{"id":9314,"date":"2026-02-08T17:28:14","date_gmt":"2026-02-08T16:28:14","guid":{"rendered":"https:\/\/dvorak.beautedelamer.cz\/gdpr\/"},"modified":"2026-03-16T09:20:56","modified_gmt":"2026-03-16T08:20:56","slug":"gdpr","status":"publish","type":"page","link":"https:\/\/hoteldvorak.com\/en\/gdpr\/","title":{"rendered":"GDPR"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

General Data Protection Regulation (GDPR)<\/b><\/p>\n

Principles for the processing of personal data by CzechAg s.r.o., Company ID No. 4943008<\/p>\n

 <\/p>\n

These principles are based on the Company’s internal policy for handling personal data, adopted by CzechAg s.r.o. (hereinafter the \u201cCompany\u201d) for the processing and protection of personal data within the meaning of the GDPR and in accordance with the applicable legal order of the Czech Republic, in particular Act No. 110\/2019 Coll., on the processing of personal data, as amended, effective from 24 April 2019. The principles provide information about the basic principles according to which the Company processes personal data of statutory representatives, job applicants, sole traders, clients, interested persons, representatives of legal entities, suppliers, customers (buyers of goods and services, hotel guests), business and contractual partners, tenants, cardholders, employees, temporary workers, seasonal workers, interns, carriers and visitors.<\/p>\n\n

1. Introduction<\/b><\/p>\n

1.1. The Company, as the controller of personal data, processes personal data of data subjects within the scope of its activities, in particular in connection with the provision of accommodation and related services, contractual relationships, employment and other legitimate purposes.<\/p>\n

1.2. The Company processes personal data in accordance with Regulation (EU) 2016\/679 of the European Parliament and of the Council (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC, as well as in accordance with the legal order of the Czech Republic.<\/p>\n

1.3. The Company, as a legal entity, processes personal data and fulfils the obligations of a controller; where applicable, it also fulfils the obligations of a processor.<\/p>\n

1.4. The data subject provides the Company with their personal data depending on the purpose of processing, either on the basis of a contract, legal obligation, legitimate interest of the Company, or consent.<\/p>\n

1.5. Consent to the processing of personal data is granted by the data subject where required; the data subject may withdraw their consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.<\/p>\n\n

2. Purpose and legal basis for processing<\/b><\/p>\n

2.1. Personal data must be collected only for specific, explicit and legitimate purposes and must not be further processed in a manner incompatible with those purposes. The Company processes personal data especially for: providing accommodation and related services; fulfilling contractual obligations; complying with legal obligations (e.g. accounting, tax, reporting obligations); protecting the rights and legitimate interests of the Company; handling complaints and claims; and ensuring security and the protection of persons and property.<\/p>\n

2.2. The Company also processes personal data to secure its contractual and other relationships, to protect its claims, and for the exercise or defence of legal claims.<\/p>\n\n

3. Categories of personal data<\/b><\/p>\n

3.1. The Company collects, processes and stores the following categories of personal data:<\/p>\n

3.1.1. Address, contact and identification data \u2013 in particular: first name, last name, date of birth, permanent address, contact address, e-mail, telephone number, ID\/passport number, and other identification data necessary for the relevant purpose.<\/p>\n

3.1.2. Descriptive data \u2013 in particular: data related to the contractual relationship, accommodation details, service requirements, communication records and other information necessary for providing services.<\/p>\n

3.1.3. Data related to payments \u2013 in particular: information about payments, invoices and accounting documents (the Company does not store full payment card details; payments are handled by the relevant payment service providers).<\/p>\n

3.1.4. Special categories of personal data (sensitive data) \u2013 only if necessary and only to the extent permitted by law (e.g. information about health restrictions if required for providing a requested service).<\/p>\n

3.1.5. Other personal data \u2013 in particular photographs or camera recordings, including CCTV records, where used for security purposes.<\/p>\n\n

4. Cookies<\/b><\/p>\n

4.1. Cookies are short text files that a website sends to the browser; they are stored on the user\u2019s device and enable the website to recognize the user and remember certain information.<\/p>\n

