Service4You Hospitality Kft. Guarantees in every case the lawfulness and expediency of the processing of the personal data it handles. The purpose of this leaflet is to provide our hotel guests with personal information when staying at our hotel, prior to making a reservation or providing their personal information, about the conditions and guarantees under which our company will treat their data and for how long. Our company adheres to this information in all cases involving the management of personal data, and we are bound by this.
Our company details and contact details are as follows:
Name: Service4You Hospitality Kft.
Headquarters: H-1037 Budapest, Folyondár utca 9/B
Company Registration Number: 01-09-207169
12188145-2-41
Represented by Zoltán Géza Boldizsár, Managing Director
Phone number: + 36-20 / 432-4403
Email: info@service4you.hu
Website: https://service4you.hu/
(also referred to as “Data Controller”)
Our data management complies with applicable law, in particular the following:
➢ Regulation (EU) 2016/679 of the European Parliament and of the Council of 27
April 2016 – on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation
(EC) No 95/46 (the General Data Protection Regulation, hereinafter “GDPR”);
➢ Act CXII of 2011 on Freedom of Information and Freedom of Information. law;
➢ Act V of 2013 on the Civil Code;
➢ Act C of 2000 on Accounting;
➢ CL Act 2017 on Taxation. law;
➢ Act CXXXIII of 2005 on the Rules of Personal and Property Protection and
Private Investigation; (hereinafter referred to as “the Act”);
➢ Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity; law;
➢ Act CVIII of 2001 on Certain Issues in Electronic Commerce Services and
Information Society Services. law.
The following information regarding each of our data management activities is
provided.
II. SOME DATA MANAGEMENTS
1. DATA MANAGEMENT IN CONNECTION WITH ONLINE ACCOMMODATION
Our company offers the possibility to book accommodation online in order to book a room in our hotels in a fast, convenient and cost-free way.
Purpose of data management: to make the booking of accommodation easier, free of charge and more efficient.
Legal basis for data processing: Prior consent of the person lodging the accommodation [Article 6 (1) GDPR (a) of the GDPR], the need to take action at the request of the data subject prior to the conclusion of the contract between the Controller and the Data Controller [Article 6 (1) GDPR]. (b)].
The scope of personal data handled: address; last name and first name; address (country, zip code, city, street, house number); telephone number; e-mail address; in the case of a company, the company name and registered office, bank card number, SZÉP card details (ID, name on the card), representative, contact name, e-mail address and telephone number.
Period of data management: Two years after the last day of the reservation date of stay.
Data Processing Recruitment: Our company uses an IT service provider for your online accommodation system as follows.
The name of the data processor
NetHotelBooking Kft.
Knighthosting LLC
Headquarter
8200 Veszprém, Boksa tér 1/A
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Provide online booking through RESnWEB
Operation of the Website
By accepting this information, you expressly consent to the use of additional data processors by NetHotelBooking Ltd. to make the service more convenient and customized as follows:
Additional data processor name
Headquarter
Description of the data processing task
The Rocket Science Group, LLC
675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308, USA
Owner of Mandrill software integrated into the reservation system. This software is responsible for sending automated emails showing confirmations, notifications when booking, bidding and measuring satisfaction
Hostware Kft.
1149 Budapest, Róna Street 120-122
Perform client management tasks when using the Hostware Front Office hotel system
Triptease Limited
WeWork 3 WaterhouseSquare 138-142 Holborn London EC1N 2SW United Kingdom
An online chat feature that allows guests to stay in touch with the hotel and manage their bookings quickly and efficiently
BIG FISH Internet-Technology Ltd.
1066 Budapest, Nyugati tér 1-2
Conducting data communication for payment transactions between the merchant and the payment service provider, ensuring traceability of transactions for the merchant partners
OTP Mobil Kft.
1093 Budapest, Közraktár u. 30-32.
Conducting data communications for payment transactions between the merchant and the payment service provider’s system, customer support for users, fraud monitoring for transaction confirmation and protection.
BarionPayment Zrt.
1117 Budapest, Infopark Promenade 1. Building I.
Conducting data communications for payment transactions between the merchant and the payment service provider’s system, customer support for users, fraud monitoring for transaction confirmation and protection.
Creative Management Kft.
8200 Veszprém, Boksa tér 1. The int.
Serving server hosting tasks
Possible consequences of failure to provide information: No hotel room contract.
Rights of the data subject: the data subject (the person whose personal data is
processed by our company)
(a) request information on the processing of, and access to, personal data
relating to him or her;
(b) apply for their correction,
(c) request their cancellation,
d) request, under the conditions of Article 18 of the GDPR, to restrict the
processing of your personal data (that is, not to delete or destroy your data until a court or authority has requested it, but for a maximum of thirty days; handle)
(e) object to the processing of personal data;
(f) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to prevent a possible privacy incident (eg, damage to, loss of, or access to unauthorized files containing personal data). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
Our company has entered into a data processing contract for data processing tasks, in which data processors undertake to apply, in the event of further processing, the data protection and data processing guarantees that are required by the data processing contract.
