PRIVACY POLICY AND THE USE OF COOKIES

This Privacy Policy and the use of cookies (hereinafter referred to as the “Policy”) sets out in detail the basic principles of personal data processing and data protection standards ensuring compliance with national and EU data protection regulations, in particular with the provisions of Regulation (EU) 2016 of the European Parliament and of the Council/ 679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) of the General Data Protection Regulation (hereinafter: GDPR).

The policy also sets out the rules for collecting, processing and using information provided by users in connection with their use of the services offered by the website www.treehouses.pl as well as the use of cookies on this website.

The owner of the website is Tree Houses Karolina Banasiak ul. H. Galle 3, 96-330 Olszanka, NIP 529-177-05-66, REGON: 521824114.

Information on the processing of personal data

Personal data administrator

The administrator of your personal data is Tree Houses Karolina Banasiak ul. H. Galle 3, 96-330 Olszanka, NIP 529-177-05-66, REGON: 521824114.

In matters related to your data, please contact us via e-mail at the following e-mail address: info@treehouses.pl

We obtain your personal data directly from you when contacting us by phone, e-mail or in person, as well as by making an online reservation via our website. We also obtain your data through an external booking portal. Your data may also be made available to the Administrator by a travel agency or other travel organizer who makes a reservation at the facility on your behalf, as well as from a contractor with whom the facility has a cooperation agreement and of whom you are an employee. or co-worker.

Purposes and legal basis for the processing of personal data

  1. Taking actions at your request before concluding the contract (i.e. making a reservation in person, by phone, e-mail or using the online reservation system), as well as concluding and implementing the contract for the provision of accommodation services, purchasing a Voucher – the legal basis for such data processing is art. 6 section 1 letter b) GDPR, which allows the processing of personal data if it is necessary to perform a contract or take steps to conclude a contract.
  2. Issuing an invoice and fulfilling other obligations arising from legal provisions, in particular tax, accounting and statistical obligations – the legal basis for such data processing is Art. 6 section 1 letter c) GDPR, which allows the processing of personal data if such processing is necessary for the Personal Data Administrator to fulfill its obligations under the law.
  3. If you have booked your stay through an external booking portal, your stay data may be processed for the purpose of implementing the contract between the Data Administrator and the operator of such a portal (e.g. to make settlements, inform you about a reported complaint). In connection with making a reservation using external booking portals, it is possible to obtain the following personal data: name and surname, e-mail address, telephone number, payment card details. The scope and amount of data depend on the specifications of a given portal and the type of reservation made – the legal basis for such data processing is Art. 6 section 1 letter f) GDPR, which is a legitimate interest pursued by the Personal Data Administrator.
  4. Considering and handling complaints, inquiries, grievances, requests – the legal basis for such data processing is Art. 6 section 1 letter f) GDPR, which constitutes the legitimate interest of the Personal Data Administrator understood as the possibility of responding to issues raised in the submitted complaint.
  5. Investigation, determination or defense against claims and pursuing possible claims by the Personal Data Administrator in connection with the damage suffered, for archival and evidentiary purposes as well as debt collection – the legal basis for such data processing is Art. 6 section 1 letter f) GDPR, which is a legally justified interest pursued by the Personal Data Administrator (in this case, the interest is the ability to pursue or defend against claims in connection with the provision of services).
  6. Ensuring security and preventing fraud or destruction of property – the legal basis for such data processing is Art. 6 section 1 letter f) GDPR, which is a legally justified interest pursued by the Personal Data Administrator (in this case, the interest is to ensure the safety of guests and other persons staying on the premises or within its premises through a video monitoring system recording persons staying in the monitored area).
  7. Direct marketing in traditional (paper) form – the legal basis for such data processing is Art. 6 section 1 letter f) GDPR (legitimate interest of the administrator).
  8. When using cookies on the website, we process such text information (cookies will be described in a separate section) – the legal basis for such processing is Art. 6 section 1 letter a) GDPR, which allows the processing of personal data on the basis of voluntarily granted consent (when you first enter the website, you are asked for consent to the use of cookies).
  9. Operating the website www.treehouses.pl, the legal basis for such data processing is Art. 6 section 1 letter f) GDPR, which allows the processing of personal data if in this way the Personal Data Administrator pursues his legitimate interest (in this case, the interest of the Personal Data Administrator is to ensure the correct operation of the website.
  • Date and time;
  • Information about your web browser;
  • Information about the operating system – this data is saved automatically in the so-called server logs each time you use a website belonging to the Facility. It would not be possible to administer the website without using a server and without this automatic recording.

Recipients of personal data

Personal data will be processed by the Administrator and may be processed by authorized public authorities, entities providing correspondence, entities providing legal advisory services, entities providing technical and technological