Book now

Privacy policy

I. Abbreviations and definitions


1)  GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – OJ L 2016.119.1 of 4 May 2016;

2)  Co-Controllers – the entities indicated in paragraph 1 of section II. of this Privacy Policy, which jointly set the purposes and methods of personal data protection, hereinafter also ‘PURO’;

3)  Client – an entity whose personal data are processed on any basis specified in Article 6 of the GDPR, hereinafter also ‘you’;

4)  Cookies – text files saved by a browser on a PC or mobile devices;

5)  Profiling – any form of automated combination of information about a given person used for decision-making concerning that person or analysis or prediction of their preferences, behaviour and attitudes.

II. General provisions

  1. The Co-Controllers of your personal data shall be the following entities:

1)  Puro Hotels Sp. z o. o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS (National Court Register number): 0000326960, NIP (taxpayer ID number): 7010192105, REGON (statistical enterprise ID number): 141931350;

2)  Puro Hotel Wrocław Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000344215, NIP: 7010211972, REGON: 142165076;

3)  Puro Hotel Kraków Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000429005, NIP: 7010350981, REGON: 146237045;

4)  Puro Hotel Poznań Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000456486,  NIP: 5252551251, REGON: 146613241;

5)  Puro Hotel Gdańsk Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000458238, NIP: 5252552351, REGON: 146629762;

6)  Puro Hotel Warszawa Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000628114, NIP: 5252669478, REGON: 364979542;

7)  Puro Hotel Kazimierz Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000628873, NIP: 5252670412, REGON: 365014143;

8)  Puro Hotel Łódź Sp. z o.o., with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000693884, NIP: 5252722221, REGON: 368236826;

9) Puro Hotel Development Sp. z o.o. with its registered office in Warsaw (00-133), al. Jana Pawła II 22, KRS: 0000844009, NIP: 5252824861, REGON: 386222075.

  1. In a co-control agreement, the Co-Controllers have defined the scope of their respective liability as regards the performance of obligations stemming from the GDPR. In particular, they have agreed as follows:
  2. a) the Co-Controllers shall be jointly responsible for the performance of their information provision obligation towards the Clients;
  3. b) the Co-Controllers shall be jointly responsible for the facilitation for the Clients of the exercise of their rights stemming from the GDPR.

Given the above, you may exercise your rights towards either of the Co-Controllers.

  1. PURO respects the right of privacy and makes sure your data are safe and secure. To that end, it ensures a security level corresponding to the risk of infringements on the rights and freedoms of natural persons as a consequence of personal data processing.

III. Contact data

In matters related to personal data protection, you may get in touch with the Co-Controllers by email to: [email protected] or by post to: Puro Hotels Sp. z o.o., Al. Jana Pawła II 22, 00-133 Warsaw, Poland.


IV. Purpose and basis of processing

  1. Your personal data shall be processed by PURO for the purpose of:

1)  taking steps at the request of the data subject prior to entering into a contract or performing a hotel service provision contract to which the data subject is party (the data required for entering into a contract are shown in the hotel service booking and sale form) – pursuant to 6(1)(b) of the GDPR;

2)  compliance with a legal obligation to which the Co-Controllers are subject (inter alia tax obligations, related to the state of epidemics, caused by SARS-CoV-2 virus infections) – pursuant to Article 6(1)(c) of the GDPR;

3)  the legitimate interests pursued by the Co-Controllers (inter alia pursuing or securing claims, ensuring safety and protection of persons and property) – pursuant to Article 6(1)(f) of the GDPR;

4)  marketing the Co-Controllers’ own services, presenting offers and promotions, sending information to the Clients by electronic means – under a separate consent of the data subject, i.e. pursuant to Article 6(1)(a) of the GDPR.

  1. The submission of your personal data shall be voluntary yet in the case of data required for the provision of hotel services it is necessary for the conclusion and performance of the contract.
  2. The monitoring system have been mounted in general-access areas of the hotels in order to ensure safety of the Clients and property protection.

