samayaapartments.cz

Privacy Policy

Samaya Lotus

Privacy Policy

Samaya Apartments – Litoměřice & Vrchlabí · Last update: 1 Dec 2025


Key information

Operator:

David Kaufman, ID No. 01390759

Email:

info@samayaapartments.cz

Accommodation units:

Samaya Apartment Litoměřice, Marie Pomocné 743/40, Litoměřice
Samaya Apartment Vrchlabí (upon completion)

Contents

1. Introductory provisions
2. Data controller
3. Scope of personal data processed
4. Purposes of processing
5. Processors and recipients
6. Retention period
7. Data subjects' rights
8. Personal data security
9. CCTV systems
10. Automated decisions and profiling
11. Transfers to third countries
12. How to submit a request
13. Final provisions

1. Introductory provisions

This document provides information about the method, scope and purpose of processing personal data
of guests accommodated within Samaya Apartments, specifically:

  • Samaya Apartment Litoměřice, Marie Pomocné 743/40, Litoměřice
  • Samaya Apartment Vrchlabí (upon completion)

Personal data are processed in accordance with Regulation (EU) 2016/679 (GDPR), Act No. 110/2019 Coll.
on the processing of personal data and Act No. 565/1990 Coll. on local fees.

2. Data controller

Controller: David Kaufman

Nepomuckých 749/17
199 00 Prague 9
ID No.: 01390759
Email: info@samayaapartments.cz

The controller is responsible for lawful and secure processing of personal data.

3. Scope of personal data processed

When providing accommodation, we process the following data:

a) Data for concluding and performing the accommodation contract

  • first and last name
  • email and phone number
  • address
  • booking details (dates, number of guests, price)
  • payment information
  • guest preferences related to the stay

b) Data for the guest register and reporting foreigners

In accordance with Act No. 326/1999 Coll., Sections 102–104:

  • first and last name
  • date of birth
  • nationality
  • ID document / passport number
  • address abroad (for foreigners)
  • purpose and duration of stay

c) Data generated during the stay

  • communication with the guest
  • digital key logs (TTLock) – time logs of door unlocks only, no location data

d) Marketing data (only with consent)

  • email address for newsletters
  • guest survey responses

4. Purposes of processing

We process personal data for the following purposes:

  • Performance of the accommodation contract – communication with the guest, booking confirmation, check-in, check-out.
  • Compliance with legal obligations – guest register, mandatory reporting of foreigners to the Police of the Czech Republic, accounting and tax documentation.
  • Legitimate interest of the controller – protection of property, service improvement, complaint/incident handling, prevention of damage and fraud.
  • Marketing – only on the basis of the guest’s explicit consent.

5. Processors and recipients

Personal data may be shared only with trusted contractual partners:

Category Entity
Booking platforms Booking.com, Airbnb
Check-in system Chekin (automated check-in and foreigner reporting)
Digital locks TTLock (time logs of unlock events)
Accounting external accountant / tax advisor
Cleaning services contract cleaning company (reservation name only)
Public authorities Police of the Czech Republic, municipal office (local fees)

Data are always shared only to the extent necessary for the given purpose.

6. Retention period

  • Accounting records: 10 years (as required by law)
  • Guest register: 6 years
  • Booking data: 3 years after the stay ends
  • TTLock logs: max. 90 days
  • Marketing: until consent is withdrawn
  • Email communication: max. 3 years

After the retention periods expire, data are securely deleted.

7. Data subjects' rights

The guest has the right to:

  • access their personal data
  • rectification of inaccurate data
  • erasure (where data are not required for legal purposes)
  • restriction of processing
  • object (for marketing)
  • data portability
  • withdraw consent at any time
  • lodge a complaint with the Office for Personal Data Protection

OPDP contact: www.uoou.cz.

8. Personal data security

The controller has implemented measures appropriate to the level of risk:

  • encrypted data transfers
  • secure data storage
  • access limited to authorized persons only
  • regular security updates
  • access logging
  • two-factor authentication for services

9. CCTV systems

No CCTV system monitoring indoor areas is installed in Samaya Apartments.
If cameras are installed in the future, this document will be updated.

10. Automated decisions and profiling

Personal data are not used for profiling and no automated decision-making takes place
that would have legal or similarly significant effects on the guest.

11. Transfers to third countries

Personal data may be transferred to the USA through the following services:

  • Booking.com
  • Airbnb
  • Chekin
  • TTLock

Always in accordance with GDPR and Standard Contractual Clauses (SCC).

12. How to submit a request

Requests can be submitted by email: info@samayaapartments.cz

The controller will respond within 30 days.

13. Final provisions

This Privacy Policy may be updated in the event of changes in processes, legislation or technologies used.
The current version is always available on the Samaya Apartments website.


Back to Samaya