This document sets out the rules for the processing of personal data within the scope of the Guestbuddy application.
What personal data is collected by our Application and how can it be used?
Our Application uses personal data only to the extent necessary to provide services at the highest level.
As part of the provision of our services, we process personal data that we receive from the entity with which you have a contract for accommodation. This is the only way we receive your personal data. It is this entity that is the Controller of your personal data and their transmission to us is connected with an assurance of the Controller that it has a legal basis for the processing, that is, your consent or processing is based on the Controller’s legitimate interest.
We may process personal data such as name and surname, address, e-mail address, telephone number, nationality, date of birth, gender, as well as other data that you place in the Application, such as your image.
None of the information listed above will be given to third parties for purposes other than those necessary for the proper functioning of the Application. Whenever it is necessary to transfer the data to a third party, the basis for the transfer of the data will be the guarantee of confidentiality of the data by the third party.
We may transfer this data to countries outside the European Economic Area only if we have an agreement with a service provider based outside the European Economic Area and the transfer of the data is necessary for the proper functioning of the Application. In any such case, we check whether the third country ensures an adequate level of protection of personal data.
Our application is equipped with security measures to protect the data under our control against loss, misuse or modification. We are committed to protect any information disclosed to us by you or your data controller in accordance with security and confidentiality standards. Access rights to your personal data have been restricted in a restrictive way so that the information is not held by unauthorized persons. Only a limited number of authorized persons have access to your data, in accordance with the regulations on the protection of personal data of natural persons.
Rights of natural persons whose personal data are processed
We would like to inform you that in any case you have the right to request: access to your personal data, rectification, deletion, restriction of processing or object to their processing or you may lodge a complaint with the supervisory authority. You may also request the transfer of your personal data to another entity.
You can also withdraw your consent to the processing of your personal data at any time.
Withdrawal of consent shall not affect the lawfulness of any processing based on consent prior to its withdrawal.
In order to exercise your rights, you may submit a written request to the Controller or to us at the following e-mail address: [email protected]. If you send your request directly to us, we will also send your request to your data Controller.
We store your personal data for as long as it is necessary so that we can provide a service to you as well as to your data Controller. This is usually the length of the contract that connects you with the data Controller. The data may be processed only until the expiry of the time in which possible claims of the parties concerning the provided services may occur.
If you have additional questions about this privacy statement, our practices or want to exercise your rights, please contact us at: [email protected].