V. Categories of processed data

We process the following categories of the Clients’ personal data:

1)              When you stay at our hotels:

First name and surname;

Personal identification number;

Identity card number or foreign identity document number (in the case of persons from outside the Republic of Poland or passport number)

Residence address;


Email address;

Telephone number;

Credit card data (when payment is done by credit card);

Information on date of stay;

Information about stay preferences;

Number of adults covered by the contract;

Number and age of children covered by the contract;

Required information for a VAT invoices;

Preferred contact language;


2) When you subsribe for receiving PURO newsletter basing on your given consent we process:

First name and surname;

Email address

VI. Data recipients

We may make your personal data available to the following recipients:

Profitroom S.A. z siedzibą w Poznaniu (60-829) przy ul. Roosevelta 9/3, KRS: 0000793213, NIP: 5252423458, REGON: 141374990, which manages the booking module launched on our web portal

Mews Systems BV, Company Registration No: 66426995. Registered Office: Wibautstraat 137 D, Scalehub 2nd floor, Amsterdam, 1097DN, Holandia, which provides Property Management System

Protel Hotelsoftware GmbH, Company Registration No: HRB 11466 Registered Office: Europaplatz 8 44269 Dortmund, Sales tax identification number: DE171 484 647, which provides Property Management System

Vision Time Sp. z o.o. ul. Ks. Emila Szramka 1 51-607 Wrocław NIP: PL 8942993293, which supports and services Property Managent System

VII. Transfer of data to third countries or international organisations

This is to inform you that your personal data are not transferred beyond the European Economic Area.

VIII. Period of client data storage

  1. Your personal data processed for the purpose of entering into and performing a contract as well as fulfilling a legal obligation or pursuing the legitimate interests of either of the Co-Controllers shall be stored over the duration of the contract and then for a time necessary for:
  2. a) securing or pursuing possible claims;
  3. b) fulfilling a legal obligation of either of the Co-Controllers (e.g. one stemming from tax legislation).
  4. The personal data processed on the basis of a separate voluntary consent shall be stored until the revocation of the consent granted, filing an objection against their processing or until the processing is no longer necessary for the attainment of the said objective. After that time, they shall be stored until the period of limitation of possible claims has expired.
  5. The personal data in the form of images in recordings from the monitoring system shall be stored for a period of 30 days, after which they shall be removed by overwritting.
  6. Detailed information on the scope and purpose of personal data processing, the type of personal data and the period of their storage are included in Appendix No. 1 to the Privacy Policy.

XI. Your rights

You shall have the right to:

  1. a) access to your data and receive their copy;
  2. b) rectify (make correct) your data;
  3. c) erase the data;
  4. d) restrict the processing of the data;
  5. e) object to the processing of your data;
  6. f) transfer the data;
  7. g) lodge a complaint with a supervisory body;
  8. h) revoke your consent to have your personal data processed at any time, if your data are processed on the basis of the consent granted – its revocation shall have no bearing on the legality of the processing performed under your consent before the revocation.

In order to exercise your rights, please send a relevant request by email to: [email protected] or by surface mail to: Puro Hotels Sp. z o.o., Al. Jana Pawła II 22, 00-133 Warsaw, Poland.

X. Information concerning the obligatory/voluntary nature of data submission

Entering into the contract shall be subject to your submission of the data listed in paragraph 1 of section V. If they have not been submitted, we may refuse to enter into the contract.

Your submission of data listed in paragraph 2 of section V. shall be voluntary and you may revoke the consent granted at any time.

XI. Information concerning data source

If you have not provided us with your personal data yourself, we have received them from a company you are bound with (e.g. under an employment contract) under a hotel service provision contract concluded with it.

XII. Copyright

  1. All content and information featuring on our web portal are property of the Co-Controller Puro Hotels sp. z o. o., with its registered office in Warsaw, and shall be subject to protection in compliance with the Act of 4 February 1994 on copyright and related rights (i.e. OJ of 2017, item 880, as amended), in particular as regards use, presentation, copying, transfer, dissemination, amending or erasure.
  2. All activities of the scope defined in in paragraph 1 above shall be subject to a written consent of Puro Hotels sp. z o. o., or they will be considered illegal and constitute an infringement of the company’s intellectual property.

XIII. Cookies

  1. The web portal uses cookies for statistical purposes and for its setting personalisation.
  2. The Client may manage cookies within an internet browser.
  3. Deactivation of cookies management may hinder the correct operation of the service.

XIV. Final provisions

  1. The Co-Controllers reserve the right to amend this Privacy Policy.
  2. The Client shall be bound by the updated Privacy Policy published on the website of PURO.