CHATA NEZÁBUDKA

Privacy Policy (GDPR)

1. Basic Information

The data controller of personal data is:
[Company name / full name]
Registered office: [address]
Company ID: [Company ID]
E-mail: [contact]
Phone: [contact]

(hereinafter referred to as the “controller”)

The controller processes personal data in accordance with:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR)

  • Act No. 18/2018 Coll. on Personal Data Protection

2. Scope of Processed Personal Data

We process mainly the following personal data:

  • first name and surname

  • e-mail address

  • phone number

  • billing details (address, Company ID, Tax ID)

  • reservation details (stay dates, number of guests, specifications)

  • IP address and technical device data

  • payment details (to the extent necessary for payment processing)

3. Purposes of Personal Data Processing

We process your personal data for the following purposes:

a) Reservation and Accommodation Services

  • creation and management of reservations

  • communication with customers

  • stay registration

Legal basis: performance of a contract pursuant to Article 6(1)(b) GDPR

b) Payment Processing

Payments are processed through the GoPay payment gateway.

For payment purposes, the necessary data required to complete the payment is transferred to this company.

Legal basis: performance of a contract

c) Accounting and Legal Obligations

  • issuing invoices

  • maintaining accounting records

Legal basis: compliance with a legal obligation pursuant to Article 6(1)(c) GDPR

d) Marketing (if relevant)

  • sending commercial communications (newsletter)

Legal basis: consent of the data subject pursuant to Article 6(1)(a) GDPR

e) Service Improvement and Analytics

  • website traffic analysis

  • service optimisation

Legal basis: legitimate interest pursuant to Article 6(1)(f) GDPR

4. Cookies

We use cookies on our website for:

  • ensuring website functionality

  • traffic analysis

  • marketing purposes

You can manage cookies through your browser settings or via the cookie banner.

5. Data Retention Period

We retain personal data:

  • for the duration of the contractual relationship

  • for the period required by law (e.g. accounting – 10 years)

  • for marketing purposes until consent is withdrawn

6. Recipients of Personal Data

Your data may be disclosed to:

  • payment gateway provider (GoPay)

  • web hosting provider

  • accounting company

  • IT and technical service providers

These entities process data on the basis of a personal data processing agreement.

7. Transfers to Third Countries

Personal data is generally not transferred outside the EU.
If such transfer occurs, it will be safeguarded in accordance with GDPR (e.g. standard contractual clauses).

8. Rights of the Data Subject

You have the right to:

  • access your personal data

  • rectify inaccurate data

  • erasure (“right to be forgotten”)

  • restriction of processing

  • data portability

  • object to processing

  • withdraw consent (if processing is based on consent)

You may exercise your rights by e-mail at: [contact]

9. Filing a Complaint

If you believe your rights have been violated, you may file a complaint with:

Office for Personal Data Protection of the Slovak Republic
Hraničná 12, 820 07 Bratislava
Web: https://dataprotection.gov.sk

10. Data Security

The controller has implemented appropriate technical and organisational measures to protect personal data against:

  • unauthorised access

  • loss

  • misuse

11. Final Provisions

These privacy policy terms are valid from: [date]

The controller reserves the right to update these terms.