This Privacy and Cookies Policy at www.villabaltica.com hereinafter referred to as "Website"
defines the processing rules and personal data protection, and using cookie files and other
technologies (Google Analitycs, Facebook Pixel) due to website and website booking system usage
1. Administrator – KFT Sp. z o.o., ul. Emilii Plater 1, 81-777 Sopot, KRS (National Court
Register): 0000161128, NIP (tax identification number): 6792777947 provides hotel
services at Villa Baltica Hotel, ul. Emilii Plater 1, 81-777 Sopot, email@example.com ,
+48 58 5552800
2. Website – server available at www.villabaltica.com
3. Reservation system – hotel reservation system available at www.villabaltica.com/vb/
4. User – every entity, who browses the content of the Website
5. GDPR (General Data Protection Regulation) – Regulation (UE) 2016/679 of the
European Parliament and the Council of 27 April 2016 on the protection of natural persons
with regard to the processing of personal data and on the free movement of such data, and
repealing Directive 95/46/WE
1. Administrator within the meaning of GDPR is the administrator of the personal data of the
2. User can provide its personal data to Administrator using forms available on website,
specifically reservation form.
3. The legal basis of the Users' personal data processing is voluntary, clear, aware and
unambiguous consent of the User given using the form on the website.
4. Personal data may be processed as well, when the Administrator is authorised to personal
data processing on the basis of legislation or in order to implementation of the concluded
5. Personal data provided to Administrator by the User through the reservation form are
processing in order to implement short-term lease agreement concluded at a distance
through reservation system. Providing personal data by the User is willingly but necessary
the User can conclude the agreement with the Administrator. Personal data will be
processing until the agreement and statutory obligations of the Administrator are pursued.
6. Personal data provided to Administrator by the User within electronic correspondence is
processed in order to reply for sent enquiry. Providing personal data by the User is willingly
but necessary the User will get reply. Personal data will be processing for one year from the
7. Administrator may share personal data with entities, that mediate in implementing purposes
indicated in the previous points (eg. companies providing hosting services, providing
reservation systems, delivery companies).
8. Administrator ensures confidentiality of any received personal data.
9. Personal data is gathered with a proper diligence and properly protected from access of the
unauthorized person, and its processing is held on conditions particularly specified in:
a. Regulation (UE) 2016/679 of the European Parliament and the Council of 27 April 2016 on the
protection of natural persons with regard to the processing of personal data and on the free
movement of such data, and repealing Directive 95/46/W
b. The Personal Data Protection Act of 10 May, 2018.
c. Act of 18 July, 2002 on Providing Services by Electronic Means.
1. Rights are owed to the User which are defined in legal Acts (see §2 paragraph 9.):
a. right to data access;
b. right to data correction;
c. right to data processing limitation;
d. right to objection regarding data processing;
e. right to data removal (so-called right for being forgotten);
f. right to data shuffle;
g. right to submit complaint to supervisory authority with regard to personal data
processing by Administrator.
2. User has right to revocation his permission any time, if the User gave that permission
3. In order to rights implementation the User should direct appropriate clamor at
1. During the User uses the Website User's data is automatically collected: IP address, server
login date and time, information of the used website browser and operation system. Data
may be gathered by cookie files, and also may be saved in the server logs.
2. Data gathered in the server logs are not mergeable in any way with the particular entities,
who is using Website, and not used by the Administrator in order to identify the User. Server
logs are made for Website administration, and its content is not divulgated anyone besides
person authorized to administer the server.
3. Cookie files are files sent to the computer or another User's device (laptop, smartphone,
tablet) during browsing the Website. Cookies memorise User's preferences, what makes
possible to enhance quality of the provided services, improve search results and displayed
information accuracy, and track preferences of the User.
4. User may resign using cookies by choosing proper settings of the website browser. In that
case browsing the website can be hindered.
5. The consent to store and access cookies by Administrator on its device is given by the User
by means of browser settings installed on the User's device.
6. User may remove existing cookie files from the device by using proper functions of the
website browser, proper programs for ths purposes or by using proper tools available in the
Data use purpose
Data provided by the User or gathered automatically Administrator uses for:
a. Implementation of the agreement;
b. Proper functioning, configuration, Website safety;
c. Monitoring the state of the session;
d. Analysis, research and audit of the Website displaying;
e. Statistical purposes and marketing.
1. This document may be changed due to internet technology development, changes of law of
the personal data security, and development of our Website. Any changes shall be
communicated to Users immediately in apparent and understandable way.
August 27, 2018