Privacy Policy (GDPR)

PRIVACY POLICY AND INFORMATION ON PERSONAL DATA PROCESSING

Cultural Center Týnec, a contributory organization, located at Klusáčkova 2, 257 41 Týnec nad Sázavou, IČ 11865059, registered with the Municipal Court in Prague under file number Pr 1721, operating Hotel Týnec (hereinafter referred to as the "Hotel"), provides the following information regarding the processing of personal data of individuals (hereinafter referred to as "Clients") at our accommodation facility.

Contact Information:

Email: recepce@hoteltynec.cz
Phone: +420 317 729 050

1. Accommodation Services

We process personal data to provide accommodation services, including entering into direct contracts and fulfilling legal obligations applicable to the Hotel under current legislation. For this purpose, we require:

For domestic visitors:

• Name and surname
• Permanent residence address
• Date of birth Identification document number and type (identity card or travel document)
• Duration of stay
• Purpose of stay (recreational/business trip)

For foreign visitors:

• Name and surname
• Date of birth
• Nationality, Permanent residence abroad
• Passport number and visa details, if applicable Start date of stay, expected duration, and purpose of stay in the Czech Republic
• Contact details (phone number, email)

If the client has made a prior reservation, we must also process information related to the reservation, including the booking platform and whether the client was satisfied with the service. This constitutes fulfillment of our contractual obligations.

Personal data is recorded in the hotel system either at the reception upon arrival or via an online application. These details are necessary for preparing accommodation agreements and fulfilling legal obligations.

We retain personal data after the stay to address potential complaints or other issues related to the client's stay, thereby protecting our legitimate interests.

2. Additional Services

For additional services related to accommodation, similar data processing rules apply, with the following specifics:

Taxi Services:

At the client's request, we arrange taxi services and share their contact details (name, surname, phone number) with the taxi operator.

Internet Services:

Clients can access free internet. The network is unencrypted, and MAC addresses are evaluated only in case of incidents. Internal networks are secured by firewalls, logging IP addresses and network behavior.

Catering:

At the client's request, we arrange catering services (meals) with our partners. Contact details (name, surname) are shared with the selected catering provider.

Parking Reservations:

For parking reservations, we process the vehicle's registration number provided by the client.

3. Legal Obligations for Personal Data Processing

Under Czech law, we are required to process personal data in specific cases, including:

• For foreign visitors, maintaining a guestbook as per immigration laws, which includes details such as name, surname, date of birth, nationality, permanent address, travel document number and visa details, purpose, and duration of stay.
• Compliance with local accommodation fee regulations, requiring us to process data such as the duration and purpose of stay, permanent address, and identification document number.
• Issuing invoices with mandatory details such as client identification, employer details for business trips (e.g., IČ, DIČ for taxpayers, company address, and contact details).
• Archiving obligations under applicable legislation.

4. Notifications and Updates on Our Services

Clients may opt out of receiving promotional messages at any time by following the instructions in the communication or contacting the reception via email. Processing this data falls within our legitimate interests.

5. Sources of Personal Data

We primarily collect personal data directly from clients or automated systems (e.g., social media, booking managers, Wi-Fi management). Clients are obligated to provide accurate data and update it if changes occur.

Social Media

We use platforms such as Facebook (https://www.facebook.com/privacy/explanation and https://www.facebook.com/hoteltynec) managed by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These profiles are mainly used to attract so-called fans or followers who can follow the activities and news of the Operator. The Operator uses such affiliated users to communicate and analyse its business activities in order to increase its effectiveness, and in particular to promote its facilities. The terms and conditions of data processing are governed by the separate terms and conditions of the operators of the respective social networks. The data available from the social networks are used to the extent available within the respective social network for as long as specific persons are associated with the respective profile.

We also obtain personal data from booking portals on which we have a profile - this is a one-off acquisition for the purpose of booking accommodation.

6. Data Sharing

We primarily pass on personal data to the authorities where the law requires us to do so (in particular to the foreign police and in fulfilling tax and fee obligations).

