Name: Hotel Verte
Address: Miodowa 6/8, Warsaw, Masovian District, 00-252, Poland
Telephone: +48 22 346 16 00

1 For the Owner of this website, protecting the Users’ data is of the utmost importance. It makes great efforts to ensure that Users feel secure in entrusting their personal data when using the website.

2 A User is a natural person, a legal person or an organisational unit without legal personality to which legal capacity is granted by law, using the electronic services available on the website.

3 This privacy policy explains the principles and scope of processing the User’s personal data, the User’s rights and obligations as well as the Administrator’s obligations regarding the use of cookies.

4 The Administrator uses the most modern technical measures and organisational solutions to ensure a high level of protection of the processed personal data and to prevent access by unauthorised persons.

I. PERSONAL DATA CONTROLLER

The Administrator of the personal data is Miodowa 6 Sp. z o.o. with its registered office at Aleja Niepodległości 124/24, 02-577 Warsaw, entered in the register of entrepreneurs kept by the District Court in Warsaw, XIII Economic Department, under KRS number: 0000556608, NIP: 5213696123 (hereinafter: “Owner”).

The Data Protection Inspector is Marek Kowalski, e-mail address: iod@hotelverte.com (hereinafter: “DPO”).

II. PURPOSE OF PERSONAL DATA PROCESSING

1. the Administrator processes the User’s data in order to:

booking accommodation and providing hotel, conference, event and catering services. The provision of personal data is voluntary but necessary for the performance of the service. Additionally, once the Guest has given his/her consent, his/her personal data will be processed for marketing purposes within the scope of the consent given.

2 The User may also consent to receive information on news and promotions, which will also result in the controller processing personal data in order to send the User commercial information concerning, among other things, new products or services, promotions or sales.

3 Personal data shall also be processed in the fulfilment of legal obligations incumbent on the controller and in the performance of tasks in the public interest, e.g. for the performance of tasks related to security and defence or for the storage of tax documentation.

4 Personal data may also be processed for the purposes of direct marketing of products, securing and enforcing claims or protecting against claims by the User or a third party, as well as marketing of services and products of third parties or own marketing, which is not direct marketing.

III. TYPE OF DATA

1 The Administrator processes the following personal data, the provision of which is necessary for:

a. Data provided by the User optionally:

-name and surname, telephone number, e-mail address;

IV. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

1 Personal data shall be processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1-88, hereinafter referred to as the “RODO Regulation”.

2 The Administrator shall only process personal data with the prior consent of the User.

3 The granting of consent for the processing of personal data is completely voluntary.

V. YOUR RIGHTS

1 The user may at any time request information from the controller regarding the extent of the processing of their personal data.

2 The user may at any time request the rectification or amendment of their personal data.

3 The user may withdraw his or her consent to the processing of his or her personal data at any time, without giving reasons. The request not to process the data may relate to a specific purpose of processing indicated by the User, e.g. withdrawal of consent to receive commercial information, or relate to all purposes of data processing. The withdrawal of consent regarding all processing purposes will result in the User’s account being deleted from the website, together with all of the User’s personal data previously processed by the Administrator. The withdrawal of consent will not affect the activities already carried out.

4 The User may at any time request, without stating a reason, that the Administrator delete his/her data. The request for deletion of data shall not affect any actions already performed. Deletion of data means simultaneous deletion of the User’s account, together with all personal data stored and processed to date by the administrator.

5 The User may at any time object to the processing of his/her personal data, both in respect of all the User’s personal data processed by the Administrator, as well as only to a limited extent, e.g. as regards the processing of data for a specifically indicated purpose. The objection will not affect the activities performed so far. The raising of an objection will result in the deletion of the User’s account, together with all personal data stored and processed to date by the administrator.

6 The User may request the restriction of the processing of personal data, either for a specific period of time or without a time limitation but to a specific extent, which the controller will be obliged to comply with. This request will not affect the activities already carried out.

7 The User may request that the controller transfer to another entity, the User’s personal data processed. For this purpose, he should write a request to the administrator, indicating to which entity (name, address) the User’s personal data should be transferred and what specific data the User wishes the administrator to transfer. After the User confirms his/her request, the administrator will transfer, in electronic form, the User’s personal data to the indicated entity. Confirmation of the request by the User is necessary for the security of the User’s personal data and to obtain certainty that the request comes from an authorised person.

8 The Administrator shall inform the User of the action taken, within one month of receiving one of the requests mentioned in the preceding paragraphs.

