en de
Rezerwacje
Wybrano: 0
Twoje rezerwacje
przyjazd wyjazd
[]
[]
[]
Privacy policy

Privacy policy

§1
Personal Data Controller

The administrator of your personal data is Vacation Club 2 Spółka z ograniczoną odpowiedzialnością Sp.k. with its registered office in Warsaw (00-545), at 72/17 Marszałkowska Street (hereinafter VacationClub or the Company).
VacationClub can be contacted: by phone: +48 58 58 58 058, by e-mail: booking@vacationclub.pl; Marszałkowska 72/17, 00-545 Warsaw or via the contact form available on the vacationclub.pl/contact website.

§2
Data Protection Officer

A Data Protection Officer has been appointed in VacationClub, who can be contacted by e-mail: iod@vacationclub.pl or in writing: Warsaw (00-545), 72/17 Marszałkowska Street with the note "Data Protection Officer".

 

§3
Purpose and legal basis for the processing of personal data

3.1. Personal data provided by you in the booking application are processed by the Company in order to:

a) create and manage a booking, 
b) create and manage an account on the website (if an account is created),
c) implementation and conclusion of the contract (in the case of making and paying for the booking),

The legal basis for the processing of your data for the above purposes is Article 6(1)(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as GDPR), which allows the processing of personal data,  if they are necessary for the performance of the contract or for the taking of steps to conclude the contract.

d) performance of tasks resulting from applicable law, which may include, m.in, financial reporting (legal basis: Article 6(1)(c) of the GDPR in connection with the Accounting Act);
e) implementation of the Company's legitimate interests (legal basis: Article 6(1)(f) of the GDPR), which may include, m.in: determination, investigation and defense of claims, consideration of complaints, archival activities, analytical and statistical activities regarding the stay of guests, survey of satisfaction of services provided and their possible modification,
f) (in the case of appropriate consent) sending VacationClub commercial information (including advertisements, commercial offers, invitations to events) to the e-mail address provided (legal basis of Article 6(1)(a) of the GDPR) 
g) (in the case of appropriate consent) sending Commercial Information VacationClub (m.in advertisements, commercial offers, invitations to events) to the telephone number provided (including using automatic calling systems) (legal basis Article 6(1)(a) of the GDPR); 

3.2. Personal data provided by you in the newsletter subscription form are processed by the Company in order to:

a) sending commercial information to VacationClub (including advertisements, commercial offers, invitations to events) to the e-mail address provided (legal basis of Article 6(1)(a) of the GDPR); 
b) implementation of the Legitimate Interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, m.in: establishing, pursuing, and defending claims, archival activities, analytical and statistical activities, surveying the satisfaction of the services provided.

3.3. Personal data provided by you in the registration card / electronic registration card / mobile check-in are processed by the Company in order to:

a) conclusion and performance of the contract (the legal basis for data processing is Article 6(1)(b) of the GDPR);
b) performance of tasks resulting from applicable law, which may include, m.in, financial reporting (legal basis: Article 6(1)(c) of the GDPR in connection with the Accounting Act);
c) implementation of the legitimate interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, i.e., establishing, pursuing and defending claims, handling complaints, archival activities, analytical and statistical activities regarding the stay of guests, surveying the satisfaction of services provided and their possible modification;
d) (in the case of appropriate consent) sending VacationClub commercial information (including advertisements, commercial offers, invitations to events) to the e-mail address provided (legal basis article 6(1)(a) of the GDPR);
e) (in the case of appropriate consent) sending Commercial Information VacationClub (m.in advertisements, commercial offers, invitations to events) to the telephone number provided (including by means of automatic calling systems) (legal basis Article 6(1)(a) of the GDPR). 

3.4. Personal data provided by you in the "add apartment" form are processed by the Company in order to:

a) presentation of the offer (the legal basis for data processing is Article 6(1)(b) of the GDPR);
b) conclusion and performance of the contract (the legal basis for data processing is Article 6(1)(b) of the GDPR);
c) performance of tasks resulting from applicable law, which may include, m.in, financial reporting (legal basis: Article 6(1)(c) of the GDPR in connection with the Accounting Act);
d) implementation of the legitimate interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, i.e. implementation of contact in order to answer questions related to the service, determination, investigation and defense of claims, consideration of complaints, archival activities, analytical and statistical activities regarding the stay of guests, satisfaction survey of services provided and their possible modification;
e) (in the case of appropriate consent) sending VacationClub commercial information (including advertisements, commercial offers, invitations to events) to the e-mail address provided (legal basis of Article 6(1)(a) of the GDPR);
f) (in the case of appropriate consent) sending Commercial Information VacationClub (m.in advertisements, commercial offers, invitations to events) to the telephone number provided (including by means of automatic calling systems) (legal basis Article 6(1)(a) of the GDPR). 

3.5. Personal data provided by you in the "apply" form are processed by the Company in order to:

a) implementation of contact in connection with a complex application (the legal basis for data processing is Article 6(1)(a) of the GDPR);
b) conclusion and performance of the contract (the legal basis for data processing is Article 6(1)(b) of the GDPR);
c) implementation of the Legitimate Interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, m.in: establishing, pursuing, and defending claims, archival activities.

