Privacy policy - GDPR

 

 

The purpose of this data protection notice is to record the data protection and management principles applied by the operators of Riviéra Apartments Siófok (hereinafter referred to as the Accommodation) as data controllers (hereinafter referred to as Private Accommodation Service Providers) and the data protection and management policy of the Private Accommodation Service Providers.

 

The aim of the Private Accommodation Service Providers is to ensure the protection of the personal data of the users of the Accommodation (hereinafter referred to as the Guest or Guests or Data Subject or Data Subjects) to the fullest extent possible.

 

By contacting and maintaining contact with the Private Accommodation Service Providers and using the Accommodation, the Guest consents to the processing of his/her personal data in accordance with the provisions of this Data Protection Notice.

 

 

 

 

  1. PRIVATE ACCOMODATION PROVIDER'S DATA

 

Data of the Private Accommodation Service Providers as data controllers:

  • name: Henriett Nagy
  • address: 8600 Siófok, Köztársaság utca 10. I/3.
  • website: www.apartmanoksiofokon.hu
  • e-mail: apartmanoksiofokon@gmail.com
  • phone number: +36-20-320-43-79

 

 

 

  1. TERMS

 

The terms used in this notice shall be interpreted in accordance with the definitions set out in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the GDPR Regulation).

 

Personal data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Data subject: any natural person who is identified or identifiable on the basis of personal data (in the case of this notice, the Guest);

Consent: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her;

Data processing: any operation or set of operations which is performed on personal data or on data files, whether or not by automated means, such as collection, recording, structuring, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Data controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for the designation of the controller may also be determined by Union or Member State law; (in the case of this information, Private Accommodation Providers);

Data transfer: making the data available to a specified third party;

Data erasure: making data unrecognizable in such a way that its recovery is no longer possible;

Data processor: a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;

Data breach: a breach of security which results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

 

 

  1. PRINCIPLE OS DATA PROCESSING

 

Private Accommodation Providers process the personal data of Guests in accordance with the data protection laws in force at all times - in particular the GDPR regulation - and in accordance with this information.

 

 

  1. LEGAL BASIS FOR DATA PROCESSING

 

The processing of personal data is lawful if one of the following conditions is met:

  • the data subject has given his/her consent to the processing;
  • the data processing is necessary for the performance of a contract to which the data subject is a party;
  • the data processing is necessary for the performance of a legal obligation to which the data controller is subject;
  • the data processing is necessary for the protection of the vital interests of the data subject;
  • the data processing is carried out in the public interest or in the exercise of official authority vested in the data controller;
  • the data processing is necessary for the purposes of the legitimate interests of the data controller or of a third party.

 

During the data processing related to the use of the Accommodation, the processing of personal data is

  • based on the voluntary consent of the Guest,
  • on the fulfillment of the contract between the Private Accommodation Service Providers and the Guest, and
  • on the fulfillment of the legal obligation applicable to the Private Accommodation Service Providers.

The Guest gives his consent by contacting and maintaining contact with the Private Accommodation Service Providers, booking and using the Accommodation.

The Private Accommodation Service Providers do not verify that the data provided by the Guest is true or correct.

 

 

  1. PURPOSE OF DATA PROCESSING

 

The processing of the Guests' personal data is carried out in the interests of

  • the contractual performance of the accommodation services provided by the Private Accommodation Service Providers,
  • the fulfillment of the legal obligations applicable to the Private Accommodation Service Providers,
  • the possibility of official control of the accommodation service,
  • the protection of the property and personal safety of the Guests and the Private Accommodation Service Providers,
  • maintaining contact with the Guest,
  • financial settlement with the Guest

The Private Accommodation Service Providers do not disclose the Guests' personal data to third parties.

 

  1. SCOPE OF DATE PROCESSED

 

 

The Private Accommodation Providers process and may process the following personal data of the Guest:

  • name (in the case of natural persons, surname and first name);
  • address;
  • place and time of birth;
  • date of arrival, date of departure;
  • number of nights spent, including
  • number of nights spent tax-free,
  • number of nights spent tax-free;
  • signature of the guest or his representative;
  • e-mail address;
  • telephone number;
  • bank account number;
  • security camera image;

The Guest is solely responsible for the authenticity and accuracy of the personal data.

 

 

  1. RIGHTS OF DATA SUBJECTS

 

 

Right to information

 

The Guest has the right to receive information about the processing of their personal data in a concise, transparent and easily accessible form, in a clear and understandable manner.

