TAK HostCheck · TakHostCheck.com · effective 1 January 2026
This Data Processing Agreement is concluded pursuant to Art. 28 of Regulation (EU) 2016/679 (GDPR). It is concluded electronically by accepting the Terms of Service upon registration with TAK HostCheck.
Controller: The user of the TAK HostCheck service (a business or legal entity).
Processor: Tomáš Bartusek, Za Zahradama 69, 251 01 Herink, Czech Republic, Business ID: 23578106, email: info@itakk.cz
This Agreement is concluded electronically by accepting the Terms of Service upon registration with TAK HostCheck. Acceptance of the Terms of Service simultaneously constitutes conclusion of this DPA.
The Processor will process personal data on behalf of the Controller solely for the purpose of providing the TAK HostCheck service, in particular: guest record management, generating accommodation books, exporting data for the Czech Police, and storing and managing reservations.
Processing takes place solely on the basis of documented instructions from the Controller. The Processor may not use personal data for any other purpose.
Processing relates in particular to guests of the accommodation facility and persons listed in reservations.
This may include: name, date of birth, nationality, travel document number, home address, check-in and check-out dates. The Processor does not store photographs of identity documents.
Processing takes place for the duration of the contractual relationship. Upon termination, personal data will be returned in a structured format or permanently deleted at the Controller's choice, within 30 days, unless a longer retention period is required by law.
The Processor undertakes to: process personal data only on the Controller's instructions, inform the Controller if an instruction appears to breach GDPR, ensure confidentiality obligations for authorised persons, implement appropriate technical and organisational measures under Art. 32 GDPR, maintain records of processing activities, and assist the Controller in demonstrating GDPR compliance.
The Processor has implemented: encrypted data transmission (HTTPS/TLS), data encryption at rest, role-based access control, multi-factor authentication, audit logging, incident monitoring, a secure cloud environment, and regular system updates.
The Controller grants general authorisation to use the following sub-processors:
The Processor will ensure each sub-processor is contractually bound to data protection obligations at least equivalent to those in this Agreement. The Controller will be notified of any sub-processor changes via publication on the service website.
Transfers outside the EU/EEA take place solely in compliance with GDPR, on the basis of an adequacy decision or the European Commission's standard contractual clauses.
The Processor will notify the Controller of any personal data breach without undue delay and within 48 hours of becoming aware of it, including available information about the nature of the incident, measures taken, and recommended steps.
The Processor will provide reasonable assistance to the Controller in responding to data subject requests, fulfilling notification obligations, conducting DPIAs, and consulting with supervisory authorities.
The Controller may request evidence of technical measures implemented. Physical audits are possible by prior written agreement and at a scope that does not disrupt service operations. The Processor will also permit oversight by the relevant supervisory authority.
The Processor is liable only for breach of its obligations under this Agreement or applicable law. The Processor's liability is capped at the total fees paid by the Controller over the preceding 12 months. The Processor is not liable for indirect or consequential damages.
This Agreement is governed by the law of the Czech Republic.
This Agreement forms an integral part of the TAK HostCheck Terms of Service. In the event of conflict, this Agreement takes precedence on matters of personal data protection.
Tomáš Bartusek · Za Zahradama 69, 251 01 Herink · IČ: 23578106 · info@itakk.cz