{"id":5229,"date":"2018-10-02T12:45:26","date_gmt":"2018-10-02T12:45:26","guid":{"rendered":"http:\/\/ceceypanzio.hu\/en\/?page_id=5229"},"modified":"2018-10-02T12:47:00","modified_gmt":"2018-10-02T12:47:00","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/ceceypanzio.hu\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"


\nLast updated: 25 May 2018<\/strong><\/p>\n

This Privacy Policy sets out how L&D ’97 Bt (\u201cCecey Guest House Apartment\u201d, \u201cGuest House\u201d\u00a0or \u201cwe\u201d) uses and protects your personal data.\u00a0 Cecey Guest House Apartment is the Controller for personal data given to us by guests or prospective guests using the site www.ceceypanzio.hu<\/a>, as well as for other groups of individuals identified in the policy such as guests interacting with us through different channels, business contacts, and our staff.<\/p>\n

In the course of its business activities, Cecey Guest House Apartment requests, obtains, and processes personal data from guests, prospective guests, business contacts, staff, and other individuals.\u00a0 We aim to process the minimum personal data we need in order to provide a good service. We recognise and respect the legal rights and reasonable expectations of individuals over their personal data and privacy.<\/p>\n

This Privacy Policy explains how we protect personal data and privacy.\u00a0 Many of the principles we follow are driven by the EU\u2019s General Data Protection Regulation (GDPR).\u00a0 However, we comply with all applicable legal requirements on personal data protection and privacy.<\/p>\n

You can navigate through the Disclosure using the hyperlinks in the table of contents below. You can also download a PDF version with the hyperlinks embedded by clicking here<\/a>.<\/p>\n

We have tried to make this Privacy Policy easy to use and to understand, within the constraints of the complexity of the information we have to communicate.\u00a0 If you have any questions on the material or any comments or suggestions as to how we might improve the Disclosure, please contact us at:<\/p>\n

info@ceceypanzio.hu<\/a><\/p>\n

You can navigate through this Policy by clicking through the table of contents below.\u00a0 The main sections are the first two which cover:
\n1. Your rights under GDPR
\n2. The different processing activities in Cecey Guest House Apartment
\n3. Legal reference information (including contact details)
\n4. Terms and abbreviations used in this Disclosure<\/p>\n

Table of contents
\n1)\u00a0\u00a0 \u00a0Legal rights of individuals (\u201cdata subjects\u201d) under GDPR<\/a>
\n1.1\u00a0\u00a0 \u00a0Right to receive transparent information<\/a>
\n1.2\u00a0\u00a0 \u00a0Right of access to your own data<\/a>
\n1.3\u00a0\u00a0 \u00a0Right to rectify inaccurate data<\/a>
\n1.4\u00a0\u00a0 \u00a0Right to erasure (\u201cRight to be forgotten\u201d)<\/a>
\n1.5\u00a0\u00a0 \u00a0Right to withdraw consent<\/a>
\n1.6\u00a0\u00a0 \u00a0Right to request restriction of processing<\/a>
\n1.7\u00a0\u00a0 \u00a0Right to object to processing<\/a>
\n1.8\u00a0\u00a0 \u00a0Right not be subject to automated decisions<\/a>
\n1.9\u00a0\u00a0 \u00a0Data portability<\/a>
\n1.10\u00a0\u00a0 \u00a0Right to complain to a \u201cSupervisory Authority\u201d<\/a>
\n1.11\u00a0\u00a0 \u00a0Right to an effective judicial remedy against a controller or processor<\/a>
\n1.12\u00a0\u00a0 \u00a0Contacting Cecey Guest House Apartment regarding GDPR<\/a>
\n2)\u00a0\u00a0 \u00a0Data processing<\/a>
\n2.1\u00a0\u00a0 \u00a0Reservations
\n<\/a>2.2 \u00a0 \u00a0Registration cards<\/a>
\n2.3 \u00a0 \u00a0Contact<\/a>
\n2.4 \u00a0 \u00a0Automatically recorded data, cookies and \u201cremarketing codes\u201d<\/a>
\n2.4.1 \u00a0 \u00a0Automatically recorded data<\/a>
\n2.4.2.\u00a0\u00a0 \u00a0Cookies and similar technologies<\/a>
\n2.4.3. Web links<\/a>
\n2.5 \u00a0 \u00a0Staff <\/a>
\n2.6 \u00a0 \u00a0Business contacts<\/a>
\n2.7 \u00a0 \u00a0Wi-Fi<\/a>
\n3)\u00a0\u00a0 \u00a0Legal reference information (including contact details)<\/a>
\n4)\u00a0\u00a0 \u00a0Terms and abbreviations used in this Policy<\/a>
\n<\/a>1)\u00a0\u00a0 \u00a0Legal rights of individuals (\u201cdata subjects\u201d) under GDPR
\nThe \u201cdata subjects\u201d covered by GDPR are living individuals anywhere who deal with a \u201ccontroller\u201d in the EU, or living individuals in the EU who deal with a controller outside the EU. A \u201ccontroller\u201d is the legal entity which defines how personal data is processed. \u201cPersonal data\u201d is any data which can be linked to a data subject.<\/p>\n

