Personal data protection
At Hotel Astoria Bled (hereinafter: “Astoria”) we respect your privacy and the safety of your personal data. We are aware of the responsibility of handling the personal data of our customers, potential customers, visitors to the Astoria website and all individuals who disclose their personal data to us in contact (hereinafter: “users”). We commit to use the personal data of users exclusively for the purposes stated below in this Privacy Policy. We protect your personal data carefully and in accordance with the General Data Protection Regulation (Directive (EU) 2016/679 of the EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) (hereinafter: GDPR) and other legislation regulating the personal data protection area.
Which personal data do we collect?
Based on individual consent, Astoria collects and processes the following personal data:
Astoria only collects the personal data that is strictly necessary to achieve a particular purpose.
Purposes of the processing of personal data
Astoria processes the data based on your consent with the purpose for which the consent was given. The data subject can at any point withdraw the given consent for each purpose separately in a simply and easily accessible way. Astoria uses the personal data for:
We use web tools such as Google Analytics, Facebook, and MailChimp, etc. to analyse data and send electronic messages, which ensure compliance with the rules of the General Data Protection Regulation (GDPR) in their General Conditions of Use and confirm that they have acquired EU-U.S. Privacy Shield Framework certification. We don’t use personal data in the Google Analytics tool, but only anonymous data and masked IP addresses. We also process personal data if we are required to do so by the law. An example of such processing is the processing of your personal data for the purposes of legal or administrative proceedings.
Data storage
We store the personal data you have entrusted us based on your personal and explicit consent and the data you have provided us when registering, subscribing to e-news, downloading e-publications or submitting a request until withdrawal. You can withdraw your consent to collect and process your personal information at any time. Withdrawal of consent does not affect the legality of data collection and processing prior to the withdrawal. We store all other personal data related to contractual cooperation in accordance with the applicable legislation. We store personal data in digital form. Our computer systems are protected by technical and organisational measures that prevent accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your personal data. The data we collect is stored on safe servers and kept until your withdrawal but no longer than the maximum storage period.
Your rights
We would be happy to inform you of your rights as a “subject” of the General Regulation (GDPR). According to the GDPR, you as a subject have the following rights concerning personal data protection, listed bellow:
You have the right to obtain confirmation as to whether or not Astoria is processing your personal data and where that is the case, access to the personal data and the following information:ž
Upon your request, Astoria will provide one free copy of your personal data undergoing processing. For any further copies requested you might request, Astoria will charge a reasonable fee based on administrative costs.
Right to rectification
You have the right to obtain from Astoria without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (‘right to be forgotten’)
You have the right to obtain from Astoria the erasure of personal data concerning you without undue delay and Astoria shall have the obligation to erase your personal data without undue delay where one of the following grounds apply:
Right to restriction of processing
You have the right to obtain from Astoria restriction of processing where one of the following applies:
Right to data portability
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance where:
Right to object and withdraw
On grounds relating to your particular situation, you have the right to at any time object to processing of your personal data if that is based on legitimate interests pursued by Astoria or a third party. Astoria will no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing If direct marketing is based on consent, the right to object can be exercised by withdrawing the given consent.
You can exercise any right under the General Data Protection Regulation in writing at any time. For the purposes of reliable identification should you choose to exercise your rights connected to personal data, Astoria may request additional data required to confirm your identity, and action in accordance with this section may be refused only if Astoria proves that you can not be reliably identified.
If your requests related to this chapter are manifestly unfounded or excessive, in particular because of their repetitive character, Astoria may:
You can send your requests to the email address marketing.astoria@vgs-bled.si or to Astoria Hotel Bled, Presernova 44, SI-4260 Bled.
Right to lodge a complaint in respect of the processing of personal data
You may send any complaints related to the processing of your personal data to the email address marketing.astoria@vgs-bled.si or to Astoria Hotel Bled, Presernova 44, SI-4260 Bled.
If you believe that the processing of your personal data violates Slovenian or EU regulations in the field of personal data protection, you also have the right to lodge a complaint directly with the information commissioner. The Personal data protection policy can be changed or amended at any time.