1. General Information
- The website www.grandascot.pl (hereinafter: the Website) is operated and personal data collected on the Website is administered by Grand Ascot Spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered office in Krakow (31-123), at ul. Józefa Szujskiego 4, entered into the Register of Entrepreneurs conducted by the District Court for Krakow – Śródmieście, in Krakow, 11th Commercial Division of the National Court Register, with KRS number: 0000543124 (hereinafter: the Website Operator).
- The Website Operator ensures compliance of processing personal data of the Website’s users (hereinafter: Users) with binding provisions, including the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.
- The Website performs functions of collecting information on Users and their behaviour in the following manner:
- through the agency of information voluntarily entered into forms;
- through the agency of cookies saved on terminal equipment;
- through the agency of collecting website logs operating at the address: www.grandascot.pl
- Furthermore, on the Website there are links to social media; in order to familiarise oneself with privacy policies applied by those portals, we encourage visiting webpages of entities running them.
- The Website does not take automated decisions on the grounds of personal data and does not establish profiles.
2. Information in forms
- The Website collects information voluntarily given by the User.
- Furthermore, the Website can save information on connection parameters (time, IP).
- Data given in the form is processed for purposes resulting from the function of a specific form, e.g.: in order to execute the process of booking hotel and additional services’, questions regarding availability, commercial contact, processing payments.
3. Data processing objectives
- Providing personal data by the User is voluntary, yet, necessary to ask a question on availability, book and provide services, check-in at the hotel ran by the Website Operator (hereinafter: the Hotel), provide services within the premises of the hotel, answer questions regarding services. Providing personal data constitutes a contractual and statutory requirement (while documenting the service with a VAT invoice). Failure to provide personal data shall prevent booking, concluding an agreement with the hotel, check-in at the hotel, issuing an invoice and provision of additional services by the hotel.
- Personal data of Users is processed by the Website Operator for purposes related with the provision of hotel services or other, similar services, which, upon the User’s request, are provided at the hotel, in particular, in order to:
- ask about availability of services;
- enable giving answers to questions regarding services and provision thereof;
- booking services;
- providing all services available within the hotel premises;
- ensuring security;
- concluding or performing an agreement to which the User is a party or undertaking measures upon the User’s request before concluding the agreement, sending commercial information through the agency of means of electronic communication;
- documenting performance of services for tax purposes;
- asserting claims;
- fulfilling legal obligation incumbent on the Website Operator;
- sending commercial and marketing offers in the case the User agreed to personal data processing for marketing purposes.
- Furthermore, personal data can be processed through the agency of video monitoring used by the hotel in order to protect property and safety of hotel guests as well as persons staying within the hotel’s premises. Legal grounds for data processing through the agency of monitoring comprise protection of vital interests of hotel guests and other natural persons, as well as justified interest of the Website Operator.
4. Sharing, storing and access to data
- Users’ data is subject to sharing with external entities solely within legally acceptable boundaries.
- User’s personal data can be shared, in particular, with the following categories of recipients:
- accountancy companies, insurance companies and law firms cooperating with the Website Operator;
- courier and postal companies;
- travel agencies cooperating with the Website Operator;
- hosting and IT companies as well as companies supporting management of the Website Operator’s IT infrastructure;
- entities participating in support processes necessary for providing hotel’s services, including payment services, services provided electronically;
- Website Operator’s co-workers providing services, including, in particular, the ones related with direct services and bookings;
- public authorities or entities executing public tasks, authorised on the grounds of relevant provisions to receive personal data.
- The Website Operator does not share Users’ data with third parties for marketing purposes and does not forward data to entities from countries outside the European Union, unless such countries guarantee equivalent personal data protection.
- The Website Operator cooperates with portals for booking accommodation online (e.g. booking.com) and is responsible for the contents of the website in order to enable booking hotel services directly via such portals, however, bookings are processed by booking portals. Therefore, information given by users on booking portals shall be rendered available to those portals and their associated partners.
