This policy applies to the website, available at: hotel32.pl.
The site operator and data controller is:
Hotel 32 Zwierzyniecka 32, 31-105 Kraków, Poland
Contact email address: office@hotel32.pl
The Operator is the Data Controller with respect to the personal data provided voluntarily on the website. The website uses personal data for the following purposes:
The website collects information about users and their behavior as follows:
Login locations and data entry points are protected by transmission layer security (SSL certificate). This ensures that any personal and login data entered on the website is encrypted on the user’s computer and can only be read on the destination server.
Personal data stored in the database is encrypted in such a way that only the Operator holding the key can read it. This protects the data in case of any database theft from the server.
User passwords are stored in hashed form. The hashing function is one-way and cannot be reversed, which is the modern standard for password storage.
The site employs two-factor authentication, adding an extra layer of login protection.
The Operator periodically changes its administrative passwords.
To protect data, the Operator regularly backs up data.
Regular software updates are also a critical part of data protection, particularly keeping programming components updated.
The site is hosted (technically maintained) on servers provided by: cyberFolks.pl
The hosting company maintains server logs to ensure technical reliability. Logs may include:
In certain situations, the Data Controller has the right to transfer your personal data to other recipients if it is necessary to fulfill an agreement with you or to meet obligations binding on the Controller. This applies to the following groups of recipients:
Your personal data is processed by the Controller no longer than necessary to fulfill the actions specified in separate regulations (e.g., accounting). For marketing data, this period will not exceed 3 years.
You have the right to request:
You also have the right to object to the processing specified in item 3.2 concerning the legitimate interests pursued by the Controller, including profiling. However, this right cannot be exercised if there are legitimate grounds for processing that override your interests, rights, and freedoms, particularly the establishment, exercise, or defense of legal claims.
You have the right to lodge a complaint against the Controller with the President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warsaw, Poland.
Providing personal data is voluntary but necessary to operate the website. Automated decision-making, including profiling, may be performed with respect to you to provide services under an agreement and for the Controller’s direct marketing.
Personal data is not transferred outside the European Union.
The website collects information provided voluntarily by the user, including personal data if provided.
The website may save information about connection parameters (timestamp, IP address).
In some cases, the website may save data that links form information to the email address of the user filling out the form. This means the user's email address may appear within the URL of the page containing the form.
Data entered in the form is processed for purposes related to the form’s specific function, such as service request handling or sales contact. Each form clearly indicates its purpose.
Information about user behavior on the site may be subject to logging. These data are used for site administration.
The Operator uses statistical analysis of website traffic via Google Analytics (Google Inc., USA). No personal data is transferred to Google for this service; only anonymized information is used. This service relies on cookies on the user’s end device. The Google Ads tool allows users to view and edit preferences related to ads generated by cookies: https://www.google.com/ads/preferences/
The Operator employs remarketing techniques to tailor advertising messages to user behavior on the website. Although this may create an impression that personal data is used for tracking, no personal data is transferred to advertisers. The necessary technology for this is based on enabled cookie support.
The Operator uses Facebook Pixel. This technology informs Facebook (Facebook Inc., USA) that a user registered on Facebook is using the website. This is based on data for which Facebook is independently responsible; no additional personal data is transferred by the Operator. This service also relies on cookies.
The Operator uses tools to observe user behavior, such as creating heat maps and recording behavior on the site. These data are anonymized before being transferred to the service provider, ensuring that individual users are not identifiable. Passwords and other personal data are not recorded.
The Operator uses automation tools to interact with users, for example, sending an email to a user after they visit a specific subpage if they have consented to receive commercial correspondence.
The website uses cookies.
Cookies are text files stored on the user’s end device, intended for use on the website. Cookies generally contain the name of the website they come from, their storage duration on the end device, and a unique number.
The website operator places cookies on the user's end device and can access them.
Cookies are used to maintain the user’s session after logging in, meaning they do not have to re-enter their login and password on every subpage of the website. They are also used to achieve objectives defined in "Important Marketing Techniques" above.
The website uses two main types of cookies: “session cookies” and “persistent cookies.” Session cookies are temporary files stored on the user’s end device until they log out, leave the website, or turn off their web browser. Persistent cookies are stored on the user’s end device for the period specified in the cookie parameters or until manually deleted.
Most web browsers allow cookies by default. Users can change their browser settings to delete cookies or automatically block them. Detailed information can be found in the help or documentation of the browser. Limiting cookie use may affect some website functionalities.
Cookies stored on the user's end device may also be used by website partners, including companies such as Google (Google Inc., USA), Facebook (Facebook Inc., USA), and Twitter (Twitter Inc., USA).
If a user does not wish to receive cookies, they can change their browser settings. Please note that disabling cookies required for authentication, security, and user preference maintenance may hinder website functionality.
To manage cookie settings, select the appropriate browser from the list below and follow the instructions:
For mobile devices: