Aparthotel Svatý Vavřinec

Privacy Policy

Vavřinec group s.r.o., Company ID: 072 47 516, with registered office at Trousilova 1031/2, Kobylisy, 182 00 Prague 8, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File 297668, as the operator of Aparthotel Svatý Vavřinec, processes personal data of natural persons as a personal data controller within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (“GDPR”).

Controller’s contact details: Vavřinec group s.r.o., Trousilova 1031/2, Kobylisy, 182 00 Prague 8, e-mail: rezervace@svatyvavrinec.cz, tel: +420 491 481 653.

What personal data we process

The Controller processes personal data mainly to the extent necessary for the provision of accommodation, restaurant, wellness, reservation and related services. This includes, in particular, identification data, contact details, reservation and stay details, payment and billing information, data required by law, data from communication with the Controller, data from contact forms, reservation forms, e-shop and online communication tools, technical data when using the website, camera recordings and, in exceptional cases, data on the health or limitations of the guest.

Sources of personal data

The Controller obtains personal data mainly directly from guests and other persons who communicate with the Controller or use its services. The Controller may also obtain personal data from third parties, in particular from reservation portals, travel agencies, reservation intermediaries, corporate customers or persons making reservations on behalf of other guests.

Purposes and legal bases of processing

The Controller processes personal data mainly for the purpose of reservation, conclusion and performance of a contract, fulfilment of legal obligations, protection of rights and legal claims, marketing, customer communication, operation of a camera system, taking photographs and video recordings, and taking into account the individual requirements of guests.

Reservation, conclusion and performance of a contract

Personal data are processed for the purpose of making a reservation, concluding and performing a contract for accommodation or other contract, providing services, communicating with the guest, processing payments, changes to reservations, complaints and related requests. The legal basis is the performance of the contract pursuant to Article 6(1)(b) GDPR.

Fulfilment of legal obligations

The Controller processes personal data for the purpose of fulfilling obligations under legal regulations, in particular under Act No. 565/1990 Coll., on local fees, Act No. 326/1999 Coll., on the residence of foreigners in the Czech Republic, accounting and tax regulations and other legal regulations. The legal basis is compliance with a legal obligation pursuant to Article 6(1)(c) GDPR.

Protection of the Controller’s rights and legal claims

The Controller may process personal data for the purpose of protecting its rights, recovering debts, resolving damage events, complaints, insurance events, inspections, disputes or negotiations with public authorities. The legal basis is the legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR.

Marketing and commercial communications

The Controller may process the contact details of guests for the purpose of sending commercial communications relating to the Controller’s own similar services, if permitted by law. The data subject always has the option to refuse to receive commercial communications.

In other cases, the Controller sends marketing communications only on the basis of the data subject’s consent. Consent is voluntary and can be withdrawn at any time. The legal basis is the legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR, or consent pursuant to Article 6(1)(a) GDPR.

Contact forms and customer communication

The Controller processes data provided through contact forms, e-mail, telephone, online chat or other communication channels for the purpose of handling the query, request or other communication. The legal basis is usually the legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR, or the performance of a contract or the implementation of measures prior to its conclusion pursuant to Article 6(1)(b) GDPR.

Camera system

If the Controller operates a camera system, it processes camera recordings for the purpose of protecting property, the life and health of persons, preventing damage events and clarifying security incidents. The legal basis is the legitimate interest of the Controller pursuant to Article 6(1)(f) GDPR.

The camera system is operated only to the extent necessary. Cameras are not located in areas where guests reasonably expect an increased level of privacy, in particular in apartments, rooms, bathrooms, changing rooms, wellness cabins or toilets.

Photographs and video recordings

The Controller may take photographs and video recordings of events or hotel operations. If recordings on which persons are identifiable are to be used for marketing purposes, the Controller generally does so on the basis of the consent of the person concerned.

The Controller uses photographs or video recordings of minors for marketing purposes only with the consent of their legal representative, unless there is another legal reason for processing.

Health data and individual guest requirements

The Controller processes data on health conditions, allergies, dietary restrictions or other health limitations only if the guest voluntarily provides them and if they are necessary for the provision of a specific service. The legal basis is usually explicit consent pursuant to Article 9(2)(a) GDPR.

 

Retention period of personal data

The Controller retains personal data only for the period necessary to fulfil the relevant processing purpose, but no longer than for the period stipulated by law or for the period necessary to protect the rights and legitimate interests of the Controller.

Data related to the accommodation contract are kept for the duration of the contractual relationship and subsequently usually for 3 years from the end of the stay, unless longer retention is necessary in a specific case. Accounting and tax documents are kept for the period stipulated by accounting and tax regulations. Data kept in the register according to the law on local fees are kept for 6 years from the date of the last entry. Data kept in the house register according to the law on the residence of foreigners are kept for 6 years from the date of the last entry; paper documents replacing the house register are kept for 6 years from the end of the foreigner’s accommodation.

Recipients and processors of personal data

Personal data may be made available to the extent necessary, in particular to providers of reservation, hotel and accommodation systems, payment services and payment gateways, e-shop solutions, IT services, web hosting, cloud services, e-mail services, website management, marketing, analytical and communication tools, accounting, tax, legal and similar professional advisors, travel agencies, reservation portals, business partners, insurance companies and public authorities.

Data transfer outside the EU/EEA

The Controller does not intend to transfer personal data to third countries outside the European Union or the European Economic Area, unless it is necessary in connection with the use of a specific technical, marketing or communication tool and the conditions set out in the GDPR are met. If such a transfer were to occur, the Controller will ensure adequate safeguards in accordance with the GDPR.

Cookies and online technologies

When using the Controller’s website, cookies and similar technologies may be processed. Necessary cookies are used to ensure the functioning of the website. Analytical, marketing and preference cookies are used only under the conditions stipulated by legal regulations, usually on the basis of the user’s consent.

Detailed information about the cookies used is provided in the cookie bar settings.

Rights of data subjects

Under the conditions set out in the GDPR, the data subject has, in particular, the right to access personal data, the right to rectification, erasure, restriction of processing, data portability, the right to object to processing based on legitimate interest, the right to withdraw consent and the right to lodge a complaint with a supervisory authority.

Rights can be exercised through the Controller’s contact details listed above. The supervisory authority is the Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.

 

Controller’s contact details:

Vavřinec group s.r.o.

ID: 072 47 516

Trousilova 1031/2, Kobylisy,

182 00 Prague 8

Lenka Hrubá, Hotel Manager: hruba@svatyvavrinec.cz, 776 509 783

 

Please note that this text has been translated automatically. In case of any discrepancies, the Czech version shall be decisive and legally binding.

SPRING HOLIDAYS IN SVATÝ VAVŘINEC

 

  • * Daily animation programs, wellness, yoga, ice swimming, and sauna rituals
  • * Fully equipped apartments with 1 – 4 bedrooms and private wellness
  • * Vavřinec restaurant with a selection of aged meats, rums, and a wine cellar
BOOK NOW