-
Verwerkingsverantwoordelijke en definities
-
De Verwerkingsverantwoordelijke van de persoonsgegevens van de Gast/Klant is: B&B Emarik Erik Winnelinckx, +48 725 201 901, 6751737945,
-
U kunt contact opnemen met de verwerkingsverantwoordelijke via:
-
correspondentie adres: Podobin, 354, 34-735, Niedźwiedź
-
e-mail adres:
Dit e-mailadres wordt beveiligd tegen spambots. JavaScript dient ingeschakeld te zijn om het te bekijken.
-
-
De Gebruiker - een natuurlijk persoon die de website(s) betreedt die het Aanbod presenteren en het mogelijk maken om een huurovereenkomst van accommodatie te sluiten of gebruik te maken van de diensten en functionaliteiten die hieronder worden beschreven in het Beleid Privacy en Cookies;
-
De dienstverlener - Erik Winnelinckx, B&B Emarik Erik Winnelinckx, 6751737945, Podobin, 354, 34-735, Niedźwiedź;
-
Het Aanbod - de door de Dienstverlener aangeboden accommodatie om de overeenkomst van de accommodatie via de website te sluiten.
-
De gast - een meerderjarig persoon met volledige rechtsbevoegdheid, rechtspersoon of organisatorische eenheid die wordt genoemd in par. 33 van het burgerlijk wetboek, die een huurovereenkomst van accomodatie sluit met de Dienstverlener.
-
De Dienst - presentatie van het aanbod van de Dienstverlener op internet, waardoor de huurovereenkomst van accomodatie online kan worden gesloten.
-
De nieuwsbrief - informatie inclusief commerciële informatie, in overeenstemming met de betekenis van deze term uit de wet van 18 juli 2002 betreffende het aanbieden van elektronische diensten (Dz. U. z 2020 r. poz. 344), verzonden door de dienstverlener aan de gast/ Gebruiker in de vorm van e-mail; het ontvangen van deze nieuwsbrief is vrijwillig en vereist toestemming van de gast/gebruiker.
-
Het Account - sets van gegevens die zijn opgeslagen in de Dienst en in het ICT-systeem van de Dienstverlener. De datasets betreffen een bepaalde Gast/Gebruiker, de door hem gemaakte reserveringen en de gesloten overeenkomsten.
-
GDPR - Verordening van het Europees Parlement en de Raad (UE) 2016/679 van 27 april 2016 betreffende de bescherming van natuurlijke personen in verband met de verwerking van persoonsgegevens, het vrije verkeer van die gegevens en de intrekking van Richtlijn 95/46/WE (Algemene Verordening Gegevensbescherming).
-
- The purposes, legal basis and period of data processing
-
For the purpose of fulfilling the Rental Agreement of Accommodation, the Service Provider processes:
-
information concerning the User's device, in order to ensure the correct functioning of the services: IP address of the computer, information contained in cookies or other similar technologies, session data, web browser data, device data, data concerning activity on the website, including individual subpages;
-
information concerning the geolocation, if the Guest/User allowed the Service Provider to access such data. This data is used to provide better tailored offers of Goods and services.
-
users' personal data: name, surname, registered office address, correspondence address, e-mail address, telephone number, Tax Identification Number (NIP), bank account number or other personal data required by the Administrator in the reservation process.
-
-
The above mentioned data does not contain identity data of the Guests/Users, however, in combination with other information this data may constitute personal information. Therefore, the Data Controller extends full GDPR protection to them
-
The above mentioned data is processed in accordance with Art. 6(1)(b) GDPR, with the purpose of providing a service, i.e. an agreement for the provision of services by electronic means in accordance with the Regulation, in accordance with Art. 6(1)(a) GDPR, in accordance with consenting to the use of certain cookies or other similar technologies, as expressed by the appropriate settings of the Internet browser, in accordance with the Telecommunications Law or in accordance with consenting to obtaining the geolocation. The data are processed until the end of the User's use of the Service.
-
The Administrator undertakes to take all measures required under Article 32 of the RODO, i.e., taking into account the state of the art, the cost of implementation and the nature, scope and purposes of the processing and the risk of violation of the rights or freedoms of natural persons of varying probability and seriousness, the Administrator implements appropriate technical and organizational measures to ensure a level of security appropriate to that risk.
-
-
Marketing activities of the Data controller
The Data Controller may place marketing information about their Goods or services on the Online Shop’s website. Such content shall be displayed by the data controller in accordance with Art. (6)(1)(f) GDPR, ie. with the legally justified interest pursued by the Data Controller in publishing the content related to the services provided and the promotional content of the actions in which the Data Controller is involved. Simultaneously, the action does not infringe the rights and freedoms of the Guests/Users. The Guests/Users expect to receive similar content, await it or it is the direct purpose of their visit to the website(s) of the Service.
