Privacy Policy/GDPR

This Privacy Policy entered into force on 1 January 2020.

The company Víno Matyšák, spol. s r.o., with registered seat at Holubyho 85, 902 01 Pezinok, Slovensko (hereinafter referred to as the “Company”) in operation under Hotel Matyšák ***, Pražská 15, 811 04 Bratislava, shall be responsible for the protection of personal data of all its clients in accordance with the European Union Regulation 679/2016 (hereinafter referred to as the “EU”) and Act No. 18/2018 Coll. on Protection of Personal Data and on Amendments and Supplements to Certain Acts (hereinafter referred to as the “Personal Data Protection Act”). The Company has taken appropriate technical, organizational and personnel measures in accordance with EU regulations and other relevant legislation of the Slovak Republic, including the Personal Data Protection Act relating to data protection. The aim of these measures is to ensure the protection of their clients’ personal data from illegal forms of processing.

If the terms “We”, “I”, “Hotel Matyšák” are used in this Privacy Policy and the like, this means, it is Víno Matyšák s r.o., Holubyho 85, 902 01 Pezinok.

For the purposes of this Privacy Policy, the term “Personal Data” shall mean all personal data relating to a specific life person who is identifiable or who could be identified through the data which we process for any of the purposes set out in this Privacy Policy. “The Operator” shall mean a specific person who determines the purpose of processing Personal Data and it is Víno Matyšák s r.o., Holubyho 85, 902 01 Pezinok.

“The Intermediary” means a person other than the Operator in a given case who, on behalf of the Operator, processes the Personal Data. “GDPR” means Regulation 2016/679 of the European Parliament and of the (EU) Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. “Web” means web pages operated by the Operator, on the Internet domain hotelmatyšák.sk. The Web includes all and any parts of the website, its subpages, content, source and machinery codes as is, available at any time, operated under the above mentioned domain.

Further information relates to the processing of your personal data that we collect about you through the contact listed on this website. We process your Personal Data in accordance with GDPR and Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Supplements to Certain Acts.

What Personal Data do we get about you?

Personal Data you provide us with:

  1. You provide us with Personal Data if:
  2. you decide to fill out some of the contact forms for sending messages on the web
  3. you decide to contact us by email;

You provide us with any Personal Data voluntarily and you are obliged to consider the extent to which you provide us with such Personal Data. However, without providing us with some Personal Data, we cannot respond to your inquiry or request, or you cannot sign the contract with us.

You are responsible for the accuracy, completeness and correctness of the Personal Data provided, and we shall rely on the accuracy, completeness and correctness of these Personal Data. We shall not be liable for any damages that might be caused to you or to any third party in connection with the inaccurate, incomplete or incorrect Personal Data.

  1. Personal Data we obtain from your web usage

We may also obtain data that allow your identification indirectly. For the most part, these are the following:

  1. information and data from devices that you use to access the Web which may include general information about your device;
  2. log data that represent data and information that our servers automatically store at each access point of web entry (especially the IP address, access time, hardware data and software you use, the number of clicks, the pages you see or their order, the time you spend on the site and so on);
  3. information about your use of the web;
  4. information obtained through cookies and other programs for monitoring users, including cookies and monitoring programs of our partners or social network operators;

5.information obtained by monitoring users´ activities when users click on the advertising banner or link, as well as information about activities on third-party sites (such as searchers, social networks and other web sites);

  1. information we receive through the social plugins operated through third parties, eg. Facebook (Like Button) and similar.
  2. the above data do not, by themselves, allow the identification of a specific living person. The above data become Personal Data when assigned to a specific identified or identifiable living person, e.g. in the case of using the site with the associated user account.
  3. Personal Data we collect from third parties

The Operator may also collect Personal Data from third parties and combine this Personal Data with the Personal Data that the web site has collected from you. These are mainly the following:

  1. data from the operators, when we are in the position of a personal data processor such as: social networks (Google, Facebook, Tripadvisor, Instagram, Foursquare) if you have decided to set up your user account through the services of these third parties. In such a case, the operator of the network will ask you to agree to the provision of Personal Data and based on this consent, the Operator of the particular social network will provide these Personal Data to us. Furthermore, through the reservation system product, TravelAgenti, from Clock Software at 27 Redcliffe Gardens, London, SW10 9BH, United Kingdom, which we work with and through the link to the reservation system, we can see your details – data from booking.com, expedia, hotels .com.

How do we process your Personal Data?

