Privacy

Name: Hotel Maraton
Address: Sportowa 6, Szamotuły, 64-500, PL
Telephone: +48 508 100 207

PRIVACY AND COOKIE POLICY
The protection of the privacy of visitors to our website is of the highest importance to us. Therefore, we take all measures to secure the personal data of guests and other persons visiting our hotel's website. This privacy policy clearly presents and explains the rules and scope of processing of all personal data. It also contains the procedure for the use of cookies. The most modern technical and organizational measures are applied to ensure a high level of protection for the processing of personal data.
This privacy policy is addressed to all persons using our hotel's website. It is effective from 20 October 2025.
DEFINITIONS:

1. Administrator - the entity that independently determines the purposes and means of processing personal data. The administrator of personal data is Zakład Gospodarki Komunalnej w Szamotułach Sp. z o.o.
2. Personal data - information about an identified or identifiable natural person,
3. Website: www.centrummaraton.pl
4. Processor – an entity that processes data on behalf of the administrator.
5. RODO - Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC,
6. Recipient/User - persons visiting our hotel's website,
7. Policy - this privacy policy, effective from 20 October 2025.
8. Cookies – IT data, text files stored on users' devices (e.g., laptop, computer, tablet or phone) transmitted by websites.

WHO IS THE ADMINISTRATOR OF PERSONAL DATA AND HOW CAN YOU CONTACT THEM?
The Administrator of Personal Data of all users of the website, within the meaning of the Regulation of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR), is Zakład Gospodarki Komunalnej w Szamotułach Sp. z o.o., ul. Wojska Polskiego 14, 64-500 Szamotuły.
For matters concerning the processing of personal data you can contact the data controller by email at recepcja@centrummaraton.pl and by telephone at: 61 29 219 61.
WHO IS THE DATA PROTECTION OFFICER AND HOW CAN YOU CONTACT THEM?
The Data Protection Officer is Aleksandra Cnota-Mikołajec. For matters concerning the processing of personal data you can contact the data protection officer by e-mail at: iod@eduodo.pl.
HOW DO WE OBTAIN YOUR PERSONAL DATA AND WHAT TYPE OF DATA DO WE PROCESS?
We received your personal data from you when you filled out the contact form. The Administrator processes the following personal data:
a) name and surname, e-mail address, information contained in the message sent via our site and via e-mail, including communication content and metadata for the purpose of completing the reservation form
b) in connection with the use of cookies these will include: computer information (IP address, geographic location, browser type and version, type of operating system), information about visits and use of our site (referral source, length of visit, page views and navigation paths on the site), and information generated while using our website (when, how often and in what circumstances you use our website),
Additionally we embed the Facebook widget, which allows you to see the number of likes, actions, and recommendations. It also allows you to like, share and recommend our web pages. This widget may collect data such as: IP address, browser type and versions, and may store and retrieve cookies in the browser. Additional tracking and monitoring of interactions with the widget is embedded, including correlating a Facebook account with any actions taken in the widget, i.e., liking, sharing, or recommending our website. For more information on how these data are used, please refer to Facebook's privacy policy at: https://www.facebook.com/about/privacy/update
FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?
Personal data sent to us via our website will be used for the purposes specified in this policy or on the relevant pages of the site. Your personal data may be used for the following purposes:
• Communicating with you. We use your personal data to communicate with you via your e-mail address or telephone number in connection with a reservation,
• Ensuring security. We use your personal data to ensure the security of the website, including verifying compliance with the terms of use of our site; this includes monitoring private messages sent via our private messaging service,
• Preventing fraud. We use your personal data to prevent and detect fraud and abuse in order to protect user safety,
• Personalization. We use personal data to personalize our site for you,
• Handling complaints and inquiries. We use your personal data to process complaints submitted by you or in connection with our site and to respond to your inquiries,
• Enabling the use of the website. We use your personal data to enable access to services available on our website,
ON WHAT BASIS DO WE PROCESS YOUR DATA?
In accordance with the Regulation of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, we process your data:
a) When processing is necessary to comply with a legal obligation (Art. 6(1)(c) GDPR). The Administrator processes your personal data, among others, on the basis of provisions regarding the provision of electronic services,
b) When processing is necessary for the purposes of the legitimate interests pursued by the administrator (Art. 6(1)(f) GDPR),
c) When processing is based on the consent you have given (Art. 6(1)(a) GDPR).
Consent to the processing of your personal data is voluntary. You have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
DO WE SHARE YOUR PERSONAL DATA?
Your personal data are shared with entities related to the administrator. They observe an equally high standard of care regarding the security of your personal data. Sharing is carried out for strictly defined purposes and in the manner described below:
• We share your personal data with public authorities and entities carrying out public tasks or acting on behalf of public authorities, only to the extent and for the purposes required by applicable law,
• We share your personal data with entities cooperating with the administrator, who process personal data on the basis of appropriate contracts,
• We share your personal data with entities performing tasks for the administrator, e.g., software providers, postal operators,
• We provide third parties with statistical information about our users; third parties cannot identify any specific user based on this information.

