Personal data protection
Informational duty of the Operator

THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of
personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data
Protection Regulation)

Information System Administrator:

GREVI, s.r.o.
Družstevná 23/655
039 01 Turčianske Teplice
IČO: 36406511 DIČ: 2021673511

Responsible Person:

Lenka Hrušková

+421 948 920 622


1. Purpose of personal data processing: marketing a accommodation reservation

2. List of processed personal data: 

  1. Name and Surname
  2. e-mail address and residential address
  3. telephone number

3. All personal data given to this site are stored on a secure server. All authorized persons will make their maximum effort to ensure all given personal data are fully protected.

4. Personal data/identification of visitors: Personal data of the visiting persons are acquired using this website.

5. Notice regarding the compulsory or voluntary consent to gather required personal data and period of validity of the given consent: the visiting person provides the data for
the Information system voluntarily based on the pre-treaty relations as these are inevitably required to arrange the accommodation.

6. Processing personal data for marketing purposes: The site operator will process the given personal data for marketing purposes and will use the given e-mail address to deliver
relevant accommodation information.

7. Form of data publication: Personal data will not be published in any way.

8. Regarding third party countries where it is obvious or reasonable to assume that the personal data will be transferred to these countries: Personal data transfer to any third party country or European Union country does not occur in any form.

9. Visiting person’s legal advice: The site operator promises to ensure that the given personal data will be processed in accordance to the present laws of Slovak Republic.

Site operator has committed to ensure appropriate technical, organizational, personal and security measures and guarantees in accordance to article 24 of the GDPR directive and § 31 of the Law, especially the following:

  • personal data are processed based on principles of lawfulness, justice and transparency, as well as integrity, confidentiality and availability, reduced to the absolute required minimum and pseudonimised and encrypted where possible
  • principles of essentiality and appropriateness (i.e. the extent and amount of processed personal data, the time period during which it is stored and accessible) of personal data processing with regards to their purpose
  • the nature, extent, context and purpose of personal data processing
  • robustness and recoverability of the processed personal data
  • measures in place to immediately find if personal data protection has been violated and promptly inform the supervisory body and the Responsible Person
  • measures in place to ensure wrong data are either corrected or erased and also ability to assert other legal rights of the natural person
  • different possible risks regarding the legal rights and liberty of natural persons (especially accidental or illegal damage, loss, modification or abuse of the personal data – i.e. unauthorized access or disclosure, risk assessment regarding the origin, nature, probability and severity of the risk in relation to the data processing and identification of best practices to mitigate the risks).

Personal data processing purpose and period of storage notice

One of the main personal data processing policies is the limitation of purpose. Personal data can only be acquired for an exactly specified, explicitly mentioned and justified purpose
according to this policy and cannot be further processed in a way violating the purpose.

Personal data processing must closely follow the purpose, especially in cases involving the list or amount of the processed data necessary to achieve the purpose. It is incorrect to
unnecessarily extend or later add to the list or amount of data in regards to the purpose. If the list or amount of data is determined by the law it is imperative to respect it. If the list or
amount of personal data is determined by the operator it must be kept to an absolute minimum required for the purpose and not to be unnecessarily extended.

The personal data protection law obliges the operator to give the involved person information stating the purpose of their personal data being collected even in case when the personal data are not directly collected from the involved person. It is necessary to give this information to the involved person no later than in the moment of the personal data collection or enough time in advance, clear and understandable and in such a way that ensures the person is able to acknowledge and understand it.

The archival period of the personal data is dictated by a corresponding law in association with the given document in conformity with the registration record. In case you are interested in the exact archiving period of a particular document please do not hesitate to contact us.

Cookie files

Cookies are small text files stored on your personal PC or mobile device (tablet or cellphone) when you visit a web site. These files are stored in a folder specified by your web browser.
They consist of the name of their web site of origin, validity and a small content (usually in a form of numbers and letters). During the next visit of the same web site your browser send the information stored in the cookie files back to the site that created them.

Based on this information the web site knows that you have previously visited there and uses it to make it easier to navigate the site e.g. by remembering the login data so you don’t have to log in again when you visit the web site next time. The cookie files can be temporary or permanent. The temporary cookies are only kept until you close the web browser while the permanent ones stay stored in your device until their validity expires (in terms of days, weeks or even months) or until you delete them manually.

Why do we use cookies?

We use cookies to make it easier for you to navigate and use our web site. We use our own as well as third party cookies e.g. from Google or Facebook.

Basic and service cookies. Operator.

Operator uses these cookies to remember your login data on our as well as other affiliated web sites so that you are not asked to fill in the login data every time you visit them. If you disable these cookies you will not be able to log in to your account, add content or write discussion comments because it will be technically impossible without them.

Third party cookies

The Operator uses third party cookies e.g. visit rate tools from Google Analytics. For these services to work the Operator reads the third party codes that might require the storage of cookies to ensure its proper functionality. This leads to accepting these third party cookies. The Operator of CHATEAUDIVA.SK web site is no influence on these third party cookies being stored. If you wish to learn more about the third party cookies please visit the respective service’s web site and read their privacy policy or service terms of use.

Maintaining the cookies in my browser

Open the Settings of your respective web browser (Mozilla Firefox, Google Chrome, Internet Explorer, Safari or Internet Explorer) and locate the Privacy settings area regarding cookies. Here you can find what cookies you have in your device, manage and delete them as you wish. For more detailed information about cookie management please refer to your web browser help section or visit their web site.

Can I disable/block cookies from being stored on my device?

You can configure your browser to automatically reject the cookies. Again we recommend you to refer to your web browser help section or visit their web site if you are unfamiliar with the process. If you use more devices like PC, tablet or cell phone we advise to customize your cookie preferences for each one of them according to your preference.

The Operator respects your decision about not accepting the cookies in your web browser. However disabling cookies might have a negative impact on your experience when you visit our web site.

Content inserted from other web sites

Articles on this web site may have inserted content (videos, pictures, articles etc.). Inserted content from other web sites behaves the same way as if you visited the other web site itself. These sites may gather your personal data, use cookies, insert third party tracking elements and monitor your interaction with the inserted content if you have a user account on that particular web site and you are logged in.

Justified marketing interest notice:

Our company asserts justified interest in the personal data processing in consideration of the interests, basic rights and liberties of the involved persons and their appropriate expectations. This applies to the marketing information system – sending newsletters.

We mainly process the contact data such as the e-mail and phone number. The Operator’s justified interest in the personal data is to inform the client about changes and news in our company. The Operator considers such personal data processing as necessary since it is vital for informing the clients about important details such as schedule changes or other business-related information.

The Operator after careful consideration came to a conclusion that the basic legal rights and liberties of the involved persons do not overrule the justified interest of the Operator. We fulfill all legal requirements dictated by the EU and Slovak Republic as well as employ all technical and organizational measures including careful examination of the proportionality of justified interest versus basic natural rights and liberties of the involved persons.

The above statement implies that the Operator processes the personal data for reasons proportional to the involved persons’ legal rights.

Involved person’s legal rights:

  1. right to access to the personal data concerning the person
  2. right to adjust incorrect personal data concerning the person
  3. right to erase personal data concerning the person
  4. right to limit the extent of personal data processing
  5. right to object against processing the personal data concerning the person
  6. right to transfer the personal data
  7. right to recall the already given consent for personal data processing at any time
  8. right to file a complaint with the supervisory body

The rights stated above are granted to the involved person according to articles 15 to 21 and article 77 of the Directive. The involved person can exercise their right verbally, in written or electronic form using the contact details given above. If the person asks to be informed verbally the request will be granted after verifying the person’s identity.