 

 

Right to access

 

The Guest may request information about whether data concerning him/her is being processed and, if so, which of his/her data is being processed.

The Private Accommodation Providers shall provide the Guest with a copy of the personal data subject to data processing free of charge for the first time.

For further copies requested by the Guest, the Private Accommodation Providers shall charge a reasonable fee based on administrative costs. If the Guest has submitted the request electronically, the Private Accommodation Providers shall provide the information in electronic format.

 

 

Right for correction

 

The Guest has the right to have the Private Accommodation Providers correct inaccurate personal data concerning him/her without undue delay upon request.

 

Right to eresure and to be forgotten

 

The Guest may request the deletion of their personal data if

  • the purpose of data processing has ceased,
  • the Guest has withdrawn their consent to data processing and there is no other legal basis for data processing,
  • the personal data has been processed unlawfully

 

 

Right to restriction of data processing  

 

The Guest has the right to request that the Private Accommodation Providers restrict the processing of data if

  • the Guest disputes the accuracy of the personal data
  • the processing is unlawful and the Guest opposes the deletion of the data
  • the Private Accommodation Providers no longer need the personal data, but the Guest requires them to assert legal claims..

 

The right to data portability

 

The Guest has the right to receive the personal data concerning him or her in a structured, commonly used, machine-readable format (e.g. .doc, .docx, .xls, .xlsx, .pdf) if the data processing is based on consent or a contract and the data processing is carried out by automated means.

 

 

Right to protest

 

The Guest has the right to object at any time to the processing of his/her personal data for specific reasons (e.g. direct marketing, automated decision-making).

 

  1. DURATION OF DATA PROCESSING, MODIFICATION OF DATA, DELETING, OBJECTION TO DATA PROCESSING  

 

The Private Accommodation Service Providers process personal data processed in connection with the use of the Accommodation until the purpose of the data processing is achieved or until the tax limitation period applicable to the Private Accommodation Service Providers.

The Guest has the right to request information at any time about the personal data processed by the Private Accommodation Service Providers in connection with the services of the Accommodation by sending an e-mail to the e-mail address apartmanoksiofokon@gmail.com or a letter sent by post to the Accommodation address. The Private Accommodation Service Providers will provide information in writing within a maximum of 30 days from the submission of the request. The information is free of charge.

The Guest may request the modification or deletion of his/her personal data from the Private Accommodation Service Providers by sending an e-mail to the e-mail address apartmanoksiofokon@gmail.com or a letter sent by post to the Accommodation address.

 

 

The Private Accommodation Providers will delete the Guest’s personal data without request if their processing is unlawful, the purpose of the data processing has ceased, or the statutory storage period for the data has expired, it has been ordered by a court or the National Authority for Data Protection and Freedom of Information, or if the data processing is incomplete or incorrect – and this condition cannot be legally remedied – provided that deletion is not excluded by law.

 

Following the withdrawal of the Guest’s consent, the Private Accommodation Providers may continue to process the Guest’s personal data in order to fulfill their statutory obligations (in particular accounting obligations).

 

 

The Guest may object to the processing of his/her personal data by sending an e-mail to the email address apartmanoksiofokon@gmail.com or by sending a letter by post to the Accommodation address

  • if the processing or transmission of personal data is necessary exclusively for the fulfillment of a legal obligation applicable to the Service Provider or for the exercise of the legitimate interests of the data controller, data recipient or a third party, except in the case of so-called mandatory data processing;
  • if the use or transmission of personal data is for the purpose of direct marketing, public opinion polling or scientific research; and
  • in any other case specified in a law.

 

The Private Accommodation Service Provider shall examine the objection within the shortest possible time from the submission of the application, but no later than 15 days, make a decision on its merits, and inform the applicant of its decision in writing.

 

 

  1. COMPLAINT OPTIONS, SUPERVISORY AUTHORITY

 

In case of a complaint or comment, the Guest may first contact the Private Accommodation Service Providers

  • e-mail: apartmanoksiofokon@gmail.com, or
  • address: 8600 Siófok, Köztársaság street 10. I/3.

