1. General provisions

OZEX s.r.o. Prešov, Masarykova 22/A, Prešov 080 01, hereinafter referred to as the Plaza Beach Resort, respects your right to privacy and the privacy of every person who visits the hotel or uses our website. Plaza Beach Resort collects, processes and uses personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and Act no. 18/2018 Coll. on the protection of personal data and does everything necessary to ensure compliance with this legislation. We have put in place all necessary measures to secure and store your personal data that you provide to us.

2. Collection of personal data

Plaza Beach Resort only collects personal data that the client has given their voluntary consent to process and use. If you voluntarily provide us with personal data, we will not use it, process it, or transfer it beyond the limitations of the law or beyond what you have specified in your consent statement.

We process your data when we use electronic communication with you, for direct marketing, to send you reviews of the hotel's services on travel portals or to register you in our frequent guest program. This data is necessary to provide our services to you, to enter competitions, in postal communications with you, or to provide you with information about upcoming Plaza Beach Resort events and promotions.

We will only disclose your personal data to a third party if we are compelled to do so by a court order or other public authority decision.

3. Security

Plaza Beach Resort keeps your information secure and only authorized and instructed persons of our company have access to your personal information. We provide a secure IT environment and have taken the necessary measures to prevent the leakage of the personal data we collect and process.

4. Children's personal data

Plaza Beach Resort does not intend to collect personal data from children under the age of 14.

5. Your suggestions and comments

The data protection officer of Plaza Beach Resort will dispose of the data retained after a period of time specified by law or consent granted. You can request the destruction of your data at any time. You are entitled to withdraw your consent to the processing or use of your personal data at any time with effect for the future.

In these cases, or if you have any other suggestions regarding your personal data, please send us an email or letter to: Plaza Beach Resort, Marketing Department, Kutuzovova 4, 080 05 Prešov, or email [email protected] / [email protected].

At the same time, please contact us via the above-mentioned method if you wish to find out whether we have retained your data and, if so, what data. We will do our best to deal with your request promptly.

6. Security cameras

The Company operates security cameras on the premises to ensure the safety of guests and their property. Security cameras are marked with a pictogram and a text warning. The purpose of the security cameras is to protect property - specifically to protect equipment of significant value as well as guests' personal valuables, and are used to detect violations of the law and to catch offenders in the act. Prevention of such crimes cannot be done any other way and/or there is no other method of presenting evidence.

7. Reservations

In the case of online, in person (on paper) or telephone bookings, the company requires / may require the guest to provide the following information:

• first and last name
• address
• date of birth
• nationality
• e-mail address
• telephone number
• type of credit/debit card
• name of credit/debit card holder
• credit/debit card expiry date

8. Bank card details

For the purpose of booking rooms, the Company may only use the details of the bank card, credit card or bank account in question to the extent and for as long as is necessary to exercise the rights and fulfil the obligations. The data is processed by the banking partner contracted by OZEX s.r.o. Prešov.

9. Booking system - Asseco Solutions

The verified business partner of the controller, which operates the reservation system as a third party, ensures enhanced data protection and has appropriate security measures in place. The transmission of your personal data over a publicly accessible computer network is always protected by strong and certified means of encryption protection of information, in particular SSL (Secure Socket Layer). Details about protecting your privacy can be found here: assecosolutions.sk/privacy.html

10. Booking system - Booking.com

The business partner of the controller, which operates the booking system www.booking.com in the capacity of a third party, stores the data and then disposes of it. Details on how to protect your privacy can be found here: booking.com/content/privacy

11. Booking engine - Expedia.com

The Operator's business partner, which operates the www.expedia.com booking engine as a third party, stores the data and then destroys it. Details on how to protect your privacy can be found here: expedia.com/privacy-policy

12. Facebook

Our website may contain plug-ins of the social network facebook.com, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. Such plug-ins are mainly buttons such as "Like" or "Like".

If you access our website that is equipped with such plug-ins, your internet browser makes a direct connection to the Facebook server and the plug-in is displayed on the screen. The plug-in will inform the Facebook server which of our pages you have visited. If you are a member of the Facebook network and are logged in when you visit our page, Facebook will link this information to your user account.

Further information about the collection and use of data by Facebook is available at: facebook.com/policy.php. You can disconnect the link by logging out of Facebook before visiting our site.