The Operator processes your Personal Data within the scope of, and in accordance with this Privacy Policy and for the purposes set forth below in this Privacy Policy.

  1. Fulfilment of contractual commitments

We process your Personal Data to the extent that you have filled in the individual fields of the Contact Form to provide information and other requests from you and our obligations.

The legal basis for processing of Personal Data in this case, is your consent. We do not use the data for marketing purposes.

In this case, your Personal Data will be processed and stored for as long as is necessary for archiving the billing and contract between you and us, if the contract is signed, your data will be deleted.

  1. Sending messages for the purpose of direct marketing and contacting back

It processes your Personal Data, such as the name, surname, email address for the purpose of sending messages to your email address so we can inform you about newsletters and current product information if you applied for listing in the database.

We believe that when you fill in your email address in the message sending form, you express your consent with sending the message of the direct marketing (newsletter).

In this case, the legal basis for the processing of Personal Data is our legitimate interest in the direct marketing aimed to offer you the information and products that may be relevant and interesting to you.

We will continue to process your Personal Data for this purpose until you cancel your participation in the marketing list or sign out of sending messages for the purpose of direct marketing (newsletter).

  1. Providing, improving, and optimization the Web operation

We process your Personal Data, including data collected from your use of the Web site specified above for the purposes of providing, improving and optimization the operation of the Web, to enhance the convenience of its use, to provide technical support for the site, analytical and statistical reports of Web use and profile, detection and prevention of web misuse (including fraud prevention, security incidents, other similar activities), risk assessment and fulfilment of legal obligations.

The legal basis for processing of Personal Data in this case, is our legitimate interest in ensuring proper operation of the Web and optimization of its functions.

Your Personal Data will be processed for as long as your account is in existence until the request for its deletion, for a maximum of 6 years.

You can also prevent data from processing by disabling or storing cookies files on your device by changing the settings of your browser. However, some of the site’s functions may then not work properly.

You can also delete cookies that have been stored on your device. You can also choose to browse our web site in “private mode”, which limits the range of data stored by cookies.

  1. Responding to questions, requests, inquiries

We process your Personal Data in the range of name, surname, e-mail address, telephone number and any other data you choose to disclose to us by means of a question form or by email to contact you, as well as to answer your question , request or inquiry, or so we can engage in other activities in connection with your question, request or inquiry. In this case, the legal basis for processing of Personal Data, is our legitimate interest in ensuring proper services and support provision.

Your Personal Data will be processed for as long as is necessary to answer your question, request or inquiry, or as long as other care is taken in connection with your question, request or inquiry, but not longer than 2 years.

  1. Dealing with requests in connection with the exercise of the rights of the persons concerned under GDPR

We process your Personal Data in the range of name, surname, e-mail address, telephone number and any other data you choose to disclose to us by means of a question form or by e-mail for the purpose of examining, judging, executing activities, managing and informing you about your request being handled in connection with application of some rights under Articles 16 to 22 of the GDPR.

In this case, the legal basis for the processing of Personal Data is the fulfilment of our legal obligation against public authorities of the Slovak Republic.

In this case, your Personal Data will be processed and stored for a period of 10 years from the date of request submission.

To whom do we disclose your Personal Data?

We disclose your Personal Data in the following cases:

  • if such offences arise from applicable legal regulations, in particular, at the request of enforcement authorities, courts, other public authorities or other authorised bodies;
  • if it is necessary to fulfil our obligations and to ensure our legitimate interests, in particular, of our lawyers, advisors, auditors, IT service providers, marketing, advertising agencies, etc.

Only the authorized persons of our company and authorized persons of our intermediaries have the access to your Personal Data. Their list is:

  • hotel owners
  • hotel manager
  • reception manager
  • hotel reception
  • restaurant staff
  • hotel housewife
  • hotel accountant

In accordance with GDPR, we conclude Agreements on Personal Data Processing with parties in the position of Intermediary, and the Intermediaries process Personal Data always based on the instructions and on behalf of the Web site. All of our Intermediaries process Personal Data in accordance with this Privacy Policy. These are: Hosting Provider, Website Administrator, Google, Reservation System supplier.

What are your rights in relation to Personal Data protection?

As a person concerned, you have the following rights in relation to Personal Data protection.