-
Recipients of User’s data
The Data Controller discloses the personal data of the Users exclusively to entities processing said data based on concluded agreements of entrustment of personal data processing with the purpose of providing services to the Data Controller such as hosting and maintenance of the website, IT services, marketing and PR services.
-
Transfer of personal data to third countries
Personal data will not be processed in third countries.
-
Rights of data subject
-
Every Data Subject has the right to:
-
access (Art. (15) GDPR) – to obtain confirmation whether their data is processed from the Data Controller. If their data is processed, the subject is entitled to gain access to said data and to the following information: the purpose of processing, the categories of the personal data, recipients or categories of recipients who received the data, the time period of storing data or the criteria of establishing the time period, the right to rectify, delete or limit data processing that every data subject is entitled to and to object to processing personal data;
-
obtain a copy of the data (Art. (15)(3) GDPR) – to obtain a copy of the data subject to processing, whereby the first copy is free of charge and the Data Controller may charge a reasonable fee based on the administration costs for the next copies;
-
rectification (Art. (16) GDPR) – to request the rectification of inaccurate or to supplement incomplete data concerning him or her;
-
erase the data (Art. (17) GDPR) – to request erasure of their personal data, if the Data Controller no longer has any legal basis for the processing or the data is no longer necessary for the processing;
-
restrict the processing (Art. (18) GDPR) – to request restriction of processing personal data, when:
-
the data subject questions the correctness of the personal data - for a period enabling the controller to verify the accuracy of the personal data,
-
the processing of the data is unlawful and the data subject opposes the erasure of said data and requests the restriction of their use instead;
-
the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
-
the data subject has objected to processing the data - until it has been concluded whether the legal basis of the Data Controller override the objection of the data subject;
-
-
transfer the data (Art. (20) GDPR) – to receive personal data concerning the data subject which the data subject provided to the Data Controller in a structured, commonly used format and machine-readable format and to have the right to request a data transfer to another Data Controller without hindrance from the data controller to which the personal data have been provided, where data are processed on the basis of the data subject's consent or based on a contract with them and where data are processed by automated means;
-
objection (Art. (21) GDPR) – to object the processing of the the data for legitimate purposes of the Data Controller on grounds related to the specific situation of the data subject, including profiling. Whereby, the Data Controller shall assess the existence of important legal basis for processing, superior to the interests, rights and freedoms of the data subjects or basis for establishing, pursuing or defending claims. If according to the assessment the interest of the data subject is more important the the interest of the Data Controller, the Data Controller will be obliged to stop processing the data for those purposes;
-
to withdraw consent in any moment without providing the reason, however, the processing of personal data that happened before the withdrawal will remain lawful. The withdrawal of consent will stop processing the data by the Data Controller concerning the purpose for which the consent was given.
-
-
-
President of the Personal Data Protection Office
The data subject has a right to file a complaint with the supervisory authority, which in Poland is the President of the Personal Data Protection Office (based at 2 Stawki Street in Warsaw), who can be contacted in the following ways:
-
in writing, the addresst: ul. Stawki 2, 00-193 Warszawa;
-
by email which can be found under the following link: https://www.uodo.gov.pl/pl/p/kontakt ;
-
helpline: 606-950-0000.
-
-
Data Protection Officer
In every instance, the data subject may also directly contact the Data Protection Officer by email or in writing at the address of the Data Controller provided in the first section point two of this Privacy Policy and Cookies.
-
Changes to the Privacy Policy and Cookies
The Privacy Policy and Cookies may be supplemented or updated accordingly with the current needs of the Data Controller with the purpose of providing current and reliable information to Guests/Users.
-
Cookies
-
The Service performs the function of obtaining information about Guests/Users and their behaviour in the following ways:
-
through information provided in forms voluntarily, for purposes resulting from the functions of a given form;
-
through storing cookie files in terminal devices (so-called „cookies”);
-
through collecting web server logs by the Online Shop’s hosting operator (necessary for proper operation of the Online Shop).
-
-
The cookies constitute IT data, in particular the text files which are stored in the terminal device of the Guest/User of the Service and are designed to use the Online Shop’ s website. Cookies usually contain the name of the website from which they come from, the time of their storage on the final device and a unique number.
-
The Service uses cookies only after the Guest/User has given their prior consent in this regard. Consent to the use of cookies by the Service is given by clicking the button: ‘I agree, I want to go to the website’ when the announcement about the use of cookies by the Service is displayed or by closing that announcement.Service uses cookies only after the Guest/User has given their prior consent in this regard.
-
The above mentioned consent may cover only selected cookies. In such case, Guest/User should use the option: ‘Cookies settings’ available in announcement about the use of cookies by the Service. Simultaneously, the Data Controller reserves that disabling of cookies that are necessary for the authentication process, security, maintenance of the Guest’s/ User’s preferences may hinder, and in extreme cases may prevent the use of the Online Shop.