13. Guest questionnaire - rating system

As part of the quality assurance process, guests can provide feedback via an online or paper questionnaire and/or rating system. When completing the questionnaire, guests may provide the following personal information:

• first and last name
• date of visit
• room number
• email address

Providing this information is optional and is only for the purpose of accurately investigating possible complaints and/or to enable the company to respond to the guest. Feedback and data obtained in this way cannot enable the guest to be traced, but could be used by Plaza Beach Resort for statistical purposes.

The personal data provided when completing the questionnaire must be deleted by Plaza Beach Resort within five (5) working days after the complaint has been reviewed. The email address and username provided as part of the rating system will be deleted by Plaza Beach Resort upon request to: [email protected] / [email protected]

Notice of the rights of the data subject

The data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. If the controller processes such personal data, the data subject has the right to obtain access to and information about:

• the purpose of the processing of the personal data
• the category of personal data processed
• the identification of the recipient or category of recipient to whom the personal data have been or are to be disclosed
• the period of retention of the personal data or the criteria for determining it
• the right to request rectification, erasure or restriction of the processing of personal data, or the right to object to processing
• the right to bring an action
• the source of the personal data, if not obtained from the data subject
• the existence of automated individual decision-making, including profiling

The data subject has the right to rectification of inaccurate personal data and to the completion of incomplete personal data. The data subject has the right to erasure of personal data if:

• the personal data are no longer necessary for the purpose for which they were collected or otherwise processed
• the data subject withdraws consent and there is no other legal basis for the processing
• the data subject objects to the processing and there are no overriding legitimate grounds for processing
• the personal data are being processed unlawfully

The data subject has the right to restrict the processing of personal data if:

• he objects to the accuracy of the personal data during a period which allows the controller to verify their accuracy
• the processing is unlawful and the data subject objects to erasure and requests restriction of use instead
• the controller no longer needs the personal data for the purpose of the processing, but the data subject needs them to exercise a legal claim
• the data subject objects to the processing of the personal data

The data subject has the right to data portability in a structured, commonly used and machine-readable format, where technically feasible. The right to data portability shall not apply to processing necessary for the performance of a task carried out in the public interest.

The data subject shall have the right to object to the processing of personal data for the purpose of direct marketing, including profiling. If the data subject objects to the processing for the purpose of direct marketing, the controller may no longer process the personal data for that purpose.

The data subject shall have the right to lodge a complaint for investigation pursuant to Section 100 of Act No. 18/2018 Coll. on the protection of personal data, if he or she suspects that his or her personal data are being handled in an unlawful manner.

The controller or processor may, under the conditions laid down in a special regulation, restrict the scope of obligations and rights, if such restriction is provided for in order to ensure:

• the security and defence of the Slovak Republic
• public order or the performance of tasks for the purposes of criminal proceedings
• other important objectives of general public interest of the EU or the Slovak Republic (economic, financial, tax interests, public health, social security)
• the protection of the independence of the judiciary and judicial proceedings
• the prevention of ethical breaches in regulated professions
• a monitoring, control or regulatory function connected with the exercise of public authority
• the protection of the rights of the person concerned or of other persons
• legal redress or economic mobilisation

Contact details of the person responsible: [email protected] / [email protected]

Newsletter

By providing your e-mail address, you agree to receive information about news and products via newsletter and have read the privacy policy of Plaza Beach Resort. Plaza Beach Resort will act in a manner that does not contravene the Data Protection Act or other generally binding legislation.

• Recipients.
• Transfer to a third country: will not be
• Retention period: 2 years

Contact: [email protected] / [email protected]

Booking

The personal data provided will only be used for the purpose of booking accommodation. Plaza Beach Resort will ensure that the personal data is destroyed without undue delay after the purpose of processing has been fulfilled. Plaza Beach Resort will ensure an adequate level of protection of personal data and will act in a manner that does not contravene the Personal Data Protection Act or other generally applicable legislation.

• Beneficiaries.
• Transfer to a third country: will not be
• Retention period: 1 year

Contact: [email protected] / [email protected]

Rights of the provider of the personal data

• The consent to the processing of personal data may be revoked at any time by the provider free of charge in writing at the address: Plaza Beach Resort, Kutuzovova 4, 080 01 Prešov.
• The provider has the right to request from Plaza Beach Resort access to his/her personal data and the right to rectification, erasure or restriction of processing, or the right to object to processing, as well as the right to data portability.
• The Provider has the right to defend its rights through the responsible person or by submitting a complaint to the supervisory authority - in Slovakia the Office for Personal Data Protection within the meaning of Article 100 of Act No. 18/2018 Coll.