  1. Right of access to data

You have the right to require confirmation from us that your Personal Data is being processed and to request access to this Personal Data (repeated accesses to Personal Data may be paid for) and to get information about

  • purpose of processing Personal Data;
  • category of Personal Data being processed;
  • identification of the recipient or of the recipient’s category to whom Personal Data has been or is to be provided, in particular, of the recipient in the third country or of international organisation, if possible;
  • the time of the Personal Data storage period; if this is not possible, the information on the criteria of its determination;
  • the right to ask us for the correction of Personal Data concerning the person concerned, their deletion or restriction in their processing, or the right to object the processing of Personal Data;
  • the right to file a proposal to start the procedure on the Personal Data Protection;
  • sources of Personal Data if Personal Data have not been obtained from you;
  • existence of automated individual decision including the profile, in particular, the information on the procedure used, as well as on the significance and predictive consequences of such Personal Data processing for the person concerned.
  1. Right to correct data

You have the right to ask us to correct the incorrect Personal Data concerning you without undue delay. You also have the right to complete your incomplete Personal Data in regard of their processing.

  1. Right to erase data

You have the right to ask us to delete, without undue delay, Personal Data concerning you if:

  • it is no longer needed for the purpose for which it was acquired or otherwise processed;
  • you have withdrawn your consent to their processing and there is not any other legal basis for their processing;
  • you object to the processing;
  • your Personal Data has been illegally obtained,
  • there is a reason for erasure for the fulfilment under GDPR, a special regulation or an international treaty, the Slovak Republic is bound to; or
  • Personal Data was obtained in connection with the offer of information service company from us, pursuant to Art. 8 Para. 1 GDPR (service offer to child by Information Society Service).
  1. Right to restrict the processing of data

You have the right to request that we restrict the processing of your Personal Data if:

  • you object to the correctness of the Personal Data over a period of time that allows us to verify the correctness of the Personal Data;
  • processing Personal Data is illegal and you intend to delete Personal Data and request instead restriction of its use;
  • we no longer need Personal Data for the purpose of processing Personal Data, but you need it for enforcement or advocacy for legal claims;
  • you have objected to the processing of your Personal Data until we have verified that the legitimate reasons on the other side outweigh your justified reasons.
  1. The right to transfer data

You have the right to ask us to provide you with Personal Data that relates to you, in a structure, commonly used and routinely readable form and the right to request that we transfer this Personal Data to another operator, but only if the legal basis for their processing is your consent or performance of the contract, and at the same time, the processing is performed by automated means.

  1. Right to object

You have the right to object to the processing of your Personal Data for reasons specific to your particular situation including profiling, which is exercised on a legal basis that is our legitimate interest. Based on your objection, we will evaluate whether, with respect to your particular situation, the protection of your legitimate interest , your rights and freedom prevail over our legitimate interests, which we observe by the processing of your Personal Data or, if the rational reason is to prove, apply, or defend legal claims.

You have the right to object the processing of Personal Data for the purpose of direct marketing.

You have the right to withdraw any consent to the processing of Personal Data. Withdrawal of consent shall not affect the lawfulness of the processing of Personal Data exercised on its basis prior to its withdrawal. Revocation of consent does not apply to the processing of Personal Data exercised by us on a legal basis other than that of your consent.

  1. Rights to initiate legal proceedings on Personal Data Protection

You have the right to initiate proceedings on the protection of Personal Data at the Office for the Personal Data Protection of the Slovak Republic, or other Oversight Authority in the place of residence. 

Security

  1. All Personal Data that we collect and process is protected by appropriate technical means and security measures to prevent unauthorized access to or misuse of such Personal Data. We are continually improving and implementing new administrative, technical, and organizational measures to ensure appropriate security of Personal Data.
  2. Regardless of all our measures, it is necessary to bear in mind that the data transmission through a public Internet network or any electrical storage of data cannot be 100% secure.
  3. Parts of the Web site may include links to Web sites and third-party services that are not owned or operated by us. We have no control on these websites and services. This website may use their own tools to obtain information and data about you, including your Personal Data.

Changes to the Policy
We are authorized to change and amend this Privacy Policy at any time.

  1. If we make any changes to this Privacy Policy, we will place the new Privacy Policy on the Web and, if necessary, we will also inform you about the Privacy Policy changes by email.
  2. The Privacy Policy changed in this way will be valid and effective from the date we determine as the date of their validity and effectiveness. By its use (every visit to the site) you express consent to this new Privacy Policy.

Contact us
If you have questions, or requests about this Privacy Policy, or would like to withdraw your consent or exercise your rights, please contact us by e-mail message to recepcia@hotelmatysak.sk.