Company privacy statement
Introduction
OREA IMERA, a.s. (hereinafter referred to as the company) is aware of the fact that the right to privacy is a fundamental human rights, and also of the importance of privacy, security and protection of these data.
The company's policy regarding the protection of personal data
We process personal data in accordance with the law, transparently and in a transparent manner.
We carry out data processing:
• with your consent;
• for the purpose of fulfilling our obligations;
• for legitimate purposes the pursuit of our work;
• in accordance with the law.
What information we collect
Personal information is any information that identifies you personally, or the other basic information on which you can be identified, directly or indirectly. We may collect your personal information during your use of our services – accommodation, restaurant, business parties, etc. Your personal information may be also be used in the course of communication with you.
Why we collect these information
The company usually collects these because of legal requirements, in order to fulfil our obligations (the provision of hotel services for you) for your protection (camera records) for marketing purposes (with your consent), for example, if you want to send information about promotions of our company (discount on accommodation, happy hours in the restaurant, the discount on your birthday the day of implementation exclusive event for our customers, etc.)
Information you provide directly
Contact information-we may collect personal and business contact information, such as your name, surname, date of birth, identity document number, mailing address, telephone number, fax number, e-mail address, and other similar contact information.
Payment information-we collect the data necessary for payment processing and fraud prevention, such as credit/debit card numbers, security codes, and other related billing information.
Visual images (data) taken by a camera record — we may collect Visual images (data) taken using a camera system. At the entrance to the area to the hotel or to the restaurant you are informed that this area can be monitored by cameras system. The purpose of camera system is to ensure your safety and the safety of our employees and of other persons. Visual images can be used in the event of dispute resolution – loss or theft of some item, etc.
The security of your personal information
We use reasonable and appropriate physical, technical and administrative procedures for the security of the collected and processed data to prevent unauthorized access or disclosure and to ensure that your information will be used only in the manner authorized. The company stores information as required or permitted by law, as long as they have a legitimate business purpose.
When the collection, transmission, or storage of sensitive data such as financial information, we use a wide range of security technologies and procedures that will help to protect your personal information from unauthorized access, use or disclosure. When transmitting highly confidential information (such as credit card number or password) over the internet, we use encryption protection, such as the latest version of the Transport Layer Security Protocol ("TLS").
As part of real-time payment processing, we also use the services of fraud prevention. This service provides us with an additional level of security against credit card fraud and to protect your payment information.
Your personal data is important to us
We take the security of your personal data very seriously and comply with the following regulations defined as necessary through GDPR laws when handling your data:
• the physical security of paper forms is kept in a safe-box or lockable cabinets
• our employees are trained in the field of information security
• for IT management, we use only those companies that have an information security certificate
• we require that all our partners in the field of information systems (software) have fulfilled all the GDPR requirements or protection for your data before continuing cooperation with them regarding processing of your accommodation, retention of information about your property or information about you eating in the restaurant
• in the event that you submit a credit card number (e.g. for reservation) this number is only held in our information system for as long as necessary, and in the case of no arising issues, this information is deleted automatically
• we use only secure and encrypted communication channels using using SSL/TLS Protocol to communicate with you
• we regularly check our IT and we follow all the changes or updates in the field of security (encrypted HDD, multiple tiered protection approaches, etc.)
How we share information
We share your personal information only in the cases of:
1. Compliance with laws
We may share your personal information if we believe in good faith that we have a duty to:
• respond to legitimate requests from law enforcement authorities, regulatory authorities, courts or other public authorities, inter alia, in order to meet the requirements for ensuring national security
• act in accordance with the law, regulation, court order, court appointed summons
• to investigate and help prevent security threats, fraud or any other illegal or harmful activity
• to enforce or protect the rights and property of the company
• to protect the rights or the personal safety of the company, its employees, and third parties, as regards the use of the company's assets, in accordance with the requirements of applicable law.
2. Sharing with others
Our company does not share your personal information with any other companies.
Your rights and contact with us about your privacy
You have the right to access all personal data that you provide to us or that we hold about you. In addition, you have the right to revoke previously given consent or request the correction, addition, deletion, anonymization or limitations of your personal information and ask for an explanation of their processing.
In certain cases, you may be denied on the basis of legitimate exceptions, such as if disclosure of the information revealed personal information of another person, or the disclosure of such data is prohibited by law.
Changes to the Declaration on the protection of personal data
If this privacy statement change, the revised version with the date changes will be published here. If any fundamental changes occur in our declaration regarding data protection, which change our privacy practices, we may also notify you by other means, such as by sending an email or by posting a notice the hotel’s website or social media sites. This privacy statement was last updated in July of 2018.