1. Introduction
At ChillNestHotel, your privacy matters deeply to us. This Privacy Policy outlines how we collect, use, protect, and disclose your personal data when you visit or use our website, make a reservation, subscribe to our communications, or interact with us through any digital means.
We are fully committed to complying with the EU General Data Protection Regulation (GDPR), Polish data protection law, and applicable international standards on privacy and data security.
2. Data We Collect
We collect and process the following types of personal information:
Identity & Contact Details: Name, phone number, email address, country of residence.
Reservation Information: Check-in/out dates, room preferences, payment details (processed via secure third-party gateways).
Browsing Data: IP address, browser type, referring pages, device information, time spent on the site.
Marketing Preferences: Subscription status, campaign engagement, user behavior on marketing emails or pages.
Special Requests: Health data or preferences related to wellness, dietary needs, spa treatments, or adult-only services (only with explicit consent).
We do not collect sensitive data (e.g., race, religion, sexual orientation) unless explicitly provided for service personalization — and only ever with your consent.
3. How We Use Your Information
Your data is used to:
Process reservations and manage your bookings.
Personalize your guest experience (e.g., room temperature preferences, spa treatment history).
Improve our website performance, usability, and content.
Send booking confirmations, pre-arrival info, and post-stay feedback requests.
Offer you relevant promotions, discounts, and news (with opt-out at any time).
Comply with legal obligations (invoicing, financial reporting, tourism statistics).
We ensure that any processing is grounded in lawful bases — typically your consent, performance of a contract, or legal compliance.
4. Cookies & Tracking Technologies
Our website uses cookies and similar tools for functionality, analytics, and marketing. You can manage or disable cookies at any time in your browser settings. We use:
Essential cookies – required for navigation and booking system operation.
Analytics cookies – e.g., Google Analytics for anonymous traffic insights.
Marketing cookies – for retargeting ads or personalizing offers on third-party platforms.
No cookies are used to extract sensitive personal data without explicit permission.
5. Data Sharing
We only share your data with:
Trusted service providers (e.g., payment processors, booking engines, email platforms) under strict data agreements.
National tourism authorities or tax institutions, if legally required.
Law enforcement or government agencies, only when mandated by applicable law.
We never sell your data. We never share it with third parties for unrelated commercial use.
6. International Transfers
Some data may be processed outside the EU, especially when using global service providers. We ensure such transfers are protected by:
Adequacy decisions (where countries are deemed by the EU to have strong data protections), or
Standard Contractual Clauses approved by the European Commission.
7. Your Rights
You have the following rights regarding your personal data:
Access – Know what data we hold about you.
Rectification – Correct inaccurate or outdated information.
Erasure – Request deletion of your data ("right to be forgotten").
Restriction – Limit how we process your data.
Objection – Opt-out of certain types of processing, including direct marketing.
Data Portability – Request a copy of your data in machine-readable format.
To exercise any of these rights, contact us at: privacy@chillnesthotel.com
8. Data Security
We use secure protocols (HTTPS, TLS encryption), encrypted data storage, multi-layer authentication, and restricted access controls to protect your data against loss, misuse, unauthorized access, or disclosure.
All payment data is processed by PCI-DSS compliant providers — we do not store full credit card information on our servers.
9. Data Retention
We keep your personal data only as long as necessary:
Booking data: retained for 5 years for legal and tax purposes.
Marketing preferences: retained until you unsubscribe.
Website logs: typically stored for 6–12 months for diagnostics and security.
When no longer required, your data is securely deleted or anonymized.
10. Third-Party Links
Our website may contain links to external platforms (e.g., TripAdvisor, payment providers). We are not responsible for their privacy practices. Please review their privacy policies separately.
11. Children’s Privacy
Our services are not intended for individuals under 18 years of age, especially in our adults-only or casino facilities. We do not knowingly collect data from minors. If we discover such data has been collected, it will be deleted immediately.
12. Changes to This Policy
We reserve the right to update this Privacy Policy. Changes will be published on this page with updated dates. Significant modifications will be communicated by email or pop-up notice.
13. Contact Us
If you have any concerns, requests, or complaints related to this Privacy Policy or data handling:
Data Protection Officer (DPO)
ChillNestHotel Group
ul. Przemysłowa 30A
61-579 Poznań, Poland
Email: privacy@chillnesthotel.com