II. SOME DATA MANAGEMENTS
1. DATA MANAGEMENT IN CONNECTION WITH ONLINE ACCOMMODATION
Our company offers the possibility to book accommodation online in order to book a room in our hotels in a fast, convenient and cost-free way.
Purpose of data management: to make the booking of accommodation easier, free of charge and more efficient.
Legal basis for data processing: Prior consent of the person lodging the accommodation [Article 6 (1) GDPR (a) of the GDPR], the need to take action at the request of the data subject prior to the conclusion of the contract between the Controller and the Data Controller [Article 6 (1) GDPR]. (b)].
The scope of personal data handled: address; last name and first name; address (country, zip code, city, street, house number); telephone number; e-mail address; in the case of a company, the company name and registered office, bank card number, SZÉP card details (ID, name on the card), representative, contact name, e-mail address and telephone number.
Period of data management: Two years after the last day of the reservation date of stay.
Data Processing Recruitment: Our company uses an IT service provider for your online accommodation system as follows.
The name of the data processor
NetHotelBooking Kft.
Knighthosting LLC
Headquarter
8200 Veszprém, Boksa tér 1/A
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Operation of the contracting module
Operation of the Website
By accepting this information, you expressly consent to the use of additional data processors by NetHotelBooking Ltd. to make the service more convenient and customized as follows:
The name of the data processor
The Rocket Science Group, LLC
Creative Management Kft.
Headquarter
675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308, USA
8200 Veszprém, Boksa tér 1. The int.
Description of the data processing task
Owner of Mandrill software integrated into the reservation system. This software is responsible for sending automated emails showing confirmations, notifications when booking, bidding and measuring satisfaction
performing server hosting tasks
Possible Consequences of Failure to Provide Information: The hotel cannot bid.
Rights of the data subject: the data subject (the person whose personal data is
processed by our company)
(a) request information on the processing of, and access to, personal data
relating to him or her;
(b) apply for their correction,
(c) request their cancellation,
(d) request, under the conditions of Article 18 of the GDPR, to restrict the
processing of your personal data (that is, not to delete or destroy your data until a court or authority has requested it, but for a maximum of thirty days; handle)
(e) object to the processing of personal data;
(f) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to prevent a possible privacy incident (eg, damage to, loss of, or access to unauthorized files containing personal data). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
Our company has entered into a data processing contract for data processing tasks, in which data processors undertake to apply, in the event of further processing, the data protection and data processing guarantees that are required by the data processing contract.
3. SERVICE, ACCOUNTING DATA MANAGEMENT
In order to fulfill the contract with our hotel guests, including payment of hotel service fees, our company manages the personal data of our guests. Purpose of data management: use of hotel services by the data subject, determination and billing.
Legal basis for data processing: need to execute a contract in which one of theparties is concerned [Article 6 (1) (b) of the GDPR] and
Article 69 (1) and (2) of Act C of 2000 on Accounting fulfillment of a legal obligation under the provisions of [GDPR Article 6 (1) (c)]
Personal data handled: surname and first name, place of birth, time, address, email address, telephone number, identity card number, vehicle license plate number, nationality, signature
Duration of data processing: 5 years from the date on which the data subject is provided with the personal data by the data subject (limitation period). In the case of an invoice, the period of data management shall be 8 years from the date of the submission of the personal data by the data subject to the preparation of the report, business report or accounting for the financial year.
Use of data processor: none.
Possible consequences of failure to provide information: The data subject will not be able to use our hotel services.
Rights of the data subject: the data subject (the person whose personal data is processed by our company)
(a) request information on the processing of, and access to, personal data
relating to him or her;
(b) apply for their correction,
(c) request their cancellation,
d) request, under the conditions of Article 18 of the GDPR, to restrict the
processing of your personal data (that is, not to delete or destroy your data until a court or authority has requested it, but for a maximum of thirty days; handle)
(e) object to the processing of personal data;
(f) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to avoid a possible privacy incident (eg, damage, loss, unauthorized access to personal data files). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
4. DATA MANAGEMENT ON GIFT CARD SHOPPING
Guests of our hotels can apply for a gift voucher on our company website. The details (in what name) and value of this gift voucher to be issued are determined by the applicant. Upon receipt of the gift voucher – at the amount stated therein – our hotel guests have the option to pay with this gift voucher at our hotels instead of the usual payment methods (cash, credit card / bank transfer). Purpose of data management: purchase of gift certificates
Legal basis for data processing: Prior consent of the person lodging the accommodation [Article 6 (1) (a) GDPR]
The personal data handled include: first name and first name; telephone number; email address, billing information (name, zip code, city, street, house number), mailing address (name, zip code, city, street, house number).
