A luxurious complex, fully equipped and comfortably furnished rooms and apartments, located in a newly built facility. Situated in the very centre of the city. A short walk will take you to the heart of Gostyń, area with the most important monuments, restaurants and attractions.

On 11 December 2025, employees of our IT service provider informed us that a security breach had most likely occurred on one of the servers hosting a database containing our Clients’ data.At this stage, we cannot confirm that unauthorized persons have gained access to your personal data. However, in order to exercise due diligence and to mitigate any potential consequences of the identified security incident, we hereby inform you of the actions taken and of the possible adverse effects the incident may have for you.Immediately after the incident described above was identified, together with our IT service provider we undertook measures aimed at counteracting the incident and its potential consequences as quickly as possible. In particular, we initiated an internal procedure for responding to potential personal data breaches, disabled the affected IT resources, replaced them with new and additionally secured systems, and carried out a verification of user accounts to ensure that the attackers no longer have access to our databases. The incident was reported to our internal units responsible for personal data protection, as well as to the relevant authorities — the Police, CERT, and the President of the Personal Data Protection Office.

If you suspect that your personal data has been used without authorization, please contact the appropriate public authorities, such as the Police. Please pay close attention to any correspondence addressed to you (using your personal data) by individuals claiming to represent our hotel — we kindly ask you to verify such situations with us on an ongoing basis by contacting us at the address provided at the end of this letter. In particular, please be especially vigilant with regard to any attempts at fraud involving impersonation of our identity and references to reservation details, sent via e-mail or instant messaging services (e.g. WhatsApp), in which you are asked to settle payments for your stay at our hotel or to provide personal data by clicking on links included in the message. Please do not reply to such messages and do not click on any links.We also ask you to pay attention to any correspondence received in paper form and to read its contents carefully, as it may include, for example, confirmations of contracts allegedly concluded (which you never entered into) or fraudulent payment demands related to reservations at our property. Any such incidents should be immediately verified directly with the entities indicated as parties to the contracts, and in doubtful cases reported to the Police.We also remind you that in the case of consumer contracts concluded remotely, you are usually entitled to withdraw from the contract within 14 days without any consequences. If you receive electronic (e-mail) notifications of a similar nature to those described above, please pay particular attention to:

  • suspicious attachments in e-mails — attachments should not be sent in archive formats such as ZIP or RAR,
  • suspicious links included in the message content,
  • requests to provide additional personal data (e.g. to confirm your identity).

Such e-mails may contain malicious software (e.g. viruses, trojans) and may also be used to attempt to obtain further personal data, such as bank account numbers, credit card details, or login credentials (e.g. usernames and passwords). For this reason, we recommend exercising particular caution when opening such messages.We also recommend using antivirus software with an up-to-date virus signature database. Please also pay attention to the passwords you use when accessing Internet resources (e.g. social media accounts, e-mail accounts, online portals, electronic banking). These passwords should not contain easily guessable words or their parts, especially those based on your personal data (e.g. first and last names, date of birth, PESEL number, series and number of an identity document, telephone number).

If you suspect unauthorized use of your data, you may also consider:
a) checking your credit history with the Credit Information Bureau (Biuro Informacji Kredytowej – BIK), an institution that collects and processes data on all loans taken out at banks and credit unions. BIK contains information on loans repaid on time and on payment arrears. Detailed information is available at: https://www.bik.pl/

b) checking your data in the National Debt Register (Krajowy Rejestr Długów – KRD), which enables monitoring of inquiries related to credit applications. Detailed information is available at: https://krd.pl/Due to the detailed nature of this notice, we also ask you not to disclose its contents to unauthorized persons, as this could facilitate actions aimed at the misuse of your personal data.

If you have any additional questions, please do not hesitate to contact us. We are continuously monitoring the situation related to the identified incident and will keep you informed of any further findings.At the same time, should you have any further questions, you may contact us by e-mail at: recepcja@hotelgostyn.pl or by phone: +48 665 250 025.

Download full document