DO WE TRANSFER YOUR DATA TO COUNTRIES OUTSIDE THE EEA?
Mainly, the processors and entities collecting personal data on our website are located in Poland and countries of the European Economic Area (EEA). Only one cooperating entity providing statistical services for our website is based outside the EEA and uses Google Analytics - Google Inc. is headquartered in the USA. This entity is obliged to comply with the principles set out in the EU–US Privacy Shield program concerning the collection, use and storage of personal data of European Union citizens - in connection with Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU–US Privacy Shield, as well as the clauses adopted by the European Commission.
HOW LONG DO WE PROCESS YOUR PERSONAL DATA?
We will store the data for the period necessary to achieve the above purposes; not shorter than the period indicated in archiving regulations or other legal provisions. Electronic documents containing personal data will also be retained if:
a) we consider that the data may be relevant to any ongoing or future court proceedings,
b) required by legal provisions,
c) we consider that the data may be relevant in the establishment, enforcement or defense of our rights.
WHAT RIGHTS DO YOU HAVE REGARDING THE PROCESSING OF PERSONAL DATA?
The processing of your personal data entails the need to respect your rights. To ensure their implementation we have designated a Data Protection Officer, with whom you can contact by sending an e-mail to: aleksandra@eduodo.pl or iod@eduodo.pl. You have the following rights:

• The right of access to your personal data. Exercising this right enables us to inform you whether we process personal data relating to you, and if so, you have the right to receive a copy of the personal data. Additionally, it will allow you to verify whether we process your data lawfully.

• The right to rectification of your personal data. If you notice that your data are incomplete, untrue or outdated, you may request correction of the indicated information. Please remember that when fulfilling your request we are obliged to verify the correctness of the new personal data you provide.

• The right to restriction of processing of your personal data. Remember that if you object to further processing, we must verify whether we still have overriding and legally justified grounds to continue processing your personal data. Exercising this right allows you to request restriction of further processing of your personal data in the following cases:

 When you contest the accuracy of your personal data,
 When our processing is found not to be in accordance with applicable law,
 When your data are needed by you for the establishment, exercise or defense of legal claims.

• The right to erasure of your personal data. We are obliged to promptly delete your personal data:

 When your data are no longer necessary for the purposes for which they were collected or otherwise processed,
 When you have exercised your right to object to processing,
 When you have withdrawn the consent on which the processing was based,
 When we have processed your data unlawfully or are obliged to delete your personal data in order to comply with a legal obligation.

Please remember that we are not always obliged to delete your data, in particular where processing is necessary to comply with a legal obligation.

• The right to object to the processing of your personal data is appropriate when you consider that the processing affects your rights or freedoms. You may justify your objection by explaining a particular situation related to you from which it follows that the processing of your personal data violates your rights or freedoms. In certain specific situations we may demonstrate that we have legally justified grounds for processing that override your rights and freedoms, mainly in the case of ensuring the security of the website and preventing fraud. In such cases this right is not linked with the right to erasure of data.

• The right to data portability. If you wish to receive personally or provide to a third party chosen by you your personal data in a commonly used machine-readable format, you may exercise the right to data portability.

• The right to lodge a complaint. Please also remember that you have the right to lodge a complaint regarding our processing of your personal data with the supervisory authority, which is the President of the Personal Data Protection Office. Although you have the right to complain, we would be very grateful if, before lodging a complaint, you give us a chance to address your matter and concerns regarding our processing of your personal data. For this reason, we kindly ask you to contact the Data Protection Officer.
HOW SECURE IS THE INFORMATION ABOUT ME?
 We strive for the highest possible level of user security on the website; therefore, we continuously work on securing and protecting your personal data during transmission using specialized encryption protocols and dedicated software.