Duration of data management: until the gift certificate is successfully delivered. In the case of an invoice, the period of data management shall be 8 years from the date of the submission of the personal data by the data subject to the preparation of the report, business report or accounting for the financial year.
Data Processing Recruitment: Our company uses an IT service provider to operate your online gift voucher purchase system as follows.
The name of the data processor
Knighthosting LLC
Knighthosting LLC
Service4You Hospitality Kft.
Headquarter
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
H-1037 Budapest, Folyondár utca 9/B
Description of the data processing task
Operating an online gift voucher purchase module
Operation of the Website
Operation of the WebsiteGift certificate delivery
Possible consequences of failure to provide information: The person concerned cannot purchase a gift certificate.
Rights of the data subject: the data subject (the person whose personal data is processed by our company)
(a) request information on the processing of, and access to, personal data
relating to him or her;
(b) apply for their correction,
(c) request their cancellation,
d) request, under the conditions of Article 18 of the GDPR, to restrict the
processing of your personal data (that is, not to delete or destroy your data until a court or authority has requested it, but for a maximum of thirty days; handle)
(e) object to the processing of personal data;
(f) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to prevent a possible privacy incident (eg, damage to, loss of, or access to unauthorized files containing personal data). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
Our company has entered into a data processing contract for data processing
tasks, in which data processors undertake to apply, in the event of further
processing, the data protection and data processing guarantees that are required by the data processing contract.
5. DATA MANAGEMENT FOR SUBSCRIPTION TO NEWSLETTER
Newsletters inform subscribers of our offers, news and promotions. You can subscribe to our company newsletter either on https://service4you.hu/ or on our hotel website. By subscribing to this newsletter, you consent to be contacted for newsletters concerning our company and all our hotels. Subscribing to a newsletter is not a condition of any of our services beyond sending newsletters.
Purpose of data management: sending newsletter
Legal basis for processing the data: consent of the data subject [Article 6 (1) (a) GDPR].
The scope of personal data processed: first name and first name, email address
Duration of data management: Until you unsubscribe from the newsletter.
Use of a data processor:
For the online newsletter system, we will use the help of an IT service provider as follows.
The name of the data processor
Knighthosting LLC
Knighthosting LLC
Headquarter
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Storage and operation of a newsletter database
Operation of the Website
Possible Consequences of Failure to Provide Data: The data subject will not receive a newsletter from our company.
Rights of the data subject: the data subject (the person whose personal data is processed by our company)
(a) request information on the processing of, and access to, personal data
relating to him or her;
(b) apply for their correction,
(c) request their cancellation,
d) request, under the conditions of Article 18 of the GDPR, to restrict the
processing of your personal data (that is, not to delete or destroy your data until a court or authority has requested it, but for a maximum of thirty days; handle)
(e) object to the processing of personal data;
(f) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
You can unsubscribe from the newsletter at any time by sending an email to our company at info@service4you.hu or by clicking the unsubscribe icon in the newsletter. In this case, your personal newsletter sending information will be immediately removed from our database.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to avoid a possible privacy incident (eg, damage, loss, unauthorized access to personal data files). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
Our company has entered into a data processing contract for the data processing tasks, in which data processors undertake to apply the data protection and data management guarantees required by the data processing contract in case of additional data processing, therefore our company ensures the lawful processing of personal data.
6. PERSONAL DATA MANAGEMENT IN RESPECT OF SATISFACTION MEASUREMENT
Our goal is to provide our hotel guests with a high standard of service, so we are constantly asking for feedback from our guests during their stay at our hotel.
Purpose of data management: Requesting feedback from hoteliers to further develop and improve our hotel service.
Legal basis for the processing: Data controller’s legitimate interest [GDPR Article 6 (1) (f)], consent of the data subject [GDPR Article 6 (1) (a)].
Marking a legitimate interest: Our company has a legitimate interest in providing us with feedback to improve our services.
The range of personal data that we process: first and last name, gender, email address.
Period of data management: Two years after the last day of the reservation date
of stay.
Data Processing Recruitment: Our company uses an IT service provider for your online accommodation system as follows.
The name of the data processor
NetHotelBooking Kft.
Knighthosting LLC
Headquarter
8200 Veszprém, Boksa tér 1/A
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Operation of the Satisfaction Module
Operation of the Website
By accepting this information, you expressly consent to the Data Processor employing additional data processors to make the service more convenient, as follows:
The name of the data processor
The Rocket Science Group, LLC
Headquarter
675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308, USA/h4>
Description of the data processing task
Owner of Mandrill software integrated into the reservation system. This software is responsible for sending automated emails showing confirmations, notifications when booking, bidding and measuring satisfaction
Possible Consequences of Failure to Provide Data: The data subject will not receive a satisfaction questionnaire from our company.