-
If the Guest/User does not agree to the use of cookies by the Service, they may use the option: "I do not agree", which is also available in the announcement about the use of cookies by the Service or make changes to the settings of the Internet browser, which is currently using by Guest/User (however, this may result in incorrect operation of the Online Shop).
-
To manage the cookie settings, Guest/User should select a web browser from the list below and follow the instructions:
-
Internet Explorer
-
Chrome
-
Safari
-
Firefox
-
Opera
-
Android
-
Safari (iOS)
-
Windows Phone
-
-
The legal basis for the processing of personal data from cookies is the legitimate interests pursued by the Website’s Operator, consisting of providing high quality services, ensuring the safety of services.
-
The Service uses two basic types of cookies: ‘session’ (session cookies) and ‘permanent’ (permanent cookies). The session cookies are temporary files which are stored in the terminal device of the Guest/User until they have logged out, left the Service or closed the software (web browser). The permanent files are stored in the terminal device of the Guest/User for a period of time specified in the parameters of the cookie files or until the cookies have been removed by the Guest/User.
-
The cookies are used for the following purposes:
-
creating statistics that help understand how Guests/Users of the Service use the websites, which then allows to improve their structure and content;
-
maintaining the Guest/User session (after logging in), thanks to which the Guests/User does not have to re-enter the login and password on each subpage of the Service;
-
defining the Guest’s/Customer's profile in purpose to display product recommendations and matching materials in advertising networks, in particular the Google network.
-
-
The software for web browsing (web browser) usually allows for storing cookies in the Guest’s/User's terminal device by default. Guests/Users may change their settings regarding this aspect. The web browser enables removing cookies. It is also possible to automatically block cookie files.
-
Restrictions of the use of cookies may affect some of the functionalities available on the Service's websites.
-
Cookie files placed in the Guest’s/User's terminal device and may also be used by Service’s advertisers and partners, cooperating with Service.
-
Cookies may be used by advertising networks, in particular the Google network, to display ads tailored to the way in which the Guest/User uses the Service. For this purpose, the networks may retain information about the Guest’s/User’s navigation path or the time of staying on a given website.
-
We recommend that the Guest/User should read these companies' privacy policies in purpose to understand the cookies’ usage in the statistics: Privacy Policy - Google Analytics.
-
In terms of information on the Guest’s/ User's preferences collected by the Google advertising network, the Guest/User can view and edit the information resulting from cookies using the tool: https://www.google.com/ads/preferences/.
-
The websites of the Service use plugins which can transfer the information of the Guest/User to the following Data Controllers:
-
Facebook
-
Google
-
-
In order to correctly perform the Distance Selling Agreement, the Data Controller may make the Guest/User data available to Internet payment systems. The currently available methods of payment in the form of prepayment in the Service are https://www.idobooking.com/pl/integracja-z-innymi-systemami/systemy-platnosci-zintegrowane-z-idobooking/.
-
-
Newsletter
-
The Guest/User may give their consent to receive commercial information electronically by picking the appropriate option in the registration form or at a later date in the appropriate tab. In the case of such consent, the Guest/User shall receive information (Newsletter) of the Service as well as other commercial information sent by the Service Provider to the Guest’s/User’s email address.
-
The Guest/User may unsubscribe from the Newsletter at any time by unchecking the appropriate box on their Account, by going to the form, clicking the appropriate link that is in the content of each Newsletter or through the Customer Service Office.
-
-
Account
-
The Guest/User may not place content, including opinions and other data of an illegal nature on the Service or the Seller with said content.
-
The Guest/User gets access to the Account after registration.
-
When registering, the Guest/User provides the account type, gender, name, surname, company name, VAT ID, data required for issuing a sales document, e-mail address and a password. The Guest/User assures that the data provided by them in the registration form are correct. Registration requires the Guest/User to read the Conditions carefully and mark on the registration form that they have read the Conditions and fully accept all provisions.
-
With the moment the Guest/User is granted access to the Account, an agreement for the provision of services by electronic means is concluded between the Service Provider and the Guest/User for an indefinite period of time. The Consumer may withdraw from this agreement on the terms specified in the Regulations.
-
Registration of an Account on one of the websites of the Service simultaneously means registration allowing access to other websites where the Service is available.
-
The Guest/User may terminate the agreement for the provision of services by electronic means at any time with immediate effect, informing the Service Provider about it by e-mail or in writing at the address of the Data Controller given in section 1 point 2 of this Policy.
-
The Service Provider has the right to terminate the agreement for the provision of services concerning the Account in the event of: cessation or transfer of the Service to a third party, violation of the law or provisions of the Regulations by the Guest/User, as well as in the event of inactivity of the Guest/User for a period of 6 months. The agreement is terminated with a seven days’ notice. The Service Provider may stipulate that re-registration of the Account shall require the Service Provider’s permission.
-
PRIVACYBELEID EN COOKIES
- Details