDPR). The Hotel has evaluated the impact of their activities in this respect on the Visitor’s privacy and has concluded that the processing of personal data on the basis of a legitimate interest will not excessively encroach on the Visitor’s privacy since this form of processing of the Visitor’s personal data is intended to improve the quality of services rendered by the Hotel, which will benefit the Visitor and ensure a better understanding of their needs. Therefore, the Visitor’s interests and privacy will not be infringed.

    7.The Hotel would like to inform you that providing personal data which is necessary for identification purposes is both a contractual and a statutory requirement (when documenting sales to the Visitor by means of an invoice). Failure to provide such personal data will make it impossible to conclude the agreement with the Hotel and to issue an invoice.

    8.The Hotel would also like to state that each Visitor has the right to access, correct, and up-date their personal data. Each Visitor also has the right to data portability, right to object to processing, to restrict processing, and to have the data removed, provided that there are legal grounds to it.

    9.The Hotel would like to state that the Visitor’s personal data will be retained throughout the period of hotel service provision as well as during the period of limitation of potential claims, including tax and civil claims. In addition, personal data processed by CCTV will be retained for 30 days.

    10.The Hotel would like to state that the Visitor’s personal data may be disclosed to the following categories of recipients:

    – Law firms which cooperate with the Hotel,
    – Accountant firms cooperating with the Hotel,
    – Insurance companies which cooperate with the Hotel,
    – IT companies and companies in charge of the Hotel’s IT infrastructure support and management,
    – Courier and postal companies,
    – Travel agencies.

    11.The Hotel would like to inform the Visitor of their right to lodge a complaint with a supervisory authority regarding personal data processing.

    12.If a stay in the Hotel is booked through a travel agency or a booking site, categories of the Visitor’s personal data provided to the Hotel by such entities may include, in particular, the Visitor’s name, date of stay, e-mail address, and telephone number. Information regarding the specific source from which the Hotel obtained the Visitor’s personal data may be provided by the Reception.