Rights of the data subject: the data subject (the person whose personal data is processed by our company)
(g) request information on the processing of, and access to, personal data
relating to him or her;
(h) apply for their correction,
(i) have the right to request their cancellation,
j) request, under the conditions set forth in Article 18 of the GDPR, to restrict the processing of personal data (that is, not to delete or destroy the data until a court or authority has requested it, but for a maximum of thirty days; handle)
(k) object to the processing of personal data,
(l) exercise the right to data portability. Under the latter law, the data subject has the right to receive personal data in word or excel format and to forward such data to another data controller upon request.
Other Information on Data Management: Our company takes all necessary technical and organizational measures to prevent a possible privacy incident (eg, damage to, loss of, or access to unauthorized files containing personal data). In the event of an incident occurring, we will keep a record of the personal data involved, the scope and number of those affected, the date, circumstances, effects and measures taken to remedy the incident and to inform the data subject. other data specified in the law requiring data processing.
Our company has entered into a data processing contract for data processing tasks, in which data processors undertake to apply, in the event of further processing, the data protection and data processing guarantees that are required by the data processing contract.
7. COOKIE TREATMENT AND GOOGLE ANALYTICS
Data Manager uses Google Analytics to provide a small amount of data on a user’s computer, places a cookie and reads it back later. If the browser returns a previously saved cookie, the cookie management service provider may link the current visit of the user to the previous cookie, but only to its own content.
Purpose of data management: identification, tracking, differentiation of users, identification of the current session of users, storage of data provided during the session, prevention of data loss, web analytics measurements, personalized service.
Legal basis for processing the data: consent of the data subject [Article 6 (1) (a) GDPR].
The range of data to be handled: IP address, date, time, and the page you previously visited.
Duration of data management: maximum 90 days from the date of visit to the website
Data Processing Recruitment: Our company uses the following IT service providers as described below.
The name of the data processor
NetHotelBooking Kft.
Knighthosting LLC
Headquarter
8200 Veszprém, Boksa tér 1 / A
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Recording visitor data
Operation of the Website
Further information on data management: The user can delete a cookie from his or her computer or disable the use of cookies in his or her browser.
For more information about setting your cookie preferences within your browser, please see the following policies:
Internet Explorer
Firefox
Chrome
Safari
Learn more about Google Analytics at https://policies.google.com/privacy. Possible consequences of non-provision of data: impossibility of using the service as outlined in section II.1-6 above.
8. WEBSITE SERVER LOGING
When you visit our website, the web server automatically logs the user’s activity.
Purpose of data management: during the visit to the website the service provider records the visitor data in order to check the operation of the services and to prevent abuse.
Legal basis for the data management: Article 6.1 (f) of the GDPR
Marking of legitimate interest: Our company has a legitimate interest in the safe operation of the website.
The type of personal data handled: ID number, date, time, address of the page you visit.
Duration of data management: maximum 90 days from the date of visit to the website.
Data Processing Recruitment: Our company uses an IT service provider for server logging as follows.
The name of the data processor
NetHotelBooking Kft.
Knighthosting LLC
Headquarter
8200 Veszprém, Boksa tér 1 / A
12-45 River Rd Suite 354 | Fair Lawn, NJ, 07410
Description of the data processing task
Recording of visitor data and information necessary for the operation of the server
Operation of the Website
Further information: Our company does not combine data obtained from the analysis of logs with other information, nor does it attempt to identify the user’s identity. The addresses of the pages visited, as well as the date and time data alone are not suitable for identifying the data subject, but in combination with other data (eg provided during registration) they can be used to draw conclusions about the user.
Third Party Logging Data Management:
The html code of the portal contains links from an external server that are
independent of our company and point to an external server. The external service server is directly connected to the user’s computer. Please note that the providers of these links are able to collect user data (eg IP address, browser, operating system data, mouse cursor, page visited and date of visit) due to direct connection to their server, direct communication with the user’s browser.
An IP address is a series of numbers that uniquely identifies computers, mobile devices on the Internet.
IP addresses can be used to locate a visitor using a particular computer geographically. The addresses of the pages visited, as well as the date and time data alone are not suitable for identifying the data subject, but in combination with other data (eg provided during registration) they can be used to draw conclusions about the user
9. OTHER DATA MANAGEMENTS
Data handling not listed in this brochure will be provided at the time of data collection. We inform our clients that certain authorities, public authorities and courts may contact our company for personal information. Our company will provide such bodies with personal data only to the extent and to the extent necessary to fulfill the purpose of the request and provided that the request is provided for by law, provided that the specific purpose and scope of the data have been indicated to them.