GDPR policy
In connection with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data of natural persons and the obligations of data controllers to implement appropriate technical and organizational measures to ensure that data is processed in accordance with this regulation, Hotel Riva takes the necessary measures and actions to comply with the regulation.
TYPES OF PERSONAL DATA WE COLLECT AND PROCESS
For the purposes of accommodation and pursuant to Art. 116(1) of the Tourism Act, we are obliged to keep a register with the following information – date, name, personal identification number, date of birth, gender, citizenship, number of a valid identity document, country that issued the identity document, floor. Room, arrived on date, departed on date, number of nights, use of travel package.
Video surveillance is used on the site.
Three names, a phone number are required during the booking process. By providing them, you agree to their use in connection with the reservation and subsequent accommodation.
According to our reservation policy, you are required to provide credit/debit card details – type, number, cardholder, validity. The information you provide is encrypted and protected from access by unauthorized persons.
WHAT WE USE PERSONAL DATA FOR AND WHO WE PROVIDE IT TO
We collect and process personal data only in connection with legal requirements.
We are preparing a register in accordance with Article 116(1) of the Tourism Act
We prepare invoices by filling in the necessary details according to the Accountancy Act
We use video surveillance to ensure the security and peace of mind of our guests.
The collected personal data is provided to state authorities, duly identified with relevant documents – written orders, which state the reason, the names of the persons who need to be provided with access to the personal data.
Personal data is destroyed after the legally established retention period.