As explained below, data subjects have the following specific rights under GDPR:
\na)\u00a0\u00a0 \u00a0Right to receive transparent information
\nb)\u00a0\u00a0 \u00a0Right of access to own data
\nc)\u00a0\u00a0 \u00a0Right to rectify inaccurate data
\nd)\u00a0\u00a0 \u00a0Right to erasure (\u201cRight to be forgotten\u201d) in specific circumstances
\ne)\u00a0\u00a0 \u00a0Right to withdraw consent
\nf)\u00a0\u00a0 \u00a0Right to request restriction of processing
\ng)\u00a0\u00a0 \u00a0Right to object to processing
\nh)\u00a0\u00a0 \u00a0Right not be subject to automated decisions
\ni)\u00a0\u00a0 \u00a0Right to data portability
\nj)\u00a0\u00a0 \u00a0Right to complain to a \u201cSupervisory Authority\u201d
\nk)\u00a0\u00a0 \u00a0to an effective judicial remedy against a controller or processor<\/p>\n

This Policy addresses all of these rights.\u00a0 Under your request on any of them, we will respond without undue delay and in any case within one month, and we will do our best to resolve even complex cases within three months. We will respond to you electronically or by such other medium as you request.\u00a0 We will not charge a fee for an initial request, but we reserve the right to charge an administrative fee for handling a request repeated with a year, or in case of otherwise manifestly unfounded or excessive request.<\/p>\n

Note that we will need to verify your identity to be able to act on any request.<\/p>\n

If we believe that we should not act on your request, we will write to inform you of the basis for our decision, and also of your options for legal remedy.<\/p>\n

Separately from these rights, if you believe that Cecey Guest House Apartment has mistreated you with regard to your personal data or your privacy, please contact us so that we can rectify the situation and improve our service to all guests. You can send a formal complaint to us by email or by post to the address given in section 1.12 \u201cContacting Cecey Guest House Apartment regarding GDPR\u201d below.<\/p>\n

We will aim to respond without undue delay and in any case within in a month.<\/p>\n

<\/a>1.1\u00a0\u00a0 \u00a0Right to receive transparent information
\nWe will provide all information required by GDPR to you in a concise, transparent, intelligible and easily accessible form, using clear and plain language, particularly for any information specifically for children. We shall provide the information in writing or by electronic means. If you request, we will provide information orally.<\/p>\n

We will facilitate your exercising your rights as described in the rest of section 1 below.<\/p>\n

Section 1.12 \u201cContacting Cecey Guest House Apartment regarding GDPR\u201d below gives email and postal addresses for contacting us.\u00a0 Certain sections on individual activities in section 2 give dedicated addresses for specific enquiries.<\/p>\n

