{"id":3867,"date":"2024-03-17T13:07:31","date_gmt":"2024-03-17T12:07:31","guid":{"rendered":"https:\/\/www.maximus-resort.cz\/gdpr\/"},"modified":"2025-08-27T09:17:41","modified_gmt":"2025-08-27T07:17:41","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/www.maximus-resort.cz\/en\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<p>The company Maximus Resort, a.s., ID No.: 269\u00a065\u00a0437, with its registered office at Hr\u00e1zn\u00ed 327\/4a, Kn\u00edni\u010dky, 635\u00a000 Brno, registered in the Commercial Register maintained by the Regional Court in Brno, Section B, Insert 4332 (hereinafter referred to as the \u201c<strong>Controller<\/strong>\u201d), as the controller of personal data, hereby informs about the processing of personal data carried out in connection with the operation of the Maximus Resort website available at\u00a0<a href=\"https:\/\/www.maximus-resort.cz\/\">www.maximus-resort.cz<\/a>\u00a0(hereinafter referred to as the \u201c<strong>Website<\/strong>\u201d), the conclusion of service contracts with the Controller\u2019s clients (hereinafter referred to as the \u201c<strong>Client<\/strong>\u201d and the \u201c<strong>Service Agreement<\/strong>\u201d) and the conclusion of purchase agreements via the Website with individuals expressing interest in such contracts (hereinafter referred to as the \u201c<strong>Buyer<\/strong>\u201d and the \u201c<strong>Purchase Agreement<\/strong>\u201d). This document also includes information about the rights of data subjects in relation to the above-mentioned processing.<\/p>\n<p>For any questions regarding privacy and the exercise of your rights, please use the following contact:<\/p>\n<ul>\n<li>Email: recepce@maximus-resort.cz<\/li>\n<\/ul>\n<h3>1. For what purposes, on what legal grounds, and what personal data do we process?<\/h3>\n<p><strong>1.1 Conclusion and performance of the Service Agreement<\/strong><\/p>\n<p>To conclude and perform a\u00a0Service Agreement with the Client, the Controller needs the following personal data of the Client \u2013 a\u00a0natural person:<\/p>\n<ul>\n<li>Identification data (name, surname, date of birth, company ID, VAT number, registered address)<\/li>\n<li>Contact data (email, phone number, delivery and billing address)<\/li>\n<li>Payment details<\/li>\n<li>Information from communication with the Client and about the conclusion and performance of the Service Agreement<\/li>\n<\/ul>\n<p>Without the above data, it is not possible to conclude or fulfill the Service Agreement. The legal ground for processing is the performance of a\u00a0contract at the request of the Client.<\/p>\n<p><strong>1.2 Conclusion and performance of the Purchase Agreement<\/strong><\/p>\n<p>To conclude and perform a\u00a0Purchase Agreement with the Buyer, the Controller needs the following personal data of the Buyer \u2013 a\u00a0natural person:<\/p>\n<ul>\n<li>Identification data (name, surname, date of birth, company ID, VAT number, registered address)<\/li>\n<li>Contact data (email, phone number, delivery and billing address)<\/li>\n<li>Payment details<\/li>\n<li>Information from communication with the Buyer and about the conclusion and performance of the Purchase Agreement<\/li>\n<\/ul>\n<p>Without the above data, it is not possible to conclude or fulfill the Purchase Agreement. The legal ground for processing is the performance of a\u00a0contract.<\/p>\n<p><strong>1.3 Compliance with legal obligations<\/strong><\/p>\n<p>The Controller must process personal data when required by legal regulations. This includes data required for accounting, tax obligations, and compliance with laws such as:<\/p>\n<ul>\n<li>Act No. 565\/1990 Coll., on local fees<\/li>\n<li>Act No. 326\/1999 Coll., on the residence of foreigners in the Czech Republic (or applicable updated law)<\/li>\n<li>Act on Archives<\/li>\n<\/ul>\n<p><strong>1.4 Legitimate interests of the Controller<\/strong><\/p>\n<p>In justified cases, the Controller may process data based on legitimate interest. The Controller always assesses that such processing does not unduly infringe on privacy<\/p>\n<p><strong>Hotel surveillance:<\/strong>\u00a0Public areas (including parking) are monitored by a\u00a0CCTV system with recording. Processing is based on the Controller\u2019s legitimate interest in protecting property, life, and health. No biometric data is processed. Audio recording is also included. Recordings are continuous.<\/p>\n<p><strong>Identification of persons acting on behalf of Clients or Buyers (legal entities):<\/strong>\u00a0This includes names, contact details, job positions, and communication records, used for contract purposes and rights enforcement.<\/p>\n<p><strong>Proof of agreement acceptance:<\/strong>\u00a0Data proving online agreement to terms and conditions (e.g., time stamps) are stored to resolve potential future disputes.<\/p>\n<p><strong>Defense and enforcement of legal claims:<\/strong>\u00a0Data may be used in court or during official inspections to prove lawful conduct. Typically includes identification, contact data, contracts, and communication records.<\/p>\n<p><strong>1.5 Sending marketing communications<\/strong><\/p>\n<p>For Clients and Buyers (after contract conclusion) or persons subscribing to newsletters, we process contact details (email, phone) for sending marketing messages.<\/p>\n<ul>\n<li>Legal ground: Legitimate interest (in case of clients)<\/li>\n<li>Consent: Required for non-clients who subscribed voluntarily<\/li>\n<\/ul>\n<p>You can unsubscribe at any time via the link in each message or by contacting us directly.<\/p>\n<h3>2. From whom do we obtain personal data and to whom do we transfer them?<\/h3>\n<p>We primarily collect data directly from data subjects. You are required to provide accurate data and keep it updated.<\/p>\n<p>We may transfer data to public authorities when required by law.<\/p>\n<p><strong>CCTV recordings<\/strong>\u00a0may be copied and handed over to authorities (e.g., police) in case of incidents or upon legal request.<\/p>\n<p>We use processors, e.g., IT system providers and accountants. A\u00a0detailed list is available upon request.<\/p>\n<p>Some data may be shared with independent controllers (e.g., payment gateway providers). No data is transferred outside the EU unless otherwise stated.<\/p>\n<h3>3. How do we process personal data?<\/h3>\n<p>We process data mainly electronically using automated tools in our systems or those of our processors. Some manual processing may occur.<\/p>\n<p><strong>CCTV:<\/strong>\u00a0Data is collected automatically, evaluation is manual.<\/p>\n<p>Only authorized personnel (bound by confidentiality) can access data.<\/p>\n<p>We ensure compliance with legal regulations and protect your rights and dignity.<\/p>\n<h3>4. How long do we process personal data?<\/h3>\n<p><strong>4.1 Contracts<\/strong><\/p>\n<p>We process data for the duration of the contract and then:<\/p>\n<p><strong>4.2 Legal obligations<\/strong><\/p>\n<p>Data required by law (e.g., accounting, tax) are stored:<\/p>\n<ul>\n<li>5 years after the accounting period (general)<\/li>\n<li>10 years for VAT-related records<\/li>\n<li>In compliance with archival laws<\/li>\n<\/ul>\n<p>Data on foreign guests: 6 years after last record<\/p>\n<p>Local fees: 6 years after last record<\/p>\n<p><strong>4.3 Legitimate interests<\/strong><\/p>\n<p>For defense of legal claims, data may be kept for up to 5 years after contract end or longer if litigation occurs.<\/p>\n<p><strong>CCTV:<\/strong>\u00a0Recordings are stored for 48 hours unless an incident requires extended retention.<\/p>\n<p><strong>4.4 Marketing<\/strong><\/p>\n<p>Until you unsubscribe from marketing communications.<\/p>\n<p><strong>4.5 Longer processing<\/strong><\/p>\n<p>Data may be kept longer if needed for legal proceedings or inspections.<\/p>\n<h3>5. Your rights<\/h3>\n<p>You have the right to request:<\/p>\n<ul>\n<li>Access to your data<\/li>\n<li>Correction or deletion<\/li>\n<li>Processing restriction<\/li>\n<li>Data portability<\/li>\n<li>Objection to processing<\/li>\n<li>Withdrawal of consent (where applicable)<\/li>\n<\/ul>\n<p>You can contact us at any time via the email provided above.<\/p>\n<p>You also have the right to lodge a\u00a0complaint with the Czech Data Protection Authority.<\/p>\n<h3>6. How do we protect your data?<\/h3>\n<p>We apply security measures including:<\/p>\n<ul>\n<li>Internal policies<\/li>\n<li>Antivirus protection<\/li>\n<li>Firewalls<\/li>\n<li>Encryption<\/li>\n<li>Access control and authorization<\/li>\n<li>Backups<\/li>\n<li>Physical security measures<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The company Maximus Resort, a.s., ID No.: 269\u00a065\u00a0437, with its registered office at Hr\u00e1zn\u00ed 327\/4a, Kn\u00edni\u010dky, 635\u00a000 Brno, registered in the Commercial Register maintained by the Regional Court in Brno, Section B, Insert 4332 (hereinafter referred to as the \u201cController\u201d), as the controller of personal data, hereby informs about the processing of personal data carried [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":107,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-3867","page","type-page","status-publish","hentry"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/pages\/3867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/comments?post=3867"}],"version-history":[{"count":1,"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/pages\/3867\/revisions"}],"predecessor-version":[{"id":3868,"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/pages\/3867\/revisions\/3868"}],"wp:attachment":[{"href":"https:\/\/www.maximus-resort.cz\/en\/wp-json\/wp\/v2\/media?parent=3867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}