Privacy

Name: Hotel Evita&SPA Krzysztof Otlewski Spółka Komandytowa
Address: Czerska 11, Tleń, 86-150, PL
Telephone: 535 945 441

Dear Sir or Madam,

In accordance with Article 13 paragraphs 1 and 2 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR), we inform you that:

1. The administrator of your personal data is EVITA Hotel & Spa, Krzysztof Otlewski Limited Partnership, Osie 86-150, Czerska 11, Tleń

2. Your personal data will be processed for the purpose of:

- providing cosmetic services,

- providing hotel services,

- direct marketing of the Administrator's own products and services, presenting commercial offers and participating in a loyalty program,

- protecting persons and property.

3. The legal basis for data processing is:

- legal obligation (art. 6 para. 1 lit. c) GDPR),

- conclusion and performance of a contract (art. 6 para. 1 lit. b) GDPR),

- consent of the data subject in case of participation in the loyalty program, presentation of commercial offers, and use of treatments without medical consultation (art. 6 para. 1 lit. a) GDPR),

- the legitimate interest of the Administrator in the case of direct marketing and video surveillance (art. 6 para. 1 lit. f) GDPR).

4. Your personal data:

- may be disclosed only to recipients who cooperate with the Administrator or their subcontractors based on cooperation agreements including data processing agreements, entities authorized to obtain your personal data under applicable law, and authorized employees of the Administrator,

- will not be transferred to third countries or international organizations.

5. Your personal data will be stored:

- in the case of cosmetic services – 2 years,

- in the case of hotel services – 2 years,

- in other cases for the period necessary to achieve the processing purposes or withdrawal of consent to further processing if processing was based on consent.

6. You have the right to:

- access your personal data, rectify, delete, or restrict processing,

- object to further processing of your personal data,

- withdraw consent to data processing at any time without affecting the legality of processing carried out before its withdrawal,

- you also have the right to request the Administrator to transfer your data to another Administrator, provided this does not adversely affect the rights and freedoms of others.

7. You have the right to lodge a complaint with the supervisory authority, which is the President of the Data Protection Office.

8. Providing your personal data required by the Administrator is a condition for concluding and performing the service contract, participation in the loyalty program, presentation of commercial offers, and a legal requirement. In other cases, providing personal data is voluntary.

9. Your personal data is not subject to automated decision-making, including profiling, except where consent has been granted for such processing for commercial purposes and participation in the loyalty program.

10. Contact for the Data Protection Officer phone 535 658 132 email: iod@justpok.pl