3.6. Personal data provided by you by the chatbox are processed by the Company in order to:

a) the implementation of contract, which is the legitimate interest of the Company (legal basis: Article 6(1)(f) of the GDPR);
b) conclusion of the contract (legal basis: Article 6(1)(b) of the GDPR);
c) implementation of the Legitimate Interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, m.in: establishing, pursuing, and defending claims, handling complaints, archival activities, analytical and statistical activities regarding the stay of guests, surveying the satisfaction of services provided and their possible modification. 

3.7. Personal data provided by you by phone/e-mail/traditional mail/form or www.vacationclub.pl/kontakt will be processed by the Company in order to:

a) the implementation of contract, which is the legitimate interest of the Company (legal basis: Article 6(1)(f) of the GDPR);
b) conclusion of a contract (legal basis of Article 6(b) of the GDPR);
c) implementation of the legitimate interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, i.e., establishing, pursuing, and defending claims, handling complaints, archival activities, analytical and statistical activities regarding the stay of guests, surveying the satisfaction of services provided and their possible modification;

Note: Telephone conversations may be recorded (legal basis: Article 6(1)(a) and (f) of the GDPR – the Legitimate Interest of the Company includes improving the quality of services and securing the Company's legal interest in the event of a legal need to prove facts, investigate or defend claims) – in the absence of consent to record conversations, please contact us in another way. 

3.8. Personal data provided by you via social networks (Facebook, Instagram, TikTok) are processed by the Company in order to pursue the legitimate interests of the Company (legal basis: Article 6(1)(f) of the GDPR), which may include, m.in: contact, promotion of own business, determination, investigation and defense of claims, consideration of complaints, archival activities, analytical and statistical activities concerning  guest stay, satisfaction survey of the services provided and their possible modification;

 

§4
Period of storage of personal data

Personal data processed for the purposes specified in point 3 will be stored for the period necessary to achieve these purposes, taking into account the storage periods specified in the law, i.e.:

a) personal data processed in order to create and manage a booking – in the event of non-payment of the booking will be deleted immediately after cancellation of the booking;
b) personal data processed in order to conclude and perform the contract will be processed for the duration of the Agreement, and after its termination for the period of limitation of all claims resulting from the law;
c) personal data processed in order to perform tasks resulting from applicable law, which may include, m.in, financial reporting will be processed for a period of 5 years, counted from the end of the calendar year in which the tax obligation arose;
d) personal data processed in order to pursue the legitimate interests of the Company, i.e. establishing, pursuing and defending claims, considering complaints, archival activities, will be stored until the limitation period for all claims specified in the law (in most cases it will be a six-year period from the end of the calendar year in which the service became due);
e) personal data processed in order to improve the quality of services and secure the Company's legal interest by using call recording will be stored for a period of 30 days and after this period they are permanently deleted, unless their storage for a longer period of time is necessary to achieve the purpose for which they were recorded;
f) personal data processed in order to send Commercial Information to VacationClub (including advertisements, commercial offers, invitations to events) for marketing purposes to the e-mail address provided will be processed until the consent / objection is revoked;
g) personal data processed in order to send Commercial Information to VacationClub (including advertisements, commercial offers, invitations to events) for marketing purposes to the telephone number provided (including using automatic calling systems) will be processed until the consent is revoked / objection is expressed;
h) personal data processed in order to send commercial information to entities from the Zdrojowa Group (including advertisements, commercial offers, invitations to events) for marketing purposes to the e-mail address provided will be processed until the consent / objection is revoked;
i) personal data processed in order to send commercial information to entities from the Zdrojowa Group (including advertisements, commercial offers, invitations to events) for marketing purposes to the telephone number provided (including using automatic calling systems) will be processed until the consent is revoked / objection is expressed;
j) we store personal data processed for contact purposes for the time necessary to carry out the contact and then until the end of the calendar year following the year in which the matter was resolved, or the contact ended, unless the Company will need to process for other purposes;
k) we store personal data processed via social networks until you object to their further processing by clicking "dislike", withdrawing the like of the entry, or deleting the comment to the entry and then for the period required by the obligations imposed by law and / or until the expiry of the limitation period for possible claims related to the purposes of processing. 

§5
Provision of personal data

Personal data may be made available to the Central Statistical Office, the City/ Commune Office (in the scope of the climatic / spa tax). In addition, personal data may be made available to entities providing support to the Company on the basis of commissioned services and in accordance with the concluded entrustment agreements, i.e., entities providing IT, recreational (sports), catering services, companies handling quick payments, accounting and payroll, legal including debt collection, administrative, postal, courier, marketing, insurance. Personal data may also be transferred to entities related to the Company within the meaning of tax law.

