Privacy Policy

Introduction
This privacy policy defines how Europeum Hotel treats personal data collected via the www.europeum.pl website, including the rules for their collection and processing. The protection of personal data has always been prioritized in the activity of Europeum Hotel. Our goal is to properly inform you about issues related to the processing of personal data, especially regarding the content of the new provisions on the protection of personal data, including the Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (‘GDPR’).

Personal data
Personal data means information about an identified or identifiable natural person. The www.europeum.pl website limits the collection and use of personal data to the minimum necessary to provide services at the desired level.

Administrator
The administrator of personal data obtained via the www.europeum.pl website is Opal Investments Sp. z o. o. based in Wrocław (50-073) at ul. Św. Antoniego 2/4, entered into the Register of Entrepreneurs kept by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register under the number KRS 0000253419, REGON 140488361, NIP 5272501581, e-mail address: europeum@europeum.pl.

The scope of personal data
The personal data processed include:
• name and surname
• PESEL
• address
• contact details (including phone number, e-mail address)
• credit or debit card number or other payment details
• passport, visa or other identification data issued by the authorities
Providing these personal data is voluntary, but is a condition of making and carrying out the reservation.
We collect the following personal data from natural persons who contact us in order to obtain information about the offer or share comments regarding services, as well as those who contact us in order to conclude a contract: name and surname, e-mail address and phone number. In particular, these people can send us an e-mail via the contact form on our website.
We ask you not to provide information from specific categories of personal data via the website (such as information on race or ethnic origin, political views, religious or philosophical beliefs, trade union membership, information on physical or mental health, genetic data, biometrics data, information about sexual life or sexual orientation and the criminal past). If you provide such information for any reason, it will be considered as a consent to collect and use by us such information as set out herein or as specified in the place where the information was disclosed.
By submitting personal data related to other people (e.g. when making a reservation for another person), the user declares that he is authorized to do so and authorizes us to use the information in accordance with this Privacy policy.

The purpose of personal data processing
We process personal data in accordance with Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR) and the Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002 No. 144 item 1204, as amended) to the extent and scope necessary to make and execute the reservation, as well as other legitimate purposes, including the provision of services requested by the user, personalization of services in accordance with the preferences of the user, preparation of the offer. After giving consent, personal data can be processed for marketing purposes.

Profiling
Personal data that we collect due to use of the website www.europeum.pl, can be processed in an automated manner (including in the form of profiling), however, it will not cause any legal effects to the natural person or similarly significantly affect his/her situation. We attach particular importance to profiling and indicate that:
– we do not process sensitive data for profiling purposes,
– if we can not achieve the goal in a different way than by profiling personal data that is not polled or non-aggregated, we use typical data: e-mail and IP address or cookies,
– we profile to analyze or forecast personal preferences and interests of people using our website or services,
– profiling for marketing purposes, i.e. matching the marketing offer to the above mentioned preferences.

Legal basis for processing
In case of processing personal data due to use of the website, we can deal with different types of legal grounds for processing, depending on the category of personal data that we process and the purpose of processing, and so:
– personal data of people who use our website and fill in the booking form for this purpose, we process because it is necessary to perform an agreement,
– we process personal data of people visiting our website on the basis of the legitimate interest of the data administrator, e.g. by matching the displayed content, or upon a consent (in particular, consent to e-mail marketing),
– sometimes legal provisions impose obligations on us for tax and accounting purposes.

Processing period
The period during which we process personal data depends on the legal basis that constitutes the condition for the processing of personal data. Accordingly, we inform you that:
1) in the event that personal data are processed on the basis of a consent, the processing period continues until such consent is withdrawn;
2) in the case when personal data are processed on the basis of a justified interest of the data administrator, the processing period lasts until the cessation of the abovementioned interest (e.g. the period of limitation of civil claims) or the moment of objection of the data subject against further processing – in situations where such an objection is in accordance with the law;
3) if the personal data are processed because it is necessary due to the applicable law, the periods of data processing for this purpose are determined by these provisions,
4) in the absence of specific legal or contractual requirements, the basic storage period for records and other documentary evidence drawn up during the performance of an agreement amounts maximum of 10 years.

Security
Personal data are protected against unauthorized access of unauthorized persons, disclosure, loss, destruction, damage or change and processing incompatible with applicable law.

Rights of data subject
The natural person to whom the data relate has the right to access his/her personal data and the right to rectify, delete or limit the processing, the right to transfer data as well as the right to object to their processing. If you wish to exercise these rights, please send an e-mail to: europeum@europeum.pl or send a letter to:
Hotel Europeum
ul. Kazimierza Wielkiego 27A
50-077 Wrocław
The administrator may retain some of the personal data to complete the reservation made before submitting the change or removal request. In addition, some data can not be deleted for legal or security reasons.
In the case of processing personal data on the basis of consent, individuals have the right to withdraw this consent at any time. In the absence of other information, that is, if you have not provided another address to withdraw your consent, please send an e-mail to: europeum@europeum.pl or a letter to:
Hotel Europeum
ul. Kazimierza Wielkiego 27A
50-077 Wrocław
If you have any questions, reservations or concerns regarding the content of this Privacy policy or the manner in which we process your personal data, please send an email with detailed information to the following address: europeum@europeum.pl.

Providing personal data to third parties
Personal data may only be transferred if it is allowed by law. The personal data administrator may disclose personal data to third parties with whom the administrator enters into a contract on entrusting the processing of personal data. The contract on entrusting the processing of personal data concluded with a third party provides provisions and security mechanisms to protect data and preserve our standards in terms of data protection, confidentiality and security. Recipients of personal data may be service providers such as companies that provide website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure delivery, customer service, e-mail delivery, marketing, and other services, as well as authorities supervising compliance with law, regulatory authorities and other public administration bodies
Users’ personal data will not be transferred to a third country.

Links to third party websites
On the website www.europeum.pl are available links (links) to external sites on which this Privacy policy does not apply. Opal Investments sp. o.o. is not responsible for the privacy practices of these websites. We recommend to read the rules on individual websites.

Consent
By using this website, you agree to the terms set out above.

The last update of this document took place on 24/05/2018.