(+48) 887 31 31 31 info@h-31.com

Privacy Policy

H31

Effective date: 09 March 2026

  1. General Information

This Privacy Policy defines the rules for processing and protecting personal data of users using the website of H31, located at Jugosłowiańska 31, 60-301 Poznań, Poland.

The controller of personal data is:

Steel-CNC Sp. z o.o.
Ryszarda Berwińskiego 3
63-000 Środa Wielkopolska
Poland

hereinafter referred to as the Controller.

Contact with the Controller regarding personal data protection is possible via:

email: [administrator email address]
phone: [phone number]

The Controller processes personal data in accordance with:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)
  • the Polish Personal Data Protection Act
  • the Act on Providing Services by Electronic Means
  • the Telecommunications Law

The Controller takes particular care to protect the interests of data subjects and ensures that the collected data are:

  • processed lawfully,
  • collected for specified and legitimate purposes,
  • adequate and limited to what is necessary,
  • stored for no longer than necessary for the purposes for which they are processed.
  1. Scope of Processed Data

The Controller may process the following personal data of website users:

Data provided in the reservation form

  • first and last name
  • email address
  • phone number
  • check-in and check-out dates
  • number of guests
  • additional information provided by the user

Data collected automatically

When using the website, certain data may be collected automatically, such as:

  • IP address
  • browser type
  • operating system
  • approximate location
  • time spent on the website
  • visited pages
  • source of traffic

These data are collected via cookies and analytical tools.

  1. Purposes and Legal Basis for Data Processing

Personal data are processed for the following purposes:

Processing hotel reservations

Legal basis:
Article 6(1)(b) GDPR – processing necessary for the performance of a contract.

This applies to data provided through the reservation form.

Handling inquiries sent via contact form or email

Legal basis:
Article 6(1)(f) GDPR – legitimate interest of the Controller consisting of communication with website users.

Website traffic analysis and statistics

Legal basis:
Article 6(1)(f) GDPR – legitimate interest consisting of analyzing website performance and improving services.

For this purpose the website uses Google Analytics.

Compliance with legal obligations

Legal basis:
Article 6(1)(c) GDPR – processing necessary to comply with legal obligations.

This may include accounting or tax obligations.

  1. Data Recipients

Personal data may be shared with entities cooperating with the Controller to the extent necessary to operate the business.

These may include:

  • hosting providers
  • IT service providers
  • website maintenance providers
  • accounting offices
  • analytics service providers (e.g., Google)

Such entities process data on the basis of data processing agreements and only according to the Controller’s instructions.

  1. Google Analytics

The website uses Google Analytics, an analytical service provided by:

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland.

Google Analytics uses cookies to analyze how users use the website.

The collected information may be transferred to Google servers located outside the European Economic Area.

Data processing is based on:

  • Article 6(1)(f) GDPR – legitimate interest of the Controller
  • user consent expressed through cookie settings.

More information can be found in Google’s privacy policy.

  1. Data Retention Period

Personal data are stored for the period necessary to:

  • process and manage hotel reservations
  • comply with accounting and tax obligations (usually up to 5 years)
  • until consent is withdrawn (if processing is based on consent)
  • until an effective objection to processing is submitted.
  1. Rights of Data Subjects

Every person whose data are processed has the right to:

  • access their personal data
  • rectify inaccurate data
  • request deletion of data (“right to be forgotten”)
  • restrict processing
  • data portability
  • object to data processing
  • withdraw consent at any time.

To exercise these rights, the user should contact the Controller.

  1. Right to Lodge a Complaint

If a person believes their data are processed unlawfully, they have the right to lodge a complaint with the supervisory authority:

President of the Personal Data Protection Office (UODO)
ul. Stawki 2
00-193 Warsaw
Poland

  1. Cookies

The website uses cookies.

Cookies are small text files stored on the user’s device when visiting a website.

Cookies are used for:

  • proper functioning of the website
  • operating the reservation form
  • remembering user preferences
  • analyzing website statistics
  • improving the quality of services.

Users may change cookie settings in their web browser at any time.

Limiting cookies may affect some functionalities of the website.

  1. Data Security

The Controller implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or disclosure.

These measures include in particular:

  • secure servers
  • SSL encryption
  • restricted access to data
  • regular system updates.
  1. Changes to the Privacy Policy

The Controller reserves the right to introduce changes to this Privacy Policy.

Changes may result from:

  • amendments to legal regulations
  • technological developments
  • changes in website functionality.

The current version of the Privacy Policy is always available on the hotel’s website.

Steel-CNC Sp. z o.o.
Data Controller
H31