Privacy policy

Introduction

Hotele Diament S.A. appreciates the trust of Users, and therefore stores their data with the greatest care and maintaining the highest security standards, protecting them against interference by unauthorized persons.

This Privacy Policy sets out the rules for storing and accessing information on the User's devices using cookies, for the provision of electronic services requested by the User, by Hotele Diament S.A. In addition, this privacy policy is an informative purpose.

I. Definitions

a. Administrator - means Hotele Diament S.A. with its registered office in Gliwice (44-100), ul. Dąbrowskiego 50, entered into the Register of Entrepreneurs of the National Court Register by the District Court in Gliwice, 10th Commercial Division, KRS under the number: 355866, NIP: 645-000-06-06, which provides electronic services and stores and accesses information on the User's devices.

b. Cookies - means IT data, in particular small text files, saved and stored on devices through which the User uses the Website's pages.

c. Administrator's Cookies - means Cookies posted by the Administrator related to the provision of electronic services by the Administrator via the Website.

d. External Cookies - means Cookies placed by the Administrator's partners via the website of the Service.

e. Service - means a website or application under which the Administrator runs a website operating in the domain www.hotelediament.pl and www.diamentustron.pl

f. Device - means an electronic device through which the User gains access to the Website.

g. User - means an entity for which electronic services may be provided in accordance with the Regulations and legal provisions or with which an Agreement for the provision of electronic services may be concluded.

II. Types of cookies used

1. Cookies used by the Administrator are safe for the User's Device. In particular, it is not possible for viruses or other unwanted software or malware to enter Users' Devices this way. These files allow to identify the software used by the User and adjust the Website individually to each User. Cookies usually contain the name of the domain they come from, the storage time on the Device and the assigned value.

2. The administrator uses two types of cookies:

a. Session cookies: they are stored on the User's Device and remain there until the end of the browser session. The saved information is then permanently deleted from the Device's memory. The mechanism of session cookies does not allow the collection of any personal data or any confidential information from the User's Device.

b. Persistent cookies: they are stored on the User's Device and remain there until they are deleted. Ending a browser session or turning off the Device does not delete them from the User's Device. The persistent cookie mechanism does not allow the collection of any personal data or any confidential information from the User's Device.

3. The User has the option to limit or disable the access of cookies to his Device. If you use this option, the use of the Website will be possible, except for functions which, by their nature, require cookies.

III. The purposes for which cookies are used

1. The Administrator uses Own Cookies for the following purposes:

a. Service configuration

I. To adjust the content of the Website pages to the User's preferences and optimize the use of the Website pages.

II. To recognize the Website User's device and its location and properly display the website, tailored to his individual needs.

III. To remember the settings selected by the User and to personalize the User's interface, e.g. in terms of the selected language or region from which the User comes.

IV. To remember the history of visited pages on the website in order to recommend content.

V. To maintain the Website User's session (after logging in), thanks to which the User does not have to re-enter the login and password on every subpage of the Website.

VI. To correct configuration of selected functions of the Website, allowing in particular verification of the authenticity of the browser session.

VII. To optimize and increase the efficiency of services provided by the Administrator.

c. Implementation of processes necessary for the full functionality of websites

I. To adjust the content of the Website pages to the User's preferences and optimize the use of the Website pages. In particular, these files allow to recognize the basic parameters of the User's Device and properly display the website, tailored to his individual needs.

d. Analysis and research as well as audience audit

I. creating anonymous statistics that help to understand how Website Users use the Website's pages, which allows improving their structure and content.

e. Ensuring the safety and reliability of the website

2. The administrator of the service uses external cookies for the following purposes:

a. presenting multimedia content on the Website pages that are downloaded from an external website:

I. www.youtube.com [cookie administrator: Google Inc. based in the USA]

b. collecting general and anonymous static data via analytical tools:

I. Google Analytics [cookie administrator: Google Inc. based in the USA]

c. presenting advertisements tailored to the User's preferences using the online advertising tool:

I. Benhauer advertising system [cookie administrator: Benhauer Sp. z o.o. based in Krakow]

d. use of interactive functions to popularize the website using social networking sites:

I. plus.google.com [cookie administrator: Google Inc. based in the USA]

II. Facebook.com [cookie administrator: Facebook Inc based in the USA or Facebook Ireland based in Ireland]

e. implementation and settlement of services provided electronically by the Administrator to the User:

I. synxis.com [cookie administrator: TravelClick Inc based in the USA]

IV. Possibilities of determining the conditions of storage or access

1. The User may independently and at any time change the settings for Cookies, specifying the conditions for their storage and access to the User's Device by Cookies. Changes to the settings referred to in the previous sentence can be made by the User using the web browser settings or by using the service configuration. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about them each time Cookies are placed on the User's device. Detailed information on the possibilities and methods of handling cookies is available in the software settings (web browser).

