§.1 General Provisions
According to art. 13 para. 1 and par. 2 of the General Regulation on the Protection of Personal Data of 27 April 2016, I inform that:
The data administrator is MEDIOS Anna Graca based in Krakow 30-348, ul. Bobrzyńskiego 41B / 21, NIP: 8121747156, REGON: 120347972. Data protection is carried out in accordance with the requirements of generally applicable law, and their storage takes place on secured servers.
We respect the right to privacy and we care about data security.
Personal data provided in the forms of the site are treated as confidential and are not visible to unauthorized persons.
§2. Data Administrator
The service provider is the data administrator of their clients. This means that if you place an order on our website, we process your data as: name, surname, e-mail address, telephone number, IP address.
The service provider is also the administrator of persons whose data has been sent using the contact form.
Personal data is processed:
- in accordance with the provisions on the protection of personal data,
- to the extent and purpose necessary for the correct implementation of the Services provided electronically,
- to the extent and purpose necessary to fulfill legitimate interests (legitimate purposes), and the processing does not violate the rights and freedoms of the data subject,
- to the extent and purpose consistent with the consent expressed by you.
Each data subject (if we are their administrator) has the right to access data, rectify, delete or limit processing, the right to object, the right to lodge a complaint to the supervisory body..
Contact with the person supervising the processing of personal data in the organization of the Service Provider is possible via e-mail: firstname.lastname@example.org.
We reserve the right to process your data after withdrawal of consent only to the extent of the need to seek possible claims before the court or if national or EU regulations or international law oblige us to retain data.
The Service Provider has the right to share personal data of the User and other his data with entities authorized under the applicable law (eg law enforcement authorities).
The removal of personal data may occur as a result of the withdrawal of consent or filing a legally admissible objection to the processing of personal data.
The Service Provider does not share personal data with other entities than authorized under the applicable law.
We have implemented pseudonymisation, data encryption and we have introduced access control, thanks to which we minimize the effects of possible data security breaches.
Personal data is processed only by persons authorized or processed by us, with whom we work closely.
The information collected relates to the user session identifier, the settings of appearing messages or consents.
The user may at any time disable or restore the option of collecting cookies by changing the settings in the web browser. Instructions for managing cookies are available on the website
Additional personal data, such as an e-mail address, are collected only in places where the user expressly consented to this by completing the form. The above data is retained and used only for the needs necessary to perform a given function.
Data in forms:
There are 2 types of forms on the page:
1) Accommodation booking form that allows you to send a message to the owner of the page. Providing data is voluntary. Everyone has the right to access their personal data and correct it. Messages sent via the form are processed by the owner of the page in the process of booking the accommodation. The data is stored in the form of an email on the mail server.
2) Contact form enabling sending a message to the owner of the page. Providing data is voluntary. Messages sent via the form are processed by the owner of the page to provide a response. The data is not shared with third parties. They are stored in the form of an email on the mail server.