Privacy policy of the Patria Guesthouse (registered office: 3300 Eger, Szúnyog köz 3.) other accommodation. 

The scope of this notice covers the processing of data on the website of the accommodation (www.patriapanzio.hu). The privacy statement is permanently available on the following website: www.patriapanzio.hu

Our data processing complies with the relevant legislation, in particular with the following:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”);

– Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (“Infotv.”);

– Act V of 2013 on the Civil Code;

– Act C of 2000 on Accounting;

– Act CL of 2017 on the Rules of Taxation;

– Act CXXXIII of 2005 on the Rules of Personal and Property Protection and Private Investigation (hereinafter referred to as the “Act on the Protection of Persons and Property and Private Investigation”);

– Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions on Commercial Advertising Activities;

– Act CVIII of 2001 on certain aspects of electronic commerce services and information society services.

Definitions

data subject/user: any specific natural person identified or identifiable, directly or indirectly, on the basis of personal data;

2. personal data: data which can be associated with the data subject, in particular the name, the identification mark and one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of the data subject, and the inference which can be drawn from the data concerning the data subject;
3. specific data:

(a) personal data revealing racial or ethnic origin, nationality, political opinions or political party affiliation, religious or philosophical beliefs, membership of an interest group or membership of a representative body, sex life,

1. b) personal data concerning health, pathological addiction and personal data concerning criminal offences;
2. consent: a freely given and freely given indication of the data subject’s wishes, based on adequate information, by which he or she signifies his or her unambiguous agreement to the processing of personal data concerning him or her, either in full or in relation to specific operations;
3. objection: a declaration by the data subject objecting to the processing of his or her personal data and requesting the cessation of the processing or the erasure of the data processed;

(6) ‘controller’ means a natural or legal person or an unincorporated body which, alone or jointly with others, determines the purposes for which the data are processed, takes and executes decisions regarding the processing (including the means used) or has the processing carried out by a processor on its behalf;

7. data processing: any operation or set of operations which is performed upon data, whatever the procedure used, in particular any collection, recording, recording, organisation, storage, alteration, use, retrieval, disclosure, transmission, alignment or combination, blocking, erasure or destruction of data, prevention of their further use, taking of photographs, sound recordings or images and the recording of physical features which can be used to identify a person (e.g. fingerprints, palm prints, DNA samples, iris scans);
8. transfer: making data available to a specified third party;
9. disclosure: making data available to any person;

(10) erasure: rendering data unrecognizable in such a way that it is no longer possible to retrieve it;

11. data marking: the marking of data with an identification mark to distinguish it;
12. data blocking: the marking of data with an identification mark to limit their further processing either permanently or for a limited period;
13. data destruction: the total physical destruction of a data medium containing data;

14) ‘Data processing’ means the performance of technical tasks related to data processing operations, irrespective of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;

(15) ‘processor’ means a natural or legal person or an unincorporated body which, under a contract with a controller, including a contract entered into according to a legal provision, processes data;

16) ‘data controller’ means the public authority that has produced the data of public interest which must be made public by electronic means or in the course of whose activities the data were generated;

17) ‘data communicator’ means a public sector body which, if the data controller does not publish the data itself, publishes on a website the data communicated to it by the data controller;

18. ‘data file’ means the set of data managed in a single register;

(19) ‘third party’ means a natural or legal person, or an unincorporated body, other than the data subject, the controller or the processor;

The purpose of the processing

The Controller processes the personal data of the Guests for the following purposes:

Primarily for the purpose of making a reservation at the Guest House, it is necessary to provide certain personal data, as detailed below.

– We also need your personal data to issue an invoice for the accommodation.

– We also need your personal data for the purposes of communicating with you about your booking, so that we can inform you if any material circumstances arise that you need to know about.

Legal basis for processing

Personal data may be processed where

o with the consent of the data subject; or

o it is provided for by law or, by virtue of a local government decree, on the basis of a law, within the scope specified therein, for a purpose in the public interest.

2. Personal data may also be processed where obtaining the data subject’s consent would be impossible or would involve disproportionate costs and the processing of the personal data would

o necessary for compliance with a legal obligation to which the controller is subject; or

o is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, and the pursuit of those interests is proportionate to the restriction of the right to the protection of personal data.

3. Where the data subject is incapable of giving consent due to incapacity or for other reasons beyond his or her control, personal data of the data subject may be processed to the extent necessary to protect his or her vital interests or those of another person or to prevent or protect against an imminent danger to the life, physical integrity or property of a person, as long as the obstacles to consent persist.

4.

Where the processing based on consent is intended to implement a contract concluded in writing with the controller, the contract must contain all the information which the data subject needs to know in order to process the personal data, in particular the specification of the data to be processed, the duration of the processing, the purposes for which the data are to be used, the fact of the transfer of the data, the recipients of the data, the use of a processor. The contract must unambiguously state that the data subject, by signing it, consents to the processing of his or her data as provided for in the contract.

6. If the personal data have been collected with the consent of the data subject, the controller shall, unless otherwise provided by law,

o for the performance of a legal obligation to which he is subject, or

o for the purposes of the legitimate interests pursued by the controller or by a third party, where such interests are proportionate to the restriction of the right to the protection of personal data.