<\/a>1.2\u00a0\u00a0 \u00a0Right of access to your own data
\nYou have the right to obtain from Cecey Guest House Apartment confirmation as to whether personal data on you is being processed, and, if so, to access the data and the following information:
\na)\u00a0\u00a0 \u00a0the purpose of the processing
\nb)\u00a0\u00a0 \u00a0the categories of personal data concerned
\nc)\u00a0\u00a0 \u00a0the recipients to whom we have disclosed or will disclose the personal data, in particular recipients in countries outside the EU
\nd)\u00a0\u00a0 \u00a0 the period for which the personal data will be stored
\ne)\u00a0\u00a0 \u00a0the existence of your right to request us to rectify or erase personal data or to restrict processing of personal data or to object to such processing
\nf)\u00a0\u00a0 \u00a0your right to lodge a complaint with a Supervisory Authority
\ng)\u00a0\u00a0 \u00a0where the personal data are not collected directly from you, information as to their source
\nh)\u00a0\u00a0 \u00a0whether there is any automated decision-making from the data, and, if so, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
\ni)\u00a0\u00a0 \u00a0Where we transfer your personal data to a country outside the EU, the appropriate safeguards we have in place to protect your rights.<\/p>\n

<\/a>1.3\u00a0\u00a0 \u00a0Right to rectify inaccurate data
\nIf we hold inaccurate or incomplete personal data on you, we will rectify this without undue delay on receiving your request.<\/p>\n

<\/a>1.4\u00a0\u00a0 \u00a0Right to erasure (\u201cRight to be forgotten\u201d)
\nYou have the right to request us to erase your personal data and for us to act on the request without undue delay, where one of the following grounds applies:
\n(a) Your data are no longer necessary in relation to the purposes for which they were originally processed
\n(b) You withdraw consent and we have no other legal basis for processing your data
\n(c) Our basis of lawfulness for processing is our legitimate interests, and you claim that we have no legitimate grounds for the processing which override your interest, rights, and freedoms
\n(d) The processing is for direct marketing, and you object to this
\n(e) We have been unlawfully processing your data
\n(f) We have to erase your data for compliance with a legal obligation in EU or Member State law to which we are subject
\n(g) Our basis of lawfulness for processing the data is consent given by a guardian for a child, and either (I) you are the guardian and the child is still under the age of consent, or (II) you are the child now older than the age of consent.\u00a0 (In Hungary, the age of consent for processing of personal data is: 16.)<\/p>\n

Please note that we cannot erase your personal data to the extent that processing is necessary:
\n(a) for exercising the right of freedom of expression and information;
\n(b) for compliance with a legal obligation which requires processing;
\n(c) for reasons of public interest in the area of public health;
\n(d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the request is likely to render impossible or seriously impair the achievement of the objectives of such processing; or
\n(e) for the establishment, exercise or defence of legal claims<\/p>\n

Your data will continue to exist temporarily on backup files after this deletion, but we use IT security techniques to ensure that these are accessible only for the purpose of restoring the database in the event of a loss of data and that they cannot be copied to reveal data.\u00a0 We destroy backup files on a rotating basis within 12 months.<\/p>\n

<\/a>1.5\u00a0\u00a0 \u00a0Right to withdraw consent
\nWhere you have given us consent for any processing, you have the right to withdraw consent at any time.\u00a0 You can do this by sending a request to the email address given in the relevant subsection of section 2 Activities below, which lists the different activities for which we manage personal data. Alternatively, you can write to us at the address in section 1.11 below.<\/p>\n

Note that your withdrawal of consent will not affect processing which we have already done.<\/p>\n

<\/a>1.6\u00a0\u00a0 \u00a0 Right to request restriction of processing
\nYou can request that Cecey Guest House Apartment restricts the processing of your personal data where one of the following applies:<\/p>\n