Data Security Policy

Data Security Policy

1. Introduction

Hoteline MB (“we”, “our”, “us”) is committed to ensuring the security of personal data and protecting it against unauthorized access, disclosure, alteration, or destruction. This Data Security Policy outlines the measures we take to safeguard personal data collected, stored, and processed on our website (hoteline.pl).

2. Data Protection Principles

We adhere to the following principles to ensure data security:

  • Lawfulness, fairness, and transparency – Personal data is processed lawfully and transparently.
  • Purpose limitation – Data is collected for specified, explicit, and legitimate purposes.
  • Data minimization – We only collect data that is necessary for the intended purpose.
  • Accuracy – We take steps to ensure that personal data is accurate and up to date.
  • Storage limitation – Data is stored only for as long as necessary for processing.
  • Integrity and confidentiality – We implement security measures to protect data against unauthorized access and loss.

3. Security Measures

To protect user data, we implement the following security measures:

  • SSL Encryption – All data transmitted on our website is encrypted using Secure Socket Layer (SSL) technology.
  • Access Controls – Personal data is accessible only to authorized personnel with a legitimate need.
  • Data Anonymization and Pseudonymization – Where applicable, data is anonymized or pseudonymized to reduce risk.
  • Regular Security Audits – We conduct periodic security audits to identify and address vulnerabilities.
  • Firewalls and Intrusion Detection – We use firewalls and intrusion detection systems to prevent unauthorized access.
  • Regular Software Updates – Our systems are regularly updated to patch security vulnerabilities.

4. Data Breach Response Plan

In the event of a data breach, we follow a structured response plan:

  1. Identification and Containment – The breach is identified, and steps are taken to contain it.
  2. Impact Assessment – We assess the extent of the breach and the data affected.
  3. Notification – Affected individuals and relevant authorities are informed in accordance with legal requirements.
  4. Mitigation and Review – Corrective measures are implemented to prevent future breaches.

5. Third-Party Data Processing

When we use third-party services for data processing, we ensure they adhere to security standards through:

  • Data Processing Agreements (DPAs)
  • Regular security assessments
  • Compliance with GDPR and other applicable regulations

6. User Responsibilities

Users play a role in protecting their data by:

  • Keeping login credentials confidential
  • Using strong passwords and changing them regularly
  • Reporting suspicious activities related to their accounts

7. Policy Updates

This policy may be updated periodically to reflect changes in security practices or regulations. The latest version will always be available on our website.

8. Contact Information

For questions or concerns regarding data security, contact us at: Hoteline MB
EIŠIŠKIŲ PL. 47-312, LT-02184 VILNIUS
Email: info@hoteline.pl