2. The user may at any time delete cookies using the functions available in the web browser he uses.

3. Restricting the use of cookies may affect some of the functionalities available on the website of the Service.

V. Personal data protection

1. Data Administrator

The data administrator is the Hotele Diament S.A. with its registered office at ul. Jarosława Dąbrowskiego 50 44-100 Gliwice.

2. Data processing

The processing of personal data is understood as an operation or a set of operations performed on personal data or sets of personal data in an automated or non-automated manner, such as collecting, recording, organizing, organizing, storing, adapting, modifying, downloading, viewing, using, disclosing by sending, dissemination, other types of sharing, adjusting, combining, limiting, deleting and destroying.

3. Purpose of data processing

The data is processed in accordance with the provisions of the GDPR, processed for clearly defined purposes and to the extent necessary to achieve this purpose.

Data that may be provided voluntarily by the user are then processed only to the extent that the user has given his consent and for the following purposes:

- providing information on the content and services of Hotele Diament S.A. in response to the request or inquiry of the data subject

- ordering and implementation of services provided by the company Hotele Diament S.A.

- performance of contracts to which the data subject is a party

- fulfillment of legal requirements

- implementation of the objectives resulting from the legitimate interests pursued by the data controller or by a third party

In connection with the above, we inform you, as data subjects, that pursuant to Art. 13 and 14 of the GDPR, we will process the aforementioned data for the purposes referred to above manually in a traditional manner and in an automated manner using IT systems.

4. Data recipients

The data may be processed by employees and associates of Hotele Diament S.A. as "persons responsible for processing" who, on the basis of direct authorization from the Administrator or the Processor, have the right to process personal data in accordance with art. 4.10 and 4.29 of the GDPR. The data may also be processed by trusted entities providing technical and organizational services for the Company based on entrustment agreements or other legal instruments permitted by EU law. The data administrator may also disclose data to other recipients only at the request of entities authorized to do so by law or when it is necessary to achieve the proven and legitimate goals of the administrator or a third party.

5. Data processing agreement

In cases where data processing does not result from an obligation resulting from legal provisions, it is not related to a contract or service performed for you or it does not result from a legitimate interest pursued by the company Hotele Diament S.A. or a third party, we ask you for consent to the processing of personal data for the indicated purpose. Whenever you have consented to the processing of data for the purposes indicated, such consent may be revoked at any time.

6. Objection to data processing

Pursuant to the provisions of Art. 21 GDPR, the data subject has the right to object at any time to the processing of their personal data for the indicated purposes. In such a case, personal data will no longer be processed for the purpose stated in the objection. The objection is not possible when the processing is carried out on the basis of statements resulting from legal provisions or a legitimate interest pursued by the Administrator or a third party.

7. Transfer of personal data to third countries

The collected and processed data may be transferred outside the European Economic Area to independent IT service providers or data storage services, including cloud storage. Data is transferred only in accordance with the provisions on data protection and provided that the data and means of communication are properly secured, for example on the basis of a data transfer agreement based on contractual clauses adopted by the European Commission with regard to the transfer of personal data by data controllers in the EEA to controllers data and processors in legal systems that do not have adequate data protection laws or on the basis of a Privacy Shield Agreement regarding the transfer of personal data by entities in the EU to entities in the United States or an equivalent agreement in other legal systems, or the transfer of data to a country for which the European Commission has determined that the legally prescribed level of data protection in that country is adequate, or if it is necessary to conclude or perform a contract with a third party and for the purposes of such a contract, the transfer of data is in the interest of the data subject. In other cases, it is also permissible to provide data when the data subject has consented to it.

8. Data processing period

All personal data is collected in a lawful manner, for the purposes indicated, while maintaining the principles of necessity. Personal data will be stored in accordance with the principle of proportionality in such a way as to enable the identification of the data subject and until the purposes of processing are achieved.

9. Rights of the data subject

Pursuant to Art. 13.2.b and 13.2.d, art. 14.2.c and 14.2.e, art. 15, art. 18, art. 19 and art. 21 GDPR, the data subject has the right to request the Company to access personal data, rectify it, delete it or limit processing, or object to processing; has the right to transfer data in accordance with art. 20 GDPR, has the right to lodge a complaint with the President of the Personal Data Protection Office, the right to rectify, delete data or limit processing at the request of the data subject.

10. Social media plugins

This website may contain plugins for certain social media platforms. Social media plugins are special tools that allow you to embed the functions of social media platforms directly on your website. Such plugins are marked with the corresponding logo of each social media platform. When you visit our website and use the plug-in, the information is transmitted by your browser directly to the social media platform, which saves and processes it. For more detailed information on the purposes, types and methods of collecting, processing and storing personal data by social media and information on how to exercise your rights, please see the privacy policy of the relevant social media platform.

11. Links to independent sites

There may be dedicated links on this website through which you can connect directly to other independent websites. The administrator of this website is not responsible for the way in which independent parties manage personal data and authentication data provided by third parties.