Menu opener
BackYour staySelect your dates to see availabilitiesChange datesSelect rooms and travelersClose
Select your dates to see availabilities
Please fill in the destination field
There are no suggestions
Allow geolocation in your browser settings, or type the destination
Please select period of 20 days max
Start date cannot be set in the past.

Please select period of 20 days maxStart date cannot be set in the past.

From
To
Corporate code
For travelers with corporate contract
  • Destination
  • FromTo
    FromTo
  • 1 room, 1 adult
  • 1 room, 1 guest

General policy for the protection of personal data B&B HOTELS Hungary Kft

Pdf version

Updated on (23/01/2024)

Preamble 

1.    In the course of its business, B&B HOTELS collects and processes personal data relating to contacts, prospects, customers, service-providers and partners. 

2.    The main purpose of this document is to help you understand the conditions under which your data is processed.

3.    This personal data protection policy is intended for users (hereinafter referred to as "Users" or "you") of the website https://www.hotel-bb.com/ (hereinafter the "Site") and the B&B HOTELS mobile application (hereinafter the "Application") presenting the online B&B hotel room reservation platform (hereinafter the "Platform"). 

4.    Its purpose is to inform you, in accordance with Regulation No. 2016-679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "Regulation" or "GDPR"), about how your personal information may be collected and processed through our Website and the Mobile Application in connection with the booking of hotel rooms in the countries in which we have hotels and the B&B HOTELS Club and B&Me loyalty programmes.

5.    The protection of your personal data is a priority for B&B HOTELS, which is why it undertakes to process such data in strict compliance with the Regulation and applicable national laws.

1.    Definitions 

6.    Application: designates the B&B HOTELS mobile application available in IOS and Android versions.

7.    Platform: refers to the online central reservation system operated by the B&B HOTELS Group on the Site and the Application.

8.    Data controller: designates the company B&B HOTELS Hungary in its capacity as Data controller managing processing operations carried out from the Site or the Application in Hungary. 

9.    Services: refers to the services offered by B&B HOTELS Hungary via the Platform. The Services are described in detail in the General Terms and Conditions of Use ("GTCU"), which can be accessed here.

10.    Site: means the website accessible at the URL address https://www.hotel-bb.com/hu/hotel/budapest-city 

11.    User: means any person who accesses or browses the Site and the Application, whether a customer, an operator or an ordinary Internet user with or without an account. 

2.    Identity of the data controller 

12.    The data controller responsible for the processing operations carried out on the Website and Application in Hungary is: 

-    B & B HOTELS Hungary Kft., a limited liability company, with its registered office at 1139 Budapest, Fiastyúk utca 4-8. 2. em., registered in the Hungarian Companies Register under number Cg.01-09-333861;

hereinafter referred to as "B&B HOTELS". 

13.    B&B HOTELS operates a central reservation system shared by the hotels listed here.

14.    As part of the processing of bookings made via the Platform and the Application, B&B HOTELS is the joint data controller of your personal data with the companies that operate the hotels in which you book rooms (see the list of hotels here).

15.    The list of companies is available by clicking here jointly manage the B&B HOTELS Club loyalty programme. In addition, B&B HOTELS has entered into a co-responsibility agreement with joint controllers, setting out their respective obligations, the broad outlines of which are available on request sent by mail to B&B HOTELS at the following address: privacy@hotelbb.com.

16.    The companies listed here jointly manage the B&Me loyalty programme. In addition, B&B HOTELS has entered into a co-responsibility agreement with joint controllers, setting out their respective obligations, the broad outlines of which are available on request sent by mail to B&B HOTELS at the following address: privacy@hotelbb.com 

3.    Fair and transparent collection of your data 

17.    In the interests of fairness and transparency, B&B HOTELS takes care to inform the data subjects of the processing that it implements by means of information notices at the time of collection of personal data.

18.    This data is collected fairly. No data is collected without the knowledge of or information to the individual concerned.

4.    Legitimate and proportionate use of your data 

19.    When B&B HOTELS processes data, it does so for specific purposes: each data processing operation thus pursues a legitimate, specific and explicit purpose.

20.    For each of the processing operations implemented, B&B HOTELS undertakes to only collect and use data that is adequate, relevant and limited to what is necessary with regard to the purposes for which it is processed. B&B HOTELS ensures that the data is kept up-to-date and implements procedures to enable the deletion or rectification of inaccurate data.

5.    Data that is processed 

21.    B&B HOTELS collects and processes the following categories of data in connection with the processing of personal data for the purposes set out below: 

●    Data relating to your identity : title, surname, first name, address, telephone number, e-mail address, date of birth, age, customer code;
●    Data relating to your professional life : company, location;
●    Data relating to browsing: logs and connection data, computer hardware identification data, language preferences, geographical location data, data relating to your use of the Platform and Services, including data communicated to our teams when you make requests (language preference, etc.) data collected via cookies and other tracers;
●    Data relating to your reservation : arrival and departure dates, details of other occupants of the rooms booked such as names and ages, preferences (smoking room, preferred floor, etc.), if billing to a different address is requested: company name, address, VAT number, etc. ;
●    Data relating to transactions: transaction number, data relating to means of payment, details of the purchase, subscription or service subscribed to, data relating to invoice payments such as payment terms, discounts granted, receipts, balances and unpaid invoices. The bank card number, expiry date and cryptogram are processed exclusively by our service-provider Adyen, which only provides us with a token for guaranteeing and paying for bookings;
●    Data relating to history of reservations in the B&B hotels.

6.    Purposes, legal bases and retention periods for data processing 

22.    Each processing operation carried out by B&B HOTELS fulfils an explicit, legitimate and specific purpose, which is based on the performance of a contract, compliance with a legal or regulatory obligation, your consent or even legitimate interest. In addition, we only keep your data for as long as is necessary for the purposes for which it is to be used. 

23.    The purposes for which your data is processed, its legal basis and the duration for which it is kept are detailed below:

 

PURPOSE

LEGAL BASIS

RETENTION PERIOD

Managing bookings and monitoring the commercial relationship with customers in connection with their booking, including the management of complaints

 

 

The execution of the contract concluded between the customers and the entities of B&B HOTELS

 

 

Active base:

 

The data used to manage the relationship with the customer is kept for as long as is necessary to execute the contract.

 

Intermediate archiving:

 

For litigation or pre-litigation purposes, until the end of the legal requirement and for the duration of the proceedings until the ordinary and extraordinary remedies have been exhausted.

 

Data concerning payments by bank card is kept for 13 months following the debit date, extended to 15 months for deferred debit cards.

 

Creating and managing user accounts on the website

Your consent

Active base:

 

The data used to manage the customer relationship is kept for as long as the user account is active 

 

Intermediate archiving:

 

For litigation or pre-litigation purposes, until the end of the legal requirement and for the duration of the proceedings until the ordinary and extraordinary remedies have been exhausted.

 

The improvement of B&B HOTELS services, in particular,

  • conducting satisfaction surveys
  • management of feedback on the services provided

 

The legitimate interest of B&B HOTELS

 

Time required to carry out and process the satisfaction survey or customer feedback 

Compiling commercial statistics 

 

The legitimate interest of B&B HOTELS

 

Duration required to achieve the purpose of the statistics or until the right to object is exercised

 

Bookkeeping (accounting and tax obligations)

Compliance with a legal obligation

Intermediate archiving:

 

For the legal retention period (e.g. accounting obligation of 8 years).

 

Carrying out commercial prospecting operations. In particular:

  • the sending of our newsletter;
  • carrying out prospecting campaigns (email, telephone, post);
  • invitations to events;
  • organising competitions

The consent of the data subject: for operations carried out by electronic means: emails, SMS

 

Legitimate interest for operations via post or calls involving human intervention (non-automated)

 

Until consent is withdrawn or 3 years have elapsed since the individual's last contact with B&B HOTELS

Administration and management of subscriptions to the B&B HOTELS Club loyalty programme

The performance of the contract concluded with B&B HOTELS and the other operating subsidiaries of the B&B HOTELS group

 

Active base:

 

For the entire duration of your membership to the programme.

 

Intermediate archiving:

 

For litigation or pre-litigation purposes, until the end of the legal requirement and for the duration of the proceedings until the ordinary and extraordinary remedies have been exhausted.

 

The management of requests to exercise rights by data subjects concerned by the processing of personal data

 

Compliance with a legal obligation (Articles 15 of the GDPR)

For as long as it takes to process the request.

 

The proper functioning and improvement of our Platform and its functionalities, including measuring the Site's audience

The legitimate interest of B&B HOTELS in ensuring the functioning and security of the Site

 

The User's consent given when unnecessary cookies are deposited.

 

Tracer lifetime limited to 6 months

 

Retention period for data collected by means of tracers: Maximum 25 months

 

Managing the B&Me loyalty programme (granting loyalty benefits, awarding loyalty points)

The performance of the contract concluded with B&B HOTELS and the other operating subsidiaries of the B&B HOTELS group

 

Active base:

 

For the entire duration of your membership to the programme.

 

Intermediate archiving:

 

For litigation or pre-litigation purposes, until the end of the legal requirement and for the duration of the proceedings until the ordinary and extraordinary remedies have been exhausted.

 

 

7.    Data recipients 

24.    Within the limits of their respective attributions and for the purposes mentioned in article 6, the main persons who may have access to your data are as follows:

●    authorised staff in our hotel reservations, marketing, sales, administrative, logistics and IT departments, who are responsible for improving our Services, customer relations, prospecting and quality control;
●    authorised staff of our subcontractors and service-providers, including in particular hosting and cloud storage providers, payment service providers, suppliers of software for checking identity documents and verifying identity online by facial recognition, suppliers of mailing services, IT maintenance service-providers, marketing research service-providers;
●    authorised staff of joint data controllers;
●    the competent public authorities; 
●    where appropriate, the competent authorities, upon request, in particular public bodies, the courts concerned, as well as mediators, chartered accountants, auditors, lawyers, bailiffs, judicial officers, police officers, bodies responsible for debt recovery, exclusively to meet legal obligations, as well as in the case of searching for the perpetrators of offences committed on the Internet;
●    third-parties likely to place cookies on your terminals with your consent. For more details, see our Cookies Management Policy.

8.    Transfer of data outside the European Union 

25.    B&B HOTELS is a company belonging to the B&B HOTELS group, which provides its Services in numerous countries. 

26.    In this regard, and for the purposes indicated in article 6 of this policy, we may transfer your data to recipients within and outside the group located outside the European Union.

27.    In the absence of an adequacy decision, B&B HOTELS only transfers data outside the European Union subject to appropriate guarantees, in this case the standard contractual clauses defined by the European Commission, and in strict compliance with the regulations in force.

28.    You can access all the guarantees and documents relating to the transfer of your personal data outside the European Union by contacting us 
●    at the following email address: privacy@hotelbb.com ;
●    or the postal address: HU-1139 Budapest, Fiastyúk utca 4-8. 2. em.

9.    The security of personal data 

29.    B&B HOTELS attaches particular importance to the security of personal data. It implements technical and organisational measures that are appropriate to the degree of sensitivity of the personal data, with a view to ensuring the integrity and confidentiality of the data and protecting it against any malicious intrusion, loss, alteration or disclosure to unauthorised third-parties.

30.    Nevertheless, data security and confidentiality depend on good practice on the part of each individual. Hence, the data subject is encouraged to remain vigilant about this issue.

10.    Subcontracting 

31.    When B&B HOTELS uses a service-provider, it only communicates personal data to the latter after having obtained a commitment and guarantees on its capacity to meet these security and confidentiality requirements from it.

32.    In compliance with its legal and regulatory obligations, B&B HOTELS concludes contracts with its subcontractors that precisely define the terms and conditions of data processing by the latter, in accordance with regulations on the protection of personal data.

11.    Cookies 

33.    Cookies are the subject of a cookies policy. 

12.    Social networks 

34.    When browsing our Site or Application, you may click on the icons dedicated to the social networks Twitter, Facebook, Instagram, TikTok and YouTube.

35.    Social networks help to improve the user-friendliness of the Site and our Application, and help to promote them through sharing.

36.    When you use these buttons, we may have access to personal information that you have indicated as public and accessible from your Twitter, Facebook, Instagram, TikTok and YouTube profiles. However, we neither create or use any database independent of Twitter, Facebook, Instagram, TikTok and YouTube, nor do we use any data relating to your private life through this means.

37.    In order to limit access by third-parties to your personal information on Facebook, Twitter, Instagram, TikTok or YouTube, we suggest you configure your profiles and/or the nature of your publications via the dedicated spaces on social media in order to limit their audience.

13.    Exercising the rights of the data subject

38.    B&B HOTELS is particularly concerned about respecting the rights granted to you in the context of the data processing that it implements, in order to guarantee fair and transparent processing, taking into account the specific circumstances and context in which your personal data is processed.

13.1    Right of access

39.    In this regard, you have confirmation as to whether or not your data is processed, and where it is, you have the right to request a copy of your data and information concerning:
●    the purposes of the processing;
●    the categories of data concerned;
●    the recipients or categories of recipients and, where appropriate, if such communications are to be made, the international organisations to which the data has been or will be communicated, in particular recipients established in third countries;
●    where possible, the intended retention period for personal data or, where this is not possible, the criteria used to determine this period;
●    the existence of the right to ask the data controller to rectify or erase your personal data, the right to request a restriction on the processing of your data, and the right to object to such processing;
●    the right to lodge a complaint with a supervisory authority;
●    information on the source of the data when it is not collected directly from the data subjects;
●    the existence of automated decision-making, including profiling, and in the latter case, useful information concerning the underlying logic, as well as the importance and the expected consequences of this processing for the data subjects.

13.2    Right to rectify your data

40.    You may request B&B HOTELS to rectify or complete any data that is inaccurate, incomplete, ambiguous or outdated.

13.3    Right to have your data deleted

41.    You may request B&B HOTELS to delete your personal data in the cases provided for by the legislation and regulations.

42.    Please note that the right to erasure of data is not a general right and can only be invoked if one of the grounds provided for in the applicable regulations is present.

13.4    Right to limit data processing

43.    You may request that the processing of your data be restricted in the cases provided for by law and regulations.

13.5    Right to object to data processing

44.    You have the right to object, at any time, on grounds relating to your particular situation, to the processing of your data for which the legal basis is the legitimate interest pursued by the data controller.

45.    If you exercise your right to object, B&B HOTELS will ensure that it no longer processes your personal data in connection with the processing concerned, unless B&B HOTELS can demonstrate compelling legitimate grounds for continuing such processing. These grounds must outweigh your interests and your rights and freedoms, or the processing must be justified for the establishment, exercise or defence of legal claims.

13.6    Right to portability of your data

46.    You have the right to the portability of your personal data. This is not a general right. Not all data from all processing operations is portable, and this right only applies to automated processing, to the exclusion of manual or paper-based processing.

47.    This right is limited to processing for which the legal basis is your consent or the performance of pre-contractual measures or a contract.

48.    This right does not include derived or inferred data, which is personal data created by B&B HOTELS. 

13.7    Right to withdraw your consent

49.    Where the processing of data by B&B HOTELS is based on your consent, you may withdraw it at any time. B&B HOTELS will then stop processing your personal data without affecting any previous operations for which you have given your consent.

13.8    Right to lodge a complaint 

50.    You have the right to lodge a complaint with the supervisory authority (by post: HU-1055 Budapest, Falk Miksa u. 9-11) without prejudice to any other administrative or legal remedy.

51.    You can lodge a complaint using this dedicated form: https://naih.hu/online-ugyinditas 

13.9    How to exercise your rights

52.     All the rights listed above may be exercised:
at the following email address: privacy@hotelbb.com
●    or the postal address: 1139 Budapest, Fiastyúk utca 4-8. 2. em.   

by proving your identity by any means.