 

§6
What are your rights

6.1. You have the right to:


a) access to the content of your data and rectify them (Articles 15 and 16 of the GDPR). You can exercise this right whenever you notice that the data is incorrect or incomplete;
b) to delete and restrict data processing (Articles 17 and 18 of the GDPR). You can exercise this right when the data is no longer needed to achieve the purposes for which it was collected;
c) the right to transfer data (Article 20 of the GDPR), when the processing is based on your consent, or a contract concluded with you and when the processing is carried out in an automated manner; 
d) the right to object; 
e) lodge a complaint to the President of the Office for Personal Data Protection when you consider that the processing of your personal data violates the provisions of the GDPR;
f) to the extent that the basis for the processing of Personal Data is consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can withdraw your consent by sending a message regarding the resignation of consent to the following address: iod@vacationclub.pl or by clicking on the resignation link in the message (in the case of newsletters). 

6.2. You can exercise the rights listed above i.e., by contacting the Data Protection Officer by e-mail: iod@vacationclub.pl

 

§7
President of the Data Protection Office

You can contact the President of the Data Protection Office by post at Stawki 2, 00-193 Warsaw, by phone or via the website of the www.uodo.gov.pl/en.

 

§8
Requirement to provide personal data and consequences of not providing them

Providing personal data by you is voluntary. Failure to provide the required personal data will prevent the Company from making a booking and concluding a contract. In addition, if you wish to issue accounting documents for the service provided, it is necessary to provide data required by law, i.e., tax law. The consequence of not providing data is the inability to issue you with accounting documents.

 

§9
Processing of personal data outside the European Economic Area and automated decision-making, including profiling.

9.1. Personal data processed by the Administrator with your consent in order to send VacationClub commercial information (including advertisements, commercial offers, invitations to events) to the provided E-mail address and sending VacationClub commercial information (m.in advertisements, commercial offers, invitations to events) to the provided telephone number (including using automatic calling systems) are subject to profiling consisting in the analysis of your online behavior in order to undertake  automated decision as to the choice of product or service, the amount of price of the product or service or the amount of the discount granted for selected services.

9.2. As a rule, the Administrator does not transfer your data outside the European Economic Area (hereinafter EEA). However, when using Microsoft Office software and subcontractors' services, it may happen that the Administrator agrees to the transfer of personal data outside the EEA only if it is necessary and with an adequate level of protection, primarily by: 

a) cooperation with entities processing personal data in countries in respect of which an appropriate decision of the European Commission has been issued; 
b) the use of standard contractual clauses issued by the European Commission; 
c) the application of binding corporate rules approved by the competent supervisory authority;

Where applicable, the Administrator will inform about the intention to transfer personal data outside the EEA at the stage of their collection. At your request, the Administrator provides a copy of your data, which will be transferred outside the EEA.

 

 §10
Information on Cookies is available on the www.vacationclub.pl website. 

10.1 For proper operation of the website, Vacation Club uses Cookie technology. Cookies are packets of information stored on your device, via a website, usually containing information consistent with the purpose of the file, with which you use the website vacationclub.pl – these are usually: website address, date of placement, expiration date, unique number and additional information in accordance with the purpose of the file. 
10.2 The Website uses two types of cookies: (a) session cookies, which are permanently deleted at the end of the browser session; (b) persistent, which remain after the end of the browser session on the device until they are deleted. On the basis of cookies, both session and persistent, it is not possible to determine your identity. The Cookies mechanism does not allow you to download any personal data. 
10.3 Website cookies are safe for your device, in particular they do not allow viruses or other software to get into your device.
10.4 Files generated directly by VacationClub cannot be read by other services. External Cookies (i.e. Cookies placed by entities cooperating with VacationClub) can be read by an external server.
10.5 You can change the settings for Cookies yourself at any time by specifying the conditions for their storage, through the settings of your web browser or by configuring the service. 
10.6 First of all,  you can disable the storage of cookies on your device, in accordance with the instructions of the browser manufacturer, but this may result in the unavailability of some or all of the functions of the website.
10.7 You can also delete the Cookies stored on your device yourself at any time, in accordance with the instructions of the browser manufacturer. 
10.8 VacationClub uses Cookies for the following purposes:

Cookie Cel Żywotność Kategoria Typ
_ga Used to distinguish between users. 2 years Statistical First party
_gid Used to distinguish between users. 24 hours Statistical First party
_gat Read and filter requests from bots. 1 minute Statistical First party
_gcl_au Used by Google AdSense to experiment with ad performance. 3 months Marketing First party
_smvs Cookie that stores information about the first visits to the site. The cookie contains information about the source of the visit to the website divided into types of sources. 10 years Marketing First party
smg Cookie that identifies the user. The cookie gives the user a random identifier in the form of a UUID. 10 years Marketing Third party
smuuid Anonymous visit tracking cookie. It is assigned to each visitor to the site. Unique identifier – The cookie itself does not contain any information enabling identification of the contact and cognition, for example, of personal data of the person entering the website – the connection with the contact card takes place only inside SALESmanago. 1 year Marketing Third party
smvr A cookie that stores information about visits. The cookie is encoded by base64 and stores information about visits and impressions 24 hours Functional First party
SERVERID Required for the proper functioning of the site. Session Necessary Third party
_fbp Storing information about the user's visit to the website. 3 months Marketing First party
cookie_vc Assigns a language to a user 10 days Functional First party

 

To jest wersja dev!
vacationclub.pl