2.1. Any information relating to an identified or identifiable natural person (hereinafter “data subject”) shall be considered personal data within the meaning of the Regulation; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or a network identifier or to one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.2. The data controller is YOU and ME s.r.o., with its registered office at Hájecká 707, Příbram II, 261 01 Příbram, Company ID No.: 063 33 095, incorporated in the Commercial Register kept by the Municipal Court in Prague, Section C, Insert 280412, referred to above as the Accommodation Provider. The Accommodation Provider operates its business and provides its services mainly in the accommodation facility in Prosenická lhota.
3.1. The Accommodation Provider collects personal data in the course of its activities and services. This mainly includes Client contact details and data relating to orders, bookings, stays and the use of other services. It also includes personal data collected for the purpose of concluding contracts of various types.
3.2. Personal data is provided to the Accommodation Provider in the following ways: by ordering accommodation and services from the Accommodation Provider, by ordering and booking services via the booking portals of intermediaries, by booking services via the booking form on the Accommodation Provider’s website www.youandme.cz, by communicating with the Accommodation Provider’s employees and staff, by filling in documents at the start of accommodation or on similar occasions, and by entering premises monitored by a CCTV system.
4.1. The Accommodation Provider processes personal data for the purposes of making bookings for accommodation and services, concluding contracts, administering contracts or negotiating contracts. The personal data of accommodated Clients is also processed by the Accommodation Provider on the basis of Act No. 565/1990 Coll., on local fees, as amended, Act No. 326/1999 Coll., on the residence of foreigners, as amended, Act No. 235/2004 Coll., on Value Added Tax, as amended, and Act No. 480/2004 Coll., on certain information society services, as amended.
4.2. In the event of the use of money exchange, the Accommodation Provider also processes personal data on the basis of Act No. 253/2008 Coll., on selected measures against legitimisation of the proceeds of crime and financing of terrorism.
4.3. The Accommodation Provider also processes personal data on the basis of legitimate interest, which consists, in particular, in the protection of property, health protection and in informing customers about the services offered.
5.1. The Accommodation Provider keeps personal data only for the necessary period of time and archives it according to the statutory time limits imposed by law. The Accommodation Provider processes personal data for the duration of the contractual relationship or other legal title that allows it to process personal data. Personal data that the Accommodation Provider processes with consent shall be stored only for the duration of the purpose for which the consent was given.
5.2. After the loss of the statutory reason and after the expiry of the statutory time limits for archiving personal data, the Accommodation Provider shall erase the relevant personal data.
6.1. It is always clear from commercial communications sent by the Accommodation Provider that the Accommodation Provider is the sender. The Accommodation Provider sends commercial communications either to Clients’ contact details on the basis of legitimate interest, and only until the Client expresses disagreement, or on the basis of explicit consent to the processing of personal data for marketing and commercial purposes. In the commercial communications sent, a contact for unsubscribing from such communications is also provided.
6.2. The Accommodation Provider may provide personal data to third parties only with the consent of the data subject. Without his/her consent, the Accommodation Provider may provide personal data only if it is necessary for the performance of obligations under applicable law or if it is necessary for the performance of obligations under contracts, orders, bookings, etc. Personal data may be processed by external entities of the Accommodation Provider on the basis of guarantees that ensure the technical and organisational protection of the personal data transmitted. Only processors may process personal data for the Accommodation Provider, and only on the basis of a contract for the processing of personal data.
6.3. The Accommodation Provider does not transfer any personal data to third countries.
7.1. The Regulation grants data subjects the following rights in relation to the processing of their personal data. 1. Right of access to personal data The right to request access to personal data and related information concerning the data subject. 2. Right to rectification The right to request the rectification of incorrect, outdated or inaccurate personal data or the right to have it completed or supplemented. 3. Right to erasure Subject to the conditions set out in the Regulation, the right to erasure of personal data relating to data subjects. 4. Right to restriction of processing 5. Right to data portability The right to request the transfer of personal data to another controller. 6. Right to object The right to object to the processing of personal data at any time to the Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00, Prague 7, phone: 234 665 111, website: www.youandme.cz.
8.1. The Accommodation Provider uses appropriate security procedures and practices to safeguard personal data. The Accommodation Provider uses technical and physical restrictions for access to personal data. Personal data is handled only by trained staff of the Accommodation Provider.