VI. RETENTION PERIOD OF PERSONAL DATA

1 As a general rule, personal data shall only be stored for as long as necessary to fulfil the contractual or statutory obligations for which they were collected. The data will be deleted immediately when its storage is no longer necessary, for evidential purposes, in accordance with civil law or in connection with a statutory retention obligation.

2 Information, relating to the contract, shall be stored for evidential purposes, for a period of three years, starting from the end of the year in which the business relationship with the User is terminated. Deletion of the data will take place after the expiry of the statutory limitation period for the assertion of contractual claims.

3 In addition, the controller may retain archival information concerning concluded transactions, as their retention is related to the User’s claims, e.g. under warranty.

4 If no contract has been concluded, between the User and the Owner, the User’s personal data is stored until the User’s account on the website is deleted. The deletion of the account may take place as a result of the User’s request, withdrawal of consent to the processing of personal data, or objection to the processing of such data.

VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES

1 The Administrator may entrust the processing of personal data to entities cooperating with the Administrator to the extent necessary for the implementation of the transaction, e.g. for the preparation of the ordered goods and delivery of shipments or transmission of commercial information from the Administrator (the latter applies to Users who have consented to receive commercial information).

2 Apart from the purposes indicated in this Privacy Policy, personal data of Users shall not be made available to third parties in any way, nor transferred to other entities, for the purpose of sending marketing materials of these third parties.

3 Personal data of Website Users shall not be transferred outside the European Union.

4 This Privacy Policy complies with the provisions arising from Article 13(1) and (2) of the GDPR.

VI. RETENTION PERIOD OF PERSONAL DATA

1 As a general rule, personal data shall only be stored for as long as necessary to fulfil the contractual or statutory obligations for which they were collected. The data will be deleted immediately when storage is no longer necessary, for evidential purposes, in accordance with civil law or in connection with a statutory retention obligation.

3 In addition, the controller may retain archival information concerning concluded transactions, as their retention is related to the User’s claims, e.g. under warranty.

VII. ENTRUSTING DATA PROCESSING TO OTHER ENTITIES

3 Personal data of Website Users shall not be transferred outside the European Union.

4 This Privacy Policy complies with the provisions arising from Article 13(1) and (2) of the RODO Regulation.

VIII. COOKIES

1 The Website uses cookies or similar technology (hereinafter collectively referred to as “cookies”) to collect information about the User’s access to the Website (e.g. via a computer or smartphone) and his/her preferences. They are used, among other things, for advertising and statistical purposes and to adapt the website to the individual needs of the User.

2 Cookies are pieces of information that contain a unique reference code that the website sends to the User’s device in order to store, and sometimes track, information relating to the device used. They do not usually allow the User’s person to be identified. Their main purpose is to better adapt the website to the User.

3 Some of the cookies present on the website are only available for the duration of a particular web session and expire when the browser is closed. Other cookies are used to remember the User when they return to the website. They are then stored for a longer period of time.

4 The cookies used on this website are:

files that store the visitor’s preferences, files that ensure the operability of the website and files that collect analytical data (about the user’s behaviour).

5 All cookies used on the website are set by the administrator.

6 All cookies used by this website comply with current European Union law.

7 Most Users and some mobile browsers automatically accept cookies. If the User does not change the settings, cookies will be stored in the memory of the device.

8 The User may change his or her preferences regarding the acceptance of cookies or change his or her browser in order to receive an appropriate notification each time a cookie is set. To change your cookie acceptance settings, adjust the settings in your browser.

9 It is worth remembering that blocking or deleting cookies may prevent you from taking full advantage of the website.

10. cookies will be used for necessary session management, including:

a. Creating a special login session for the Website User so that the Website remembers that the User is logged in and that their requests are delivered in an efficient, secure and consistent manner;

b. Recognising a User who has visited the website before, so that the number of unique users who have used the website can be identified and so that the website can ascertain sufficient capacity for the number of new users;

c. Recognising whether a visitor to the website is registered on the website;

d. Recording information from the User’s device, including: cookies, IP address and information about the browser used, in order to be able to diagnose problems, administer and track the Use of the website;

e. To customise elements of the layout or content of the website;

f. Collect statistical information about how the User uses the site, in order to be able to improve the site and to determine which areas of the site are most popular among Users.

PRIVACY POLICY OF THE WEBSITE WWW.HOTELVERTE.COM