We also transfer personal data to persons who provide IT consulting services, hotel systems, accounting services, etc. We use the following processors for data processing:

• 6 PLUS, spol. s r.o. (ID 18595715) with registered office at Tyršova 1902, 256 01 Benešov,
• Booking.com B.V. na adrese Herengracht 597, 1017 CE Amsterdam.
• Expedia, Inc., 333 108th Avenue NE, Bellevue WA 98004
• Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Irsko.
• HOTEL.CZ a.s. (ID: 27176223) with registered office at Kolbenova 882/5a, 190 00, Prague 9
• Google LLC, se sídlem na adrese 1600 Amphitheatre Parkway, Mountain View, Kalifornie 94043, USA (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI)
• Ing. Karel Rabiňák (ID 41944810), with registered office at Stranný 15, 257 56 Neveklov
• Mevris Group s.r.o. (ID 02465345) - Better Hotel - with registered office Rybná 716/24, 110 00 Prague 1
  Personal data may be transferred outside the EU, namely to the USA under the terms of a privacy shield.

7. How do we process personal data?

Personal data is processed in electronic form by automated means, namely by:

• the aforementioned booking portals (Booking, Hotel.cz...), or via Facebook,
• the Better Hotel system
• wi-fi network management system.

Personal data may also be processed manually by our employees or persons in charge of the reception. All such persons may only process personal data under the conditions and to the extent stated above and are bound by the obligation of confidentiality of personal data and security measures, the disclosure of which would compromise the security of personal data.

However, we always process personal data in accordance with the relevant legal provisions and ensure due care and protection. We make sure that you do not suffer harm to your rights, in particular the right to human dignity, without unwarranted interference with your private and personal life.

8. How long do we process personal data?

Personal data may be processed for longer than the time period set out below if there is a relevant reason for further processing, typically an administrative or legal proceeding for which the personal data is relevant.

We will process personal data for the following period:

• Personal data processed for the purpose of accommodation will be processed for as long as the accommodation lasts and then for a period of 5 years from the end of the accommodation in order to record any claims in legal disputes.
• Personal data processed for the purpose of registration of foreigners will be processed in accordance with the Act on the Residence of Foreigners for a period of 6 years from the last entry in the house register, or for a period of 6 years from the end of the accommodation of the resident.
• Personal data processed in accordance with the Local Taxes Act will be processed for 6 years from the last entry in the register.
• The processing period for accounting documents is 5 years from the end of the accounting period, in the case of documents relevant for VAT payments it is 10 years from the end of the tax period in which the transaction took place.
• We retain your identification data and email for the purpose of sending you commercial communications about our services until you ask us to cancel.
• Social media data for as long as you are a "fan" or "follower".
• We retain wi-fi network usage information for as long as necessary to deal with security incidents, if an incident is not recorded it is not retained.

9. What rights do you have?

The client has the right to ask us for access to their personal data including making a copy of all their personal data. You can do this by emailing recepce@hoteltynec.cz

The client is always informed of:

• the purpose of processing personal data,
• personal data or categories of personal data subject to processing, including any available information about their source,
• the nature of automated processing, including profiling, and information concerning the procedure used, as well as the significance and likely consequences of such processing for the data subject,
• recipients or categories of recipients,
• the intended period of time for which the personal data will be stored or, if this cannot be determined, the criteria used to determine this period, any available information about the source of the personal data, if not obtained from you.

Other client rights include

• to ask us for an explanation,
• to request that we rectify the situation that has arisen, in particular this may include blocking, rectifying, supplementing, restricting the processing or destroying the personal data (right to be forgotten),
• to request personal data relating to you in a structured, commonly used and machine-readable format and to transmit this data to another controller without any hindrance from us,
• to make an enquiry or lodge a complaint with the Data Protection Authority,
• to object to the processing of personal data concerning you.

10. We protect the client's personal data

We protect the Client's personal data. The following security measures are used for this purpose:

Antivirus protection, firewalls, encryption, intranet access restrictions, authorization data, etc.