4.2. The controller may use the following types of cookies on its website:<\/p>\n

4.2.1. Session (temporary) cookies \u2013 allow the linking of your activities during one browsing session and are deleted when you close the browser.<\/p>\n

4.2.2. Persistent cookies \u2013 help identify your device when you visit the website again and remain stored for a defined period or until deleted.<\/p>\n

4.3. In accordance with Section 89(3) of Act No. 127\/2005 Coll., on electronic communications, as amended, you can refuse cookies or set your browser to notify you when cookies are being sent.<\/p>\n

4.4. Web browsers usually allow the management of cookies. You can delete cookies, block them or set rules for their use in your browser settings.<\/p>\n

4.5. To personalize content and ads, provide social media features and analyze traffic, we may share information about your use of the site with our social media, advertising and analytics partners, who may combine it with other information you have provided to them or that they have collected from your use of their services.<\/p>\n

4.5.1. Google<\/p>\n

4.5.2. Facebook \/ Meta<\/p>\n

4.5.3. Other tools used on the website as applicable.<\/p>\n\n

5. Storage period<\/b><\/p>\n

5.1. The Company stores personal data only for as long as necessary for the purposes for which it is processed, or for the period required by applicable law. After the retention period expires, the Company securely deletes or anonymizes the personal data.<\/p>\n

5.2. Retention periods may differ depending on the type of document\/relationship (e.g. accounting documents, contractual relationships, claims, statutory obligations).<\/p>\n\n

6. Recipients of personal data<\/b><\/p>\n

6.1. Personal data may be accessed by authorized employees of the Company and by processors who provide services to the Company (e.g. IT services, accounting, legal services, marketing tools, booking systems), always only to the extent necessary for the given purpose and under appropriate contractual safeguards.<\/p>\n

6.2. Personal data may also be provided to public authorities where required by law (e.g. courts, police, administrative authorities).<\/p>\n

6.3. Where the Company transfers personal data outside the EU\/EEA, it ensures an adequate level of protection, in particular through standard contractual clauses or other safeguards required by GDPR.<\/p>\n\n

7. Rights of data subjects<\/b><\/p>\n

7.1. The data subject has the right to access their personal data and to obtain confirmation whether their personal data is being processed.<\/p>\n

7.2. The data subject has the right to rectification of inaccurate personal data and to have incomplete personal data completed.<\/p>\n

7.3. The data subject has the right to erasure (\u201cright to be forgotten\u201d) where the legal conditions are met.<\/p>\n

7.4. The data subject has the right to restriction of processing where the legal conditions are met.<\/p>\n

7.5. The data subject has the right to data portability where processing is based on consent or contract and carried out by automated means.<\/p>\n

7.6. The data subject has the right to object to processing based on the legitimate interests of the Company, including profiling, and to object to processing for direct marketing purposes.<\/p>\n

7.7. The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless permitted by law.<\/p>\n\n

8. Contact and complaints<\/b><\/p>\n

8.1. The data subject may exercise their rights and submit requests, explanations or objections related to the processing and protection of personal data by e-mail to the Company\u2019s data protection contact: reception@hoteldvorak.com.<\/p>\n

8.2. The data subject also has the right to lodge a complaint with the Office for Personal Data Protection (\u00da\u0159ad pro ochranu osobn\u00edch \u00fadaj\u016f), located at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, tel. +420 234 665 111, website: https:\/\/www.uoou.cz, in particular if the Company does not comply with a request for explanation or remedy of a situation arising from the processing of personal data.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

General Data Protection Regulation (GDPR) Principles for the processing of personal data by CzechAg s.r.o., Company ID No. 4943008   These principles are based on the Company’s internal policy for handling personal data, adopted by CzechAg s.r.o. (hereinafter the \u201cCompany\u201d) for the processing and protection of personal data within the meaning of the GDPR and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-9314","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/pages\/9314","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/comments?post=9314"}],"version-history":[{"count":2,"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/pages\/9314\/revisions"}],"predecessor-version":[{"id":9355,"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/pages\/9314\/revisions\/9355"}],"wp:attachment":[{"href":"https:\/\/hoteldvorak.com\/en\/wp-json\/wp\/v2\/media?parent=9314"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}