- In the case of the User’s consent to data processing, those data are stored by the Website Operator until withdrawal of the consent. In other cases the Website Operator stores data for the time necessary to achieve objective for which it has been collected, in particular until the limitation of tax claims or civil law claims related with services provided by the Website Operator.
- The User has the right to:
- access the contents of their personal data, that is, they have the possibility to ask the Website Operator about the type of processed data and obtain information about the objective, categories of processed data or recipients of User’s data;
- demand rectification of their data if it is incorrect or incomplete;
- withdraw the consent to data processing at any time, which does not influence compliance with the law of the processing executed before withdrawal of consent;
- object against their data processing, if the Website Operator intends to process it for marketing purposes or in the case of forwarding their data to other data administrator;
- demand removal of their data, when it is no longer necessary for the purposes for which it has been collected or the User withdrew the consent, on which processing is based and there are no other legal grounds for processing, or data is processed with no compliance with the law;
- demand limitation of their data processing in the scope stipulated in the legal provisions and demand transferring their data to other administrator or State;
- lodge a complaint to a supervisory body – the President of the Office for Personal Data Protection, with regard to the infringements of personal data protection provisions.
- In cases regarding the User’s personal data protection, you can contact us by sending an e-mail to: firstname.lastname@example.org.
5. Information about cookies
- Cookies constitute IT data, in particular text files, which are stored on the User’s terminal equipment and are intended for using Website pages. Cookies usually include a name of the website which they come from, time of storing them on terminal equipment and a unique number.
- The entity inserting cookies on the User’s terminal equipment and obtaining access thereto is the Website Operator.
- Cookies are used for the following purposes:
- adjusting contents of Website pages to User’s preferences and optimisation of the Website’s use; in particular, these files allow recognising the Website User’s equipment and respectively show a webpage adjusted to their individual needs;
- statistical, which enables improving the structure and contents of the Website; analysis of statistics is anonymous and enables adjusting the Website to current trends, as well as it is adjusted to the assessment of the Website’s popularity;
- maintaining the Website User’s session (after logging in), as a result of which, they do not have to enter login and password again on each page of the Website;
- possibilities of undertaking marketing activities.
- On the Website two basic types of cookies are used: session cookies and persistent cookies. Session cookies are temporary files which are stored on the User’s terminal equipment until logging out, exiting the webpage or switching off the software (search engine). Persistent cookies are stored on the User’s terminal equipment for a period of time stipulated in cookies parameters until removal thereof by the User.
- Software used for viewing webpages (search engine) usually automatically allows storing cookies on the User’s terminal equipment. The Website Users can introduce changes to settings in this scope. The search engine enables removing cookies. It is also possible to automatically block cookies. Detailed information regarding these issues is included in help or documentation of the search engine.
- Limitations of using cookies can influence some functionalities available on the Website pages.
- Cookies can be used by advertising networks, in particular Google, to display advertisements adjusted to the manner in which the User uses the Website. To this end, they can save the information on the User’s navigation path or the time of staying on a given page. In the scope of information regarding User’s preferences collected by the advertising network Google, the User can view and edit information resulting from cookies with the use of the instrument: https://www.google.com/ads/preferences.
6. Website logs
- Information on some behaviour of Users is subject to logging in the server layer. This data is solely used for the purposes of administering the Website and for the purposes of ensuring provision of the most effective hosting services.
- Viewed resources are identified via URL addresses. Furthermore, the following data can be saved:
- time of receiving the question;
- time of sending the answer;
- name of the client’s station – identification executed via HTTP or HTTPS protocols;
- information on errors that occurred during the execution of HTTP or HTTPS transaction;
- URL address of a webpage previously visited by the User (referer link) – in the case moving to the Website was executed via link;
- information on the User’s search engine;
- information on the User’s IP.
- The above data is not associated with specific persons viewing pages.
- The above data is used solely for the purposes of administering the server.