This policy lays down the rules of processing and protecting personal data which users submit in order to use services provided by M Hotel Sosnowiec (website (hereinafter referred to as "Website").
The controller of personal data processed on the Website is M Hotels Sp. z o.o., Sosnowiec 41-208, Wojska Polskiego 199 entered into the Business Register under TIN: 644 350 00 06 (hereinafter referred to as "Controller").
For reasons connected with personal data safety, the Controller relies on the internal procedures and recommendations compliant with relevant legislation, in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on protection of individuals with regard to the processing of personal data and on the free movement of such data as well as the repeal of Directive 95/46 WE.
The Controller protects the interests of data subjects with due care. The Controller in particular ensures that:
a. the data are collected for specified and legitimate purposes and are not processed further in any way incompatible with the intended purposes,
b. the data are processed lawfully,
c. the data are factually correct and adequate to the purposes for which they are processed,
d. the data are kept in the form which allows for identification of the data subjects for as long as it is necessary for the purposes for which they are processed.
Personal data are processed based on the Website's user consent and in the cases where the provision of the law in force authorize the Controller to process personal data.
The Controller processes personal data provided by the Website's users voluntarily only for the purpose of:
a. responding to users' queries sent via contact form,
b. accepting online bookings,
c. providing services offered by the Controller under Article 6(1) (f) GDPR,
d. marketing, including sending commercial information via e-mail if the user has given his/her consent for it by ticking the appropriate box in the booking process or by sending a query via the contact form. The consent for processing personal data for marketing purposes and sending commercial information can be withdrawn by clicking an appropriate link in the received e-mail or by sending a relevant notification to the Controller's e-mail address,
e. pursuing a legitimate interest of the data Controller in specific cases on the basis of Article 6(1) (f) GDPR, e.g. vindication or visual monitoring of the movements around the facility's premises.
Personal data can be used by authorities, institutions, subjects authorized by law, and subjects providing services for the Controller (e.g. subjects providing legal, IT, marketing, and accounting services, as well as other subjects participating in processing of the requested service).
The Controller can make use of automated decision-making, including profiling, for the marketing purposes and for the purpose of matching the offer with the users' needs.
The Website's user has the right to review data processed by the Controller. The user has the right to have data rectified or erased, as well as to demand restricting or stopping the processing of his/her personal data at any time. The user can also request to have his/her personal data erased from the Website. The right to transfer data shall no apply here since the standards of exchanging such data between hotel facilities have not been established.
The Website's user has the right to withdraw his/her consent at any time with without affecting the lawfulness of processing of personal data conducted on the basis of the previously expressed consent to do so.
In order to exercise his/her rights as indicated in point 8 above, the Website's user should contact the Controller via e-mail firstname.lastname@example.org using the same e-mail address or telephone number which he/she sent to the Website.
Every user has the right to lodge a complaint with the Office for Personal Data Protection.
The Controller obtains information on users and their behaviour by:
a. having user voluntarily fill in the forms,
b. collecting cookies.
Installing cookies is necessary for the proper provision of the Website's services. Cookies contain information necessary for proper functioning of the website, in particular information which require authorization. The user can change the settings of his/her browser relating to using and saving cookies at any time.
The Website uses the following types of cookies:
a. session cookies - erased when the user closes or logs out of the website using cookies,
b. persistent cookies - remain on the user's browser until he/she erases them or until the predetermined time set out in cookies' parameters.
According to the data purpose, cookies can be divided into:
a. conversion files which enable analysis of the effectiveness of various sales channels,
b. tracking files which, together with conversions, facilitate analysis of the effectiveness of various sales channels,
c. marketing files used for personalizing and targeting ads,
d. marketing files used for personalizing and targeting ads,
e. analytics tools which help make using the website more comfortable thanks to understanding its users' behaviour,
f. necessary files which are fundamental for proper functioning of the website's basic elements. Cookies that we use help us develop our website.
Some cookies can be used by the website and online booking system owner solely for the purpose of:
a. improving and supporting bookings,
b. analysing and collecting statistical data on the use of website and online booking system for the purpose of improving them.