As of 25th May 2018, the provisions of Regulation (EU) of the European Parliament and of the Council 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) are enforceable.
The most important objective of GDPR is to strengthen the protection of natural persons personal data collected and processed by companies and institutions running their business activity within the European Union.
Our company attaches great importance to meeting the requirements resulting from GDPR. Below you can find indispensable information on the new provisions we apply regarding personal data protection.
The Controller of your personal data processed by Hotel Quadrille is “Folwarczna” Górski sp. z o.o. S.K.A. with registered office in Gdynia at ul. Folwarczna 2, 81-547 Gdynia, entered into the register of entrepreneurs by the Gdańsk Północ District Court in Gdańsk, VIII Commercial Division of the National Court Register (KRS) under the number: 0000457351, NIP: 5862282192 (hereinafter referred to as „Quadrille”).
Quadrille processes your personal data, i.e. collects, records, stores, removes or deletes data. With relation to processing the agreements concluded by Quadrille, or rendering services your data is processed in order to perform or satisfy the requirements resulting from mandatory legislation (e.g. tax regulations). You can also express your consent to process your data for other purposes clearly defined in the content of your consent.
Providing personal data is voluntary but without the data we cannot properly perform the concluded agreement, e.g. render services or issue an invoice.
Quadrille may process your personal data e.g.:
- with relation to concluded agreement on rendering hotel services, agreement on rendering SPA services or other agreement related to the company activities (art. 6 (1) (b) GDPR),
- while fulfilling the obligations resulting from mandatory legislation e.g. related to the provisions of tax laws or the accounting act (art. 6 (1) (c) GDPR),
- when it is indispensable for pursuing legitimate interests of Quadrille such as e.g. establishing claims and redress related to business activity, including debt recovery or defence against claims (art. 6 (1) (f) GDPR),
Personal data shall be stored until the limitation period of claims resulting from concluded agreements expires, i.e. no longer than 10 years (as per art. 118 Civil Code) from the day when the claim becomes due and payable.
The recipients of your personal data may include banks, financial institutions or Internet booking portals.
The objective of GDPR is to ensure that natural persons have their rights and freedoms protected and have control of the processing of their own data. To this end you can exercise your rights in order to:
- have access to data – data subject has the right to receive information e.g. on what type of data is processed by Quadrille, for what purpose the data is processed and receive the copy of the processed data.
- have the right to remove data (right to be forgotten) – data subject may indicate the scope and circumstances justifying the removal of data e.g. data is no longer indispensable for achieving the objective for which the data has been collected, and there are no legal grounds for further processing of data, data is unlawfully processed.
- have the right to transfer data – data subject has the right to receive own data submitted to Quadrille in a structured commonly used machine-readable form.
- have the right to restrict data processing – data subject indicates that there is rationale defined in art. 18 GDPR for limiting the processing of personal data e.g. Quadrille no longer needs certain data, there is no rationale for further processing of data and data subject requests to refrain from any operations on data or non-erasure of data.
- have the right to rectify data – at any time, if need be, data subject can inform Quadrille on changes in their personal data.
- have the right to object – at any time data subject can object to the processing of data in an automated manner, including profiling and also object to the processing of data for marketing purposes.
- where the processing is based on consent – have the right to withdraw the consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Quadrille without undue delay – and in any event within a month from the receipt of the request – provides data subject with information on activities taken in relation to the execution of the above mentioned rights.
In accordance with mandatory legislation on personal data protection (Act on personal data protection and implementing regulation to the Act) and in the light of new European regulation Quadrille processes your data with the use of proper technical and organizational measures indispensable for
ensuring the security of your data.
Your personal data constitutes the most valuable resources for our company. Quadrille has implemented and is implementing appropriate technical and organizational measures ensuring the security of personal data processing, in particular protection of data against its disclosure to unauthorized person, collection by unauthorized person, loss and alteration, damage or destruction. Moreover, any information regarding Client – Quadrille relation shall constitute legally protected company confidential information.
On the day of GDPR entry into force, Quadrille shall appoint data protection officer you can contact by post to the address of Quadrille hotel with a note „Inspektor Ochrony Danych” (Data Protection Officer)
or by e-mail: firstname.lastname@example.org.
Your personal data may be transferred to a third country (e.g. USA) with regard to:
– activity undertaken on social networking sites and use of plug-ins and other tools from those services (e.g. Facebook, Twitter, Google+);
– use of analytical tools and tools for anonymous tracking of users’ behaviour, in particular such as Google Analytics;
Quadrille shall process personal data of users visiting the profiles of controller on social networking sites (e.g. Facebook). The personal data is processed only with regard to the profile, including informing the users on the activities of Quadrille and promoting various events, services and products, as well as communicating with the users via functionalities available on social media. We inform that Quadrille is applying tools based on Clients’ profiling to personalized the content and advertisements and analyse the website and Internet traffic.
You can opt out of advertisements based on personal interests by visiting the following websites: