Privacy Policy

Dear Guests, Visitors, Clients, Business Partners,

your personal data is processed within the services provided by IC HOTELS a.s. (hereinafter referred to as "the Company").

We would like to inform you with regard to the processing of your personal data by our company in connection with the new Regulation (EU) 2016/679 of the European Parliament and of the Council from 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and on repealing Directive 95/46/EC of the General Regulation on personal data protection (hereinafter referred to as "the Regulation")

This document describes how the company acquires, uses and processes the personal data that has been provided to it. Here, you can also find here information regarding means of contacting the Company if you should have any queries concerning your personal data.

Personal Data

Within the meaning of the Regulation, personal data means any information on an identified or identifiable person (hereinafter referred to as the "data subject"); an identifiable person is an individual that can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific elements of physical, physiological, genetic, mental, economic, cultural or social identity of this person.

Privacy Data Manager

Your personal data manager is IC HOTELS a.s., Business ID No.: 267 45 445, registered in Malletova 1141, 190 00 Prague 9, the company is registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, File 8045. The manager operates in these premises: THE STEP WELLNESS HOTEL, THE BRIDGE HOTEL, THE STEP SPORTCENTRUM and the Multifunctional House.

The personal data we collect 

The Company collects your personal data for all Company-related business activities. Primarily, these are contact data and booking, residence or visit data. Furthermore, this is personal data collected for agreement purposes, etc.

Methods of personal data provision 

  1. You provide personal data to the Company in the following ways:
  2. Reservation of services through reservation portals.
  3. Reservation of services through reservation form on http: //www.wellness-hotelstep.cz/ and http://www.golfstep.cz/.
  4. Communication with individual company employees.
  5. Filling in the accommodation card.
  6. By entering the room monitored by the camera system.

Purposes of personal data processing

Your personal data is processed for the purpose of concluding an agreement, managing an agreement or negotiating an agreement. Furthermore, if you are a guest staying at the hotel, your personal data is processed by the Company pursuant to Act No. 565/1990 Coll., On Local Fees, as amended, and Act No. 326/1999 Coll., On the Residence of Foreigners, as amended, Act No. 235/2004 Coll., on Value Added Tax, Act No. 235/2004 Coll., on Certain Information Society Services No. 480/2004 Coll.

In the case of using exchange offices, the Company processes personal data pursuant to Act No. 253/2008 Coll., On Certain Measures against the Legalisation of Proceeds from Crime and on Financing Terrorism.

Personal data is also processed by the Company on the basis of legitimate interest. The Company's legitimate interest is mainly in asset protection, health protection and customer information regarding the services it offers.

Period of personal data retention

The Company only keeps your personal data for as long as necessary and we archive it according to the statutory deadlines imposed by the law regulations. Personal data is processed for the duration of a contractual relationship or other legal title that allows it to process your personal data. After loss of legitimate reason, it deletes relevant personal data. Personal data that is processed with your consent is only retained for the duration of the purpose for which consent was granted.

Business statements

From business communications sent by IC HOTELS a.s. it is always clear that the company is their sender. Business statements are sent either to customer contacts based on a legitimate interest, only until you disagree, or by express consent to personal data processing for marketing and business purposes. Commercial statements also include the contact for refusing to send these messages.

Providing personal data to third parties

IC HOTELS a.s. may only provide personal data to third parties with your consent. Without your consent, IC HOTELS a.s. only provides your personal data if it is necessary to fulfil obligations arising out of the applicable legislation for the company, or if it is necessary to fulfil obligations of agreements, orders, reservations etc. Your personal data may be processed by the Company’s external personnel. The entities that cooperate with us are carefully selected on the basis of safeguards to ensure the technical and organisational protection of transmitted personal data. Personal data processing for IC HOTELS a.s. can only be carried out by processors, solely on the basis of an agreement for personal data processing.

Transfer of personal data to developed countries

IC HOTELS a.s. do not transmit any personal data to developed countries.

Your rights

The aforementioned Regulation grants you rights in connection with the personal data processing.

  • Right of access to personal data

The right to request access to personal data and related information relating to the entities of the data.

  • Right to correct

The right to request the correction of inaccurate personal data or the right to supplement them.

  • Right to delete

Subject to certain conditions set forth in the Regulation, the right to delete personal data related to the data entities.

  • Right to limit processing
  • Right to transfer

The right to request the personal data transfer to another administrator.

All rights can be exercised through the contacts listed below.

  • The right to object

You may object at any time to personal data processing relating to you to the Personal Data Protection

Office located at Pplk. Sochora 27, 170 00 Prague 7, telephone.: 234 665 111, website www.uoou.cz.

Contact information

If you have any questions regarding this Notice or the way IC HOTELS a.s. process your personal data, please contact us by e-mail at GDPR@ichotels.cz or by mail at Malletova 1141, 190 00 Prague 9.

Personal Data Security

The Company uses the appropriate security procedures to protect personal data. It uses technical and physical limitations for access to personal data. Only trained personnel work with personal data.

Personal Data Protection Officer 

The Company has appointed a Data Protection Officer (hereinafter referred to as "the Officer") to improve personal data protection. The Officer can be contacted at the above-mentioned address or at the GDPR@ichotels.cz e-mail address.

These policies will become valid and effective on 25.5.2018.