I. Legal background, purpose of data protection and identity of the controller
In drafting these rules, the following provisions have particularly been taken into account: Act CXII of 2011 on the Right to Informational Self-Determination and Data Protection and Act VI of 1998 on the proclamation of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, signed in Strasbourg on 28 January 1981.
Details of the data controller:
www.hotelcastellosiklos.hu website operator (data controller):
The data is processed by the company's data controllers.
II. Definitions of terms relating to personal data
III. Principles of data management
IV. Additional guarantees to protect your data
Everyone has the right to
Personal data can only be processed
Limitation of data processing by the purpose of data collection:
Personal data may be processed only for specified purposes, for the exercise of rights and the performance of obligations. Data processing must comply with this objective at all stages.
Personal data may only be processed if it is necessary for the attainment of the purpose of processing the data, if it is adequate for the purpose, and is processed only to the extent and for the duration necessary for the purpose.
The data controller may send system messages to users in connection with the operation of the website or the provision of the service. By registering, the user consents to the processing of the data voluntarily provided by the data controller and to the use of the data in the processed form as defined by law in the course of its advertising activities.
The data controller or data processor must ensure the security of the data, and must take the technical and organisational measures and establish the procedural rules necessary to enforce the Data Protection Act and other data protection and confidentiality rules. In particular, the data must be protected against unauthorised access, alteration, disclosure or deletion, damage or destruction.
Siklósi Thermal Kft. undertakes to publish a clear and unambiguous notice (data protection statement) informing users of the method, purpose and principles of data collection before collecting, recording and processing any data of its users.
In addition, Siklósi Thermal Kft. draws the user's attention to the voluntary nature of the data provided. The data subject must be informed about the purposes of the processing and who will process the data. The Data controller and its data processor(s) are entitled to access the personal data in accordance with the applicable legislation.
Information on data processing is also provided by law by transferring or linking data from existing data processing.
In all cases where Siklósi Thermal Kft. intends to use the data provided for purposes other than those for which they were originally collected, it shall inform the user thereof and obtain his/her prior express consent or provide him/her with the opportunity to prohibit such use.
Siklósi Thermal Kft. shall in any case respect the limitations set out in the principles when collecting, recording and processing data, and shall inform the data subject of its activities by electronic mail, as requested. Siklósi Thermal Kft. undertakes not to impose any sanctions on any user who refuses to provide the optional data.
Siklósi Thermal Kft. undertakes to ensure the security of the data, to take technical and organisational measures and to establish procedural rules to ensure that the data collected, stored and processed are protected and to prevent their destruction, unauthorised use and unauthorised alteration.
Personal data and information which would enable identification means personal data relating to natural persons that can be used to identify someone personally, to contact someone for communication or to determine someone's physical location, including but not limited to: name, home address, postal address, telephone number, fax number, e-mail address. Anonymous information that is collected in a way that excludes personal identification and cannot be linked to a natural person is not considered personal data.
As a general principle, Siklósi Thermal Kft. states that in all cases where it requests personal data from its website visitors, they are free to decide whether or not to provide the requested information after reading and understanding the required information text. It should be noted, however, that if you do not provide personal data, you may not be able to use the service that requires you to provide personal data.
If we ask our users to register on the website of Siklósi Thermal Kft., we will always indicate which data we ask for are "mandatory", for what purpose and under what conditions. The term "mandatory" does not refer to the mandatory nature of the data collection, but to the fact that there are certain fields that must be filled in before the registration can be completed successfully, so that failure to fill in certain fields or filling them in incorrectly may lead to the rejection of the registration. Under no circumstances shall we disclose personal information provided by our visitors to third parties without the permission of visitor concerned.
If the authorized authorities request the provider to transfer personal data in the manner prescribed by law (e.g. on suspicion of a criminal offence, in an official data seizure order), Siklósi Thermal Kft. - in compliance with its legal obligation - will provide the information requested and available.
Where our users provide us with personal data, we take all necessary steps to ensure the security of that data - both during network communication (i.e. online processing) and during storage and retention (i.e. offline processing).
Siklósi Thermal Kft. ensures that guests can access, correct and complete their own personal data through the same communication channels and by providing the same facilities through which their personal data was previously made available to us. This is to ensure that our guests’ personal information is always up to date, accurate and timely. If any of our guests request that we delete their personal data from our own system, we will do so without delay. The duration of data processing is from registration to deletion of the data.
VI. Rules applied by Siklósi Thermal Kft. in the data collection
If our guests are required to fill in a registration form in order to use certain services, the information generated during registration is treated with the utmost care and confidentiality and is not accessible to unauthorised persons. We ask our guests to provide this information in order to provide the highest possible quality of service, to obtain statistical data about them or to ensure payment for paid services. They help us to develop our services according to the interests of our guests.
We will only use data that can be used to contact guests individually (such as e-mail addresses) for purposes approved in advance by the user and will not disclose them to third parties under any circumstances without the user's prior written consent, subject to the exceptions provided for by law.
We will only use the data for the purposes previously approved by the user and will not disclose it to third parties, except as required by law.
All users use public communication channels (such as forums) as part of our services at their own risk. The copyright of the various contributions belongs to the respective user, however, Siklósi Thermal Kft. has the right to quote and reproduce them without limitation. Comments may only be printed, downloaded or distributed by third parties for personal use and may only be used with the written consent of Siklósi Thermal Kft. Please note that different laws apply to comments on public communication channels and public communications. We handle the data that can be used to contact users of our communication services with the utmost care, in strict confidence, without any unauthorised access, and, apart from the exceptions provided for by law, we do not disclose them to third parties.
If our guests believe that we have violated their right to the protection of their personal data, they may bring their claim to court or seek the assistance of the National Authority for Data Protection and Data Protection (1125 Budapest, Szilágyi Erzsébet fasor 22/c, www.naih.hu). The court is acting out of turn in the case. The court has jurisdiction to hear the case. The action may also be brought, at the user's (data subject's) request, before the courts of the user's (data subject's) place of residence or domicile.
The detailed legal provisions on legal remedies and the obligations of the data controller are set out in Act CXII of 2011 on the Right to Informational Self-Determination and Data Protection.