T: 41 370 4000
EN
EN
41 370 4000
recepcja@malinowyzdroj.pl
EN
EN

Personal data protection policy

GENERAL PERSONAL DATA PROTECTION POLICY

1 This Policy sets out the basic data protection principles and data protection standards applied by Malinowe Hotele Sp. z o. o with its registered office in Solec-Zdrój (28-131) at ul. Leśna 7, guaranteeing compliance with national and EU data protection legislation, in particular with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April, 2016 on the protection of natural people with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC) (General Data Protection Regulation (hereinafter: the ‘Regulation’).

2. This Policy applies to each case of personal data processing by all entities of Malinowe Hotele Sp. z o. o., i.e.: - Malinowy Zdrój Hotel**** Medical Spa - Malinowy Raj Mineral Hotel**** - Malinowy Dwór Hotel ****Medical Spa - Baseny Mineralne Solec-Zdrój - Balneocosmetics

3. Anonymized data is not subject to the provisions of this Policy. Principles of personal data processing by Malinowe Hotele Sp. z o. o. complies with the following principles when processing personal data:

I. Legal compliance, reliability and transparency Malinowe Hotele Sp. z o. o. processes personal data in a lawful, reliable and transparent manner for the data subject.

II. Purpose limitation Malinowe Hotele Sp. z o. o. collects personal data only for explicit and legitimate purposes and does not further process it in a manner incompatible with these purposes.

III. Data minimization Malinowe Hotele Sp. z o. o. processes only personal data that are relevant and adequate for the specific purpose of processing, and their scope is limited to what is necessary to achieve the purpose for which the data are processed.

IV. Storage limitation Malinowe Hotele Sp. z o. o. stores personal data in a form enabling the identification of the data subject for a period no longer than necessary for the purposes for which the data are processed.

V. Accuracy of data Malinowe Hotele Sp. z o. o. ensures that personal data is correct and updated, if necessary. The Company will take all reasonable steps to promptly delete or rectify data that is inaccurate in light of the purposes of its processing.

VI. Integrity and confidentiality Malinowe Hotele Sp. z o. o. processes personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures.

VII. Rights of data subjects Malinowe Hotele Sp. z o. o. respects the rights of data subjects, including the rights of access to their data, the right to limit their processing, the right to transfer data, the right to delete data, object to processing and withdraw the consent to data processing at any time.

VIII. Taking data protection into account by design Malinowe Hotele Sp. z o. o. has implemented appropriate technical and organizational measures in order to effectively implement the data protection principles and to provide the necessary security to the processing in order to meet the requirements of the Regulation and protect the rights of data subjects.

IX. Default data protection Malinowe Hotele Sp. z o. o. has implemented appropriate technical and organizational measures to ensure that only personal data which processing is necessary for specific purposes is processed by default. The principle of data protection by design and data protection by default is applied when developing and purchasing new products/systems.

X. Security of processing/data security Personal data is processed securely. Malinowe Hotele Sp. z o. o. has implemented technical and organizational measures to ensure the security and protection of personal data, taking into account the nature, scope, context and purposes of processing as well as the risk of violating the rights and freedoms of individuals.

XI. Accountability All data processing activities are duly documented by Malinowe Hotele Sp. z o. o. The company is responsible for compliance with the provisions on the protection of personal data, including the provisions of the Regulation and is able to demonstrate this.

XII. Personal Data Protection Inspector Malinowe Hotele Sp. z o. o. has appointed a Data Protection Inspector who has appropriate professional qualifications, in particular expertise in data protection law and practices, and the ability to fulfill the tasks specified in the Regulation.

The Inspector's details and contact details are provided on the entity's website in the CONTACT/GDPR/DATA PROTECTION INSPECTOR tab.