Privacy Policy

THE PROCESSING OF PERSONAL DATA [GDPR]

On the basis of our trade cooperation (i.e. by placing an order on www.enchanthotelscollection.com online store or by online reservation) or based on a personal meeting you give your consent to the company HOTELSPINE s.r.o., with reg. address Ve Smečkách 1596/25, Nové Město, 110 00 Praha 1, under reg. number 19476388, represented by Michal Chour – executive, Company ID: 19476388, Tax ID: CZ19476388 (hereinafter “HOTELSPINE s.r.o.”), to the processing of your personal data in the following scope:

This Privacy Policy describes how the company HOTELSPINE s.r.o., which is providing hotel services under the Enchant Hotels Collection trademark, collects, uses, consults or otherwise processes your personal data.

The company HOTELSPINE s.r.o. operates in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter “GDPR”) as well as the current national Data Privacy Acts. When using the Internet, we are committed to the protection of your Personal Data by applicable legal regulations and GDPR.

By using this website or using any of our services and by agreeing to this Policy, you agree to the collection and use of personal data as described in this Policy.

SCOPE OF PERSONAL DATA TO BE PROCESSED

Your personal data, which the company HOTELSPINE s.r.o. has collected within the implementation of the supplier-purchaser relationship between you – purchaser – and the company HOTELSPINE s.r.o. – supplier, particularly includes the following:

  1. a) Contact details for purpose of price offer request or reservation
    (title, first name, last name, address, phone number, e-mail address), based on point b) and c) section 1 Article 6 of EU GDPR;
  2. b) Contact details for purpose of marketing and online advertisements
    (first name, last name, e-mail address), based on point a) section 1 Article 6 of EU GDPR (consent of the Guests);
  3. c) Personal information for purpose of reservation
    (ID card, passport details, place and date of birth, citizenship), based on point b) and c) section 1 Article 6 of EU GDPR;
  4. d) Details of bank card for transaction and reservation purposes
    for settlement of payment and fulfillment of invoicing obligations (type, number, expiry date, name of card holder; CVC/CVV), based on point c) section 1 Article 6 of EU GDPR;
  5. e) Arrival and departure dates
    based on point b) section 1 Article 6 of EU GDPR;
  6. f) Visa number and certificate of registration
    (for non-EU or non-EEA residents) for reservation purposes, based on point b) section 1 Article 6 of EU GDPR;
  7. g) Technical and location data
    generated as a result of using our websites (start and end time of website usage, IP address and other browsing data/cookies), based on point a) section 1 Article 6 of EU GDPR (consent of the Guests).

PURPOSE OF PROCESSING PERSONAL DATA

Your personal data will be processed for these purposes:

  • marketing purposes of HOTELSPINE s.r.o., mainly by sending information about events, services and activities in the form of newsletters or email communication;
  • transactions conducted through Enchant Hotels Collection websites and systems;
  • making reservations in restaurants, lobby bar and other online reservations/orders;
  • protection of legitimate interests, particularly for assessing, exercising and enforcing legal claims and protecting rights, property and safety;
  • performance of a contract with the customer;
  • compliance with legal obligations.

WHO AND HOW WILL PROCESS PERSONAL DATA

The company HOTELSPINE s.r.o., as a data controller, will process your personal data on the basis of this consent within the above-defined scope and for the above-mentioned purposes in manual written as well as electronic form using automated systems by means of its own employees or personal data processors, i.e. entities entrusted by HOTELSPINE s.r.o. to perform individual processing activities in compliance with relevant legal regulations and with appropriate personal data processing agreements.

We may share your personal data with third-party providers of hotel-related services such as reception services, spa treatments or food delivery services. We rely on third parties to provide services and products on our behalf and may share your personal data with them as appropriate. All service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal data except as required by law or stated in the contract.

Your personal data may also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the controller’s legitimate interests in compliance with applicable laws.

FOR HOW LONG THIS CONSENT IS GIVEN

Consent to process personal data under the defined terms is given for the duration of the supplier-purchaser relationship between you and HOTELSPINE s.r.o. as follows:

Online store orders:
for the valid period, at the latest 15 months from the date of issue;

Restaurant/bar and other reservations:
from the day the reservation is entered into the system until the reservation is completed;

Newsletters:
for an indefinite period until the customer unsubscribes from the mailing list (each newsletter includes an unsubscribe link).

VOLUNTARINESS TO GIVE CONSENT / WITHDRAWAL OF CONSENT

Giving consent to the processing of personal data is entirely voluntary and is not conditional upon other performances required from you by HOTELSPINE s.r.o. within the supplier-purchaser relationship.

You may withdraw this consent at any time by sending your withdrawal to the e-mail address: [please insert hotel GDPR contact e-mail].

YOUR RIGHTS AS A DATA SUBJECT

Your personal data has been provided voluntarily within the above-defined scope. As a data subject, you have rights under relevant legal regulations.

You are entitled to:

  • require access to your personal data and information about its provision and processing (scope, purpose and duration of processing), including the right to obtain a copy of processed data from HOTELSPINE s.r.o.;
  • withdraw consent at any time;
  • request in writing the deletion of your personal data, particularly if consent is withdrawn and the data is no longer necessary for the purpose for which it was collected or processed;
  • exercise the “right to be forgotten” where applicable, including deletion of references, copies or replications of personal data published online;
  • receive personal data processed based on consent in a structured, commonly used and machine-readable format and transfer it to another controller;
  • object to processing for direct marketing purposes, upon which HOTELSPINE s.r.o. shall cease such processing.

If you believe that HOTELSPINE s.r.o. processes your personal data contrary to privacy protection regulations or applicable laws, especially where data is inaccurate with regard to the purpose of processing, you may:

  • raise an objection against processing;
  • request an explanation from HOTELSPINE s.r.o.;
  • request rectification, completion, blocking or deletion of personal data;
  • lodge a complaint with the relevant supervisory authority responsible for personal data protection.

SENDING COMMERCIAL COMMUNICATION

You also give your consent to the sending of commercial communication via electronic means pursuant to Act No. 480/2004 Coll. on certain information society services, as amended, meaning consent to receive commercial communication through electronic means to the contact information collected by HOTELSPINE s.r.o. within your supplier-purchaser relationship or by another lawful method.