 We continuously organize, maintain and update physical, electronic and procedural safeguards related to the collection, storage and disclosure of our users' personal data. Implemented safeguards provide you with the highest level of confidence in the security of your personal data,

 All information about you that we process is stored on appropriately encrypted and secured servers. The Administrator regularly assesses the level of security within its network and monitors internal regulations and procedures implemented to protect data against all possible adverse consequences.

 Please remember that even the highest security standards implemented using the most advanced technologies do not provide complete security for your personal data when information is made available via the Internet or publicly accessible networks. Therefore, there is a risk that unauthorized third parties may gain access to your personal data.
USE OF COOKIES
What are Cookies? They are IT data, in particular text files, which users store on their end devices transmitted by various websites. Cookies allow us to recognize your device and display the website adjusted to your individual preferences. Cookies usually contain: the name of the website from which they originate,
For what purpose do we use Cookies? We use Cookies and other technologies (collectively called "cookies") to recognize your browser or device and learn more about your interests and provide necessary functions. In particular, we use Cookies for purposes including:
• Preventing fraudulent activity,
• Improving security,
• Reporting (this allows us to measure and analyze the performance of our services),
What kinds of Cookies do we use? On the website we use two main types of Cookies: session cookies and persistent cookies. Session Cookies are temporary files stored on your device until you close your web browser. Persistent Cookies are stored on your device for a specified period set in the cookie parameters or until you delete them. The following types of Cookies are used on the website:
• Strictly necessary – allow the use of services available on the website, e.g., authentication cookies - used for services requiring authentication on the website,
• Performance - allow the collection of information about how the website is used,
• Functional - allow remembering chosen settings and personalizing your interface, e.g., selected language or region, font size, website appearance, etc.,
• Security-related – used to detect abuse in authentication on the website,
What security measures should you apply? Your device should be equipped with antivirus software with an up-to-date virus definition database, an up-to-date and secure version of the web browser and with the firewall enabled. It is also recommended to enable anti-phishing filters in the web browser that check whether a website is authentic and not used for information theft. You should also be careful about which attachments you open and which links you click. The user should use only trusted wireless networks.
Do Cookies contain personal data? Although Cookies do not contain and do not constitute personal data, some information stored in Cookies, e.g., preferences, may be treated as personal data. Personal data obtained using Cookies may be processed only to perform specific functions on behalf of the user as described above. Such data are encrypted to prevent access by unauthorized persons.
How do we ensure security? To ensure the security of processing your personal data we use cookie storage and read mechanisms that do not allow retrieval of any confidential information from your device. It is impossible to transfer any viruses, trojans or other worms from our servers to your device.
Deleting Cookies and changing preferences. The website's permission to store and access Cookies results from the consent you express. This consent is given during the configuration of your web browser or when entering the website. You can configure your settings and define cookie storage conditions at any time and in any way. Standard web browser software by default allows cookies to be placed on the end device. You can block automatic handling of Cookies in your browser settings at any time. Below are links to support pages of various browsers with detailed instructions regarding Cookies, including how to remove them:
• Google Chrome - https://support.google.com/chrome/answer/95647?hl=en
• Mozilla Firefox - https://support.mozilla.org/pl/kb/usuwanie-ciasteczek
• Opera - https://help.opera.com/pl/latest/web-preferences/#cookies
• Edge - https://support.microsoft.com/pl-pl/help/10607/microsoft-edge-view-delete-browser-history
• Safari - https://support.apple.com/pl-pl/guide/safari/sfri11471/mac
• Internet Explorer - http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
If you disable all cookies in your browser neither we nor third parties will deliver cookies to the browser. If you do so, you may need to manually adjust some preferences each time you visit the website, and some functions and services may not work.
To exercise your right to object granted by the GDPR it is necessary to log out of all devices and delete cookies from them. The update process may take up to 48 hours.
CHANGES TO THE PRIVACY POLICY
The Privacy Policy may be amended or updated by us, in particular when the need or obligation to introduce changes arises from changes in legal provisions. Any material changes will be posted on this page and we will additionally inform you about them via our website.
FINAL PROVISIONS
Additional information about the processing of your personal data, including answers to questions concerning the full scope of the Privacy Policy, can be obtained by contacting the administrator and the data protection officer.