 

The Guest may contact the National Data Protection and Freedom of Information Authority with a complaint regarding the processing of personal data

  • address: 1055 Budapest, Falk Miksa utca 9-11.
  • mailing address: 1363 Budapest, P.O. Box: 9.
  • telephone: +36-1-391-1400
  • e-mail: ugyfelszolgalat@naih.hu

 

 

  1. HANDLING DATA PROTECTION INCIDENTS 

 

The Private Accommodation Providers shall report any possible data protection incident without undue delay, and no later than 72 hours after becoming aware of it, to the National Authority for Data Protection and Freedom of Information.

The Private Accommodation Providers shall keep records of data protection incidents, indicating the facts related to the data protection incident, its effects and the measures taken.

If the data protection incident is likely to pose a high risk to the rights of the Guests, the Private Accommodation Providers shall also inform the Guest about the data protection incident.

 

  1. RESTRICTIONS

 

This data protection regulation applies exclusively to the processing of the personal data of Guests – managed by Private Accommodation Service Providers.

Private Accommodation Service Providers record certain personal data of Guests in the “My Guest” guest registration application. The “My Guest” application is operated by the Hungarian Tourism Agency Ltd. (registered office: 1027 Budapest, Kacsa utca 15-23.). When using the “My Guest” application, the data processing rules of the Hungarian Tourism Agency Ltd. shall apply.

 

 

Private Accommodation Providers issue their invoices to Guests using the billingo.hu and szamlazz.hu internet invoicing programs – which have an online connection with the National Tax and Customs Office:

  • the billingo.hu invoicing program is operated by Billingo Technologies Zrt. (registered office: 1133 Budapest, Árbóc utca 6. 1st floor). When using billing.hu, the data processing rules of Billingo Technologies Zrt. apply to the processing of personal data;
  • the szamlazz.hu invoicing program is operated by KBOSS.hu Kft. (registered office: 1031 Budapest, Záhony utca 7.). When using szamlazz.hu, the data processing rules of KBOSS.hu Kft. apply to the processing of personal data;
  • The data processing rules of the National Tax and Customs Office (headquarters: 1054 Budapest, Széchenyi utca 2.) govern the processing of personal data transferred online to the National Tax and Customs Office by online invoicing programs.

 

The Private Accommodation Providers also advertise the available capacities of the Accommodation on the online accommodation agency booking.com. The booking.com website is operated by Booking.com B.V. (registered office: Oosterdokskade 163 1011 DL Netherlands). When using the booking.com website, the data processing rules of Booking.com B.V. apply to the processing of personal data.

The Private Accommodation Providers also advertise the available capacities of the Accommodation on the online accommodation agency szallas.hu. The szallas.hu website is operated by Szallas.hu Zrt. (registered office: Hungary, 3525 Miskolc, Régiposta u. 9., operated by. When using the szallas.hu website, the data processing rules of Szallas.hu Zrt apply to the processing of personal data.

The Private Accommodation Providers also advertise the free capacities of the Accommodation on the airbnb.com online accommodation brokerage website. The airbnb.com website is operated by Airbnb Ireland UC, private unlimited company 8 Hanover Quay Dublin 2, D02 DP23 Ireland). When using the airbnb.com website, the data processing rules of Airbnb Ireland UC apply to the processing of personal data.

 

The Private Accommodation Providers’ e-mail account apartmanoksiofokon@gmail.com – used for contacting the Guest – is operated by Google LLC. (registered office: 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America). When using the e-mail account, the data processing rules of Google LLC. apply to the processing of personal data.

 

The Private Accommodation Providers have created, operate and maintain their website apartmanoksiofokon.hu using the Webnode website creation system. The website apartmanoksiofokon.hu does not collect personal data. The data processing rules of Webnode (Webnode AG, registered office: Gartenstrasse 3., 6304 Zug, Switzerland) apply to the processing of personal data related to visits to the website apartmanoksiofokon.hu.

 

The Private Accommodation Providers maintain their bank accounts at OTP Bank Nyrt (registered office: 1051 Budapest, Nádor utca 16.). In the course of financial settlements made by bank transfer, the data processing rules of OTP Bank Nyrt. are the governing rules regarding the processing of personal data.

 

The pages of the apartmanoksiofokon.hu website – in order to provide the Guests with the widest possible range of information – may also navigate to external, third-party websites using links. The Private Accommodation Providers have no control over these websites and cannot be held responsible for their content and/or their personal data processing. In the interest of the security of personal data, it is advisable for Guests to obtain separate information about the personal data processing of the websites they access.

 

 

Contact

Riviéra Apartmanok

8600 Siófok, Mátyás király u. 26.
+36-20-320-43-79