The company Klínové Boudy, s.r.o., Přední Labská 86, 543 51 Špindlerův Mlýn, IČ 08980136, DIČ CZ0898013, entered in the Commercial Register with the Regional Court in Hradec Králové, section C, file No. 45930, hereby informs about the basic principles of which Klínové Boudy, s.r.o., as the administrator of personal data in connection with the provision of its accommodation services, handles the personal data of its clients in the sense of § 4 letter j) of Act No. 101/2000 coll., on the protection of personal data (hereinafter referred to as “ZOOÚ”) and in connection with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation – GDPR). The legal basis for the processing imposed on the accommodation establishment by law or other legal norm – this is the processing carried out on the basis of the legal reason referred to in Article 6 (1) (a). c) GDPR, i.e. processing necessary. Klínové Boudy, s. r. o. as a controller of personal data (hereinafter also referred to as the „administrator“) in connection with the provision of accommodation services requires the provision of the following personal data of accommodated persons (data subjects):
This information is required and processed by the administrator only for clients who agree to book a stay on a specific date. For clients who only request a stay and there is no binding reservation and sending a binding confirmation of the stay order, the administrator does not require or process personal data. The provision of personal data for accommodation purposes is a legal requirement or a requirement that must be stated in the contract (confirmation of the stay order), and here the data subject is obliged to provide personal data on the basis of § 3 paragraph 4 of Act No. 565/1990 coll. (on local fees) as amended. If this data is not provided, it is not possible to accommodate the data subject or draw up an Accommodation Contract. The administrator obtains personal data directly from data subjects, with the exception of the processing of „Accommodation reservations – receipt of information from internet reservation portals“, where the administrator obtains part of personal data from entities operating internet reservation portals. The client will find information about these personal data managers, including contacts, on their website on which the client made the reservation. Due to their larger number and mutual transfer of data between them, they are not listed here.
Klínové Boudy, s.r.o. as a controller of personal data in connection with the provision of its services collects, processes and stores under the conditions and within the limits of applicable legislation personal data and subject’s data for the following purposes: To fulfill the legal obligation, the administrator is obliged to request data 1)-5) in accordance with generally binding decrees on local fees, as amended, issued by the city of Špindlerův Mlýn. For the purposes of the legitimate interests of accommodation providers, the administrator then requests an e-mail address and telephone number from clients. This data is necessary for effective communication between clients and the landlord.
Personal data will be processed for the time strictly necessary to ensure mutual rights and obligations, i.e. always at least until the end of the stay, and then for the period during which the controller is obliged / authorized to retain data under GDPR and other generally binding legal regulations.
The processing of personal data takes place manually, in electronic or paper form, always with high technical, organizational and personnel security in the sense of the requirements of the GDPR. Only the executives of the administrator’s company and subsequently the bodies that require this data by law (e.g. the Špindlerův Mlýn Municipal Authority, the Police of the Czech Republic, the Alien Police Department) come into contact with clients‘ personal data. Processing is performed only by executives of the administrator’s company in person.
For effective communication with clients, personal data is stored: name and surname, address, e-mail and telephone. These are stored in electronic form and in paper form with security. Birth dates are recorded and stored in electronic and paper form with secure storage.
The data are stored for a period of 6 years following the year of entry in accordance with the fulfillment of the legal obligation pursuant to Act 565/1990 coll. (on local fees) as amended by later regulations and Act No. 326/1999 coll. (on the stay of foreigners in the Czech Republic) as amended, with the proviso that tax documents are kept for a period of 10 years from the end of the tax period in which the performance took place pursuant to §35 and § 35a of Act No. 235/2004 coll. (on value added tax) as amended.
The data subject has all the rights granted by the GDPR Regulation and other legal regulations, in particular:
More information on the rights of the data subject is available on the website of the Office for Personal Data Protection. https://www.uoou.cz/6-prava-subjektu-udaj/d-27276 . All the above personal data are processed and stored in accordance with the conditions of the GDPR and are not made available or provided to any other persons except for possible control by the municipality, for which local fees are collected, or the Police of the Czech Republic, the Alien Police Department. Personal data will also not be transferred outside the EU or any international organization.