Scope of the data processed

The use of the online booking platform on the website of the Data Controller (www.patriavendeghaz.hu) does not require a separate registration, but the following personal data must be provided in order to make a booking:

name

– e-mail address

– telephone number

– date of arrival

– email address, e-mail address, date of departure

– which apartment they would arrive in

– payment method

– number of adult guests

– number of children guests

– whether pets are coming on holiday

To contact the Data Controller’s website (www.patriapanzio.hu), you must provide the following personal data:

name

– e-mail address

– telephone number

– subject of contact

– Message

After booking the accommodation, you will be asked to fill in the following personal data to complete the Registration form:

name, maiden name

– Name, place and date of birth

– name, date of birth, date of birth, place of birth, date of birth, date of birth, place of birth

– name, date of birth, date of birth, date of birth

– telephone number, e-mail address

– the guest is a child under 18 years of age, 

purpose of stay is holiday or work

– date of arrival

– day of departure

Duration of data processing

The Data Controller processes personal data for the duration of the purpose of the processing, in particular for the duration of the legal relationship with the Guest and until the Guest requests the deletion of his/her data or withdraws his/her consent.

Please also note that we are obliged to process personal data which are indispensable for the contractual provision of services or for the performance of our obligations, whether arising from a contract between us or from general binding legal requirements, regardless of your consent, for the period of time specified by or in relation to the applicable legislation (e.g. for accounting records, this period is at least 10 years).

Data security

The Data Controller will take all necessary steps to ensure the security of the personal data provided by the Guests, both in the network system and in the storage and retention of the data.

The reservation system through the website of the Data Controller is hosted by an external secure hosting provider, which does not have access to the data managed on this hosting. The data controller’s work processes are carried out on a password and anti-virus-protected computer.

Rights of Guests and means of redress

The Guest has the right to receive feedback from the data controller as to whether his/her personal data are being processed and, if so, to be informed of the data processed and of any relevant information concerning the processing.

– The Guest may request the controller to correct inaccurate personal data relating to him/her without undue delay. Taking into account the purposes of the processing, he/she may request the integration of his/her personal data.

– The Guest may request the erasure of his or her data unless the processing is necessary for compliance with the controller’s legal obligations or the establishment, exercise, or defense of legal claims. The Controller shall delete the personal data without undue delay where the processing is unlawful, incomplete, or inaccurate, the purpose of the processing has ceased or the period of storage has expired or has been ordered by a court or public authority, or where the deletion is necessary to comply with a legal obligation to which the Controller is subject.

– Where the controller processes personal data based on the data subject’s consent, the data subject may withdraw that consent. If there is no other legal basis for the processing, the controller shall erase the personal data concerned by the withdrawn consent.

– The Guest shall have the right to obtain, at the request of the controller, restriction of processing where

o The customer contests the accuracy of the personal data – for the time necessary to verify the accuracy;

o the processing is unlawful, but the Customer objects to the deletion of the data and requests the restriction of use;

o the controller no longer needs the personal data for the processing, but the data subject requires them for the establishment, exercise or defense of a legal claim; or

o the data subject objects to the processing of his or her data on grounds of public interest or legitimate interest pursued by the controller or a third party.

During the restriction period, the controller shall not use the personal data for any purpose other than storage.

In the event of the exercise of the Guest’s rights, the controller shall examine the data subject’s request and take the necessary measures and inform the Guest of those measures or the reasons for not doing so within one month of receipt of the request.

– Enforcement of rights:

o The Guest may send his/her request for data processing to the Data Controller, at the address 3, Szúnyog köz, 3300 Eger, or at the address info@patriapanzio.hue-mail.

o In the event of a breach of his/her rights, the data subject may bring an action before the competent court at the address of the controller or, at his/her option, the competent court at his/her place of residence or, failing that, at his/her place of abode.

o Furthermore, the Guest may lodge a complaint with the National Authority for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet Fasor 22/c., hereinafter referred to as “NAIH”) and initiate an investigation because a violation of rights has occurred or is imminent concerning the processing of his/her data.

Cookie policy:

What are cookies?

A cookie is a small text file that is stored on a user’s computer by a browser program when a website requests it. Websites use these files, called cookies, to store temporary but important information, such as the visitor’s preferences, to identify the visitor, to monitor browsing habits and to track if the user has visited a website before.

Cookies also help us to ensure that the home pages of our browsers always appear as usual, that we don’t have to log in to Facebook or Gmail again and again (because the website remembers that we have logged in), and that we don’t have to add products to our shopping basket in a shop, because the shopping basket stays there even if we leave the website while shopping and only return later.

Use of cookies on the website:

Our website also requires the use of certain cookies, most notably when you log in to our website. If you disable the use of cookies, this and similar cookie-based features will not work.

If you have enabled your browser to accept cookies, we will also consider this as consent to the use of cookies sent by us.

If you do not wish to give your consent, please disable the use of cookies in your browser.

Please note that as cookies are intended to facilitate or enable the usability and processes of our website, by preventing or deleting the use of cookies, our users may not be able to fully use the features of our website or the website may not function as intended in their browsers.

You can find out about the cookie settings of the most popular browsers by following the links below:

– Google Chrome

– Mozilla Firefox

– Microsoft Internet Explorer (IE 9 and IE 11)

– Opera

– Safari

Cookie and security:

Cookies are nothing to be afraid of, there is no security risk in using them, and they are very useful! They are just there to make it easier for you to surf the Internet!

The cookies used by www.patriavendeghaz.hu are just there to make your life easier:

Session (necessary) cookies, i.e. cookies that are strictly necessary for browsing and using the site properly; a basic cookie. These cookies only work on the interface and only while you are on the site, when you exit the browser they are automatically deleted.

– Cookies are responsible for managing the website’s statistics, these are used to track the behavior of visitors to the website, the frequency of return visits, for example, to determine which pages within the website are the most visited.