Data Protection
Data of the Data Controller
Data controller, owned & operated by: Bohem Art Hotel Kft.
Seat: H-1056 Budapest, Hungary, Molnár street 35.
Company registration number: 01-09-947831
Tax no.: HU22987938
E-mail: bohem(at)bohemarthotel.hu
Legal requirements for data processing
- The Fundamental Law of Hungary (Magyarország Alaptörvénye);
- Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Az információs önrendelkezési jogról és az információszabadságról szóló 2011. évi CXII. törvény);
- General Data Protection Regulation (GDPR)
Purpose of the Data Policy
The purpose of the privacy policy is to provide information to the Data Subjects according to the law. The information covers the scope of personal data processed by Bohem Art Hotel Kft., the purposes and methods of data processing, and all essential information related to data processing.
Bohem Art Hotel Kft. respects the rights and personal data of the Data Subject, and treats all information obtained confidentially. The data will be used only for providing the ordered services, for the purposes mentioned in the data protection policy, and for conducting research and statistical analysis.
Data management
The Data Subject’s consent is a voluntary consent given by the Data Subject, by a statement or by a clear action, to the processing of their personal data.
The data may be accessed by the Data Controller’s employees and authorities, who process the data received from the Data Controller by law, in the course of official procedures, by authorized partners, and by others, but only with the Data Subject’s consent.
The Data Controller agrees to handle the personal data it processes strictly confidentially, without any time limitation. The data will not be transferred to a third party, except with the explicit consent of the Data Subject and for the data processing purposes defined in this policy.
The Data Controller’s employees and partners are contractually obligated to handle the data collected, processed, disclosed or entrusted to them, in accordance with the data protection policy, and to keep it confidential, not making it accessible to third parties.
The Data Subject may withdraw their consent to the processing of their data at any time. The withdrawal of consent does not affect the lawfulness of the data processing carried out prior to the withdrawal.
Personal data may also be processed if obtaining the Data Subject’s consent is not possible, or if it involved disproportionate costs, as long as the processing is necessary for fulfilling a legal obligation of the Data Controller or for protecting the legitimate interests of the Data Controller or a third party.
Legal remedy
The Data Subject may file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság – NAIH) in case of violation of their rights related to data processing:
Seat: H-1055 Budapest, Hungary, Falk Miksa Street 9-11.
Postal address: 1363 Budapest, Pf. 9.
Telephone: +36 (1) 391-1400
E-mail address: ugyfelszolgalat@naih.hu
Processed data
Visiting the website
When visiting the hotels website, a cookie is saved on the visitor’s hard drive. This allows the system to recognize them when they visit the website, makes it easier to search on the website and helps personalize the online experience.
Processed data:
- IP address
- date and duration of visit
- operating system
- type of the browser
Purpose of data processing: identifying the visitors on the website, improving user experience
Storage period: Cookies are stored for 30 days after visiting the website
Booking inquiry
Data Subjects may contact the Data Controller with a request for reserving a room. The data provided by the Data Subject enables the Data Controller to identify the guest and send them the offer.
Processed data:
- full name
- arrival and departure date
- number and age of people staying in one room
- room type
- credit card details
- billing name and address
- expected time of arrival
- e-mail address
- phone number
- other requests
Purpose of data processing: maintaining contact, preparation and sending of personalized offer.
Storage period: if a reservation is made, the rules related to room reservations apply. If no reservation is made, Data Subjects may request via e-mail their personal data to be deleted.
Reserving a room
When making a reservation by phone, email, in person, or online, we may ask for the following personal data:
- full name
- arrival and departure date
- number and age of people staying in one room
- room type
- credit card details
- e-mail address
- billing name and address
- expected time of arrival
- other requests
Purpose of data processing: guest identification, information necessary to make a reservation, maintaining contact
Storage period: The statutory limitation period is 5 years; however, in the case of issuing invoices and other tax-related records, data must be stored for 8 years, starting from the end of the calendar year. All guests must be reported to the local government, and guests arriving from outside the European Union must also be reported to the police. These data will be stored for 6 years.
