GENERAL PERSONAL DATA PROTECTION POLICY
1. This Policy sets out the basic principles of data protection and data protection standards applied by Malinowe Hotele Sp. z o. o with its registered office in Solec-Zdrój (28-131) at street
Leśna 7, guaranteeing compliance with national and EU data protection regulations, in particular with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on free the flow of such data and repealing Directive 95/46 / EC) (General Data Protection Regulation (hereinafter: the "Regulation").
2. This Policy applies to each case of personal data processing by all entities included in the company Malinowe Hotele Sp. z o.o., i.e .:
Malinowy Zdrój Hotel **** Medical Spa
Raspberry Raj Mineral Hotel ****
Malinowy Dwór Hotel **** Medical Spa
Solec-Zdrój Mineral Pools
Balneokosmetyki
3. Anonymized data are not subject to the provisions of this Policy.
Rules for the processing of personal data by the company Malinowe Hotele Sp. z o.o. Malinowe Hotele Sp. z o. o observes the following principles when processing personal data:
I. Legal compliance, reliability and transparency
Malinowe Hotele Sp. z o.o. processes personal data in a lawful, reliable and transparent manner for the data subject.
II. Purpose limitation
Malinowe Hotele Sp. z o.o. collects personal data only for explicit and legitimate purposes and does not further process them in a manner incompatible with those purposes.
III. Data minimization
Malinowe Hotele Sp. z o.o. processes only such personal data that is relevant and adequate to the specific purpose of processing, and their scope is limited to what is necessary to achieve the purpose for which the data is processed.
IV. Storage restriction
Malinowe Hotele Sp. z o. o. stores personal data in a form that allows identification of the data subject for no longer than is necessary for the purposes for which the data is processed.
V. Correctness of data
Malinowe Hotele Sp. z o.o. ensures that personal data is correct and updated when necessary. The company will take all reasonable steps to promptly delete or rectify data that is incorrect in light of the purposes of its processing.
VI. Integrity and confidentiality
Malinowe Hotele Sp. z o. o. processes personal data in a manner that ensures adequate security, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, using appropriate technical or organizational measures.
VII. Rights of data subjects
Malinowe Hotele Sp. z o.o. respects the rights of data subjects, including the right to access their data, the right to limit their processing, the right to transfer data, the right to delete data, object to processing and withdraw consent to data processing at any time.
VIII. Including data protection in the design phase
Malinowe Hotele Sp. z o.o. has implemented appropriate technical and organizational measures to effectively implement the principles of data protection and to give processing the necessary safeguards to meet the requirements of the Regulation and to protect the rights of data subjects.
IX. Default data protection
Malinowe Hotele Sp. z o.o. has implemented appropriate technical and organizational measures to ensure that only personal data whose processing is necessary for specific purposes are processed by default. The principle of data protection in the design phase and default data protection is applied when developing and purchasing new products / systems.
X. Security of processing / data security
Personal data is processed securely. Malinowe Hotele Sp. z o.o. implemented technical and organizational measures ensuring the security and protection of personal data, taking into account the nature, scope, context and purposes of processing as well as the risk of violation of the rights or freedoms of natural persons.
XI. accountability
All data processing activities are duly documented by Malinowe Hotele Sp. z o.o. The company is responsible for compliance with the provisions on the protection of personal data, including the provisions of the Regulation, and is able to demonstrate this.
XII. Data Protection Officer
Malinowe Hotele Sp. z o.o. has appointed a Data Protection Officer who has appropriate professional qualifications, in particular professional knowledge of law and practices in the field of data protection and the ability to fulfill the tasks set out in the Regulation. The Inspector's data and contact are provided on the entity's website under the Information / Data Protection Officer tab