Customer relations
Data subjects may contact the Data Controller in case they have any questions. The data provided by the Data Subject allow the Data Controller to identify the guest and respond to them. Contact can be made via the contact details provided on the website.
Processed data:
- full name
- e-mail address
- telephone number
- other data voluntarily provided by the Data Subject
Purpose of data processing: guest identification and answering their questions, maintaining contact
Storage period: the Data Subject may request their personal data to be deleted via email at any time
Ordering services
Bohem Art Hotel has contracts with external service providers to provide certain services (e.g., transfer).
Processed data:
- full name
- e-mail address
- phone number
- other data essential for the creation and fulfilment of the service (e.g., flight number, arrival time)
Purpose of data processing: providing the service
Check-in
VIZA – Closed Guest Information Database system (Vendég Információs Zárt Adatbázis)
The hotel records the following data during check-in using the document reader – through the accommodation management software, on the storage provided by the hosting service provider designated in the government regulation:
- full name
- full name at birth
- place and date of birth
- gender
- citizenship
- mother’s full name at birth
- identification data on the identity card or travel document (for guests who are over 14 years old)
Purpose of data processing: the primary aim of VIZA is to promote public order, public safety, secure border crossing, and the protection of the rights, safety and property of the Data Subject and others.
Storage period: the VIZA system stores the data for up to 2 years. In cases where the police is involved it is stored for 6 years.
NTAK – National Tourism Data Supply Centre (Nemzeti Turisztikai Adatszolgáltató Központ)
Due to legal obligations, the hotel also provides data to the NTAK. These are depersonalised statistical data. The data of guests staying at the hotel cannot be identified in any way.
Processed data:
- gender
- year of birth
- citizenship
- residence
- ZIP code
- number of guest nights
- room type
- price of the accommodation
- other used services
Purpose of data processing: verification, the protection of the rights, safety, and property of the Data Subject and others
Storage time: the last day of the first year following the date of awareness.
Invoices
Processed data:
- full name
- address
- credit card details
- other data in case of company invoice
Purpose of data processing: settlement of fees for services used and fulfilment of invoicing obligations
Storage time: 8 years
Making a complaint
In case of a complaint, the Data Subject may contact the Data Provider and share their complaint.
Processed data:
- full name
- e-mail address
- telephone number
- content of the complaint
Purpose of data processing: guest identification, complaint handling, maintaining contact
Storage time: 5 years
Cameras
In the public areas of the hotel there are cameras, which operate 24 hours a day.
Processed data:
- recorded video
Purpose of data processing: protection of the well-being and physical integrity of individuals on the hotel premises
Storage time: 3 working days. If the recording needs to be forwarded to authorities, they can be stored for the legally defined period applicable to them.
Social media
Bohem Art Hotel is present on social media, where users can follow their accounts and unfollow the page at any time. The social media platforms are independent data controllers from Bohem Art Hotel Kft. The data protection policies of Facebook and Instagram can be found on their own pages.
Recruitment
Anyone can submit their application for the job advertisements posted by the Data Controller with the purpose of applying for the advertised position.
Processed data:
- full name
- e-mail address
- other contact information
- photo
- previous workplaces
- language skills
- other voluntarily provided data that may be necessary to select the right candidate
Purpose of data processing: filling the advertised position
Storage time: the Data Subject may request their data to be deleted via email at any time
Business cards
Processed data:
- full name
- telephone number
- address
- e-mail address
- workplace
- workplace address
- other data indicated on the card
Purpose of data processing: maintaining contact
Storage time: the Data Subject can request their personal data to be deleted any time
The privacy policy is valid from 01. 01. 2025. The Data Controller has the right to modify the policy independently, provided that the modification is in accordance with the applicable laws.
No part of this internet site may be reproduced, wholly or in part, in any way, without obtaining the written consent of Bohem Art Hotel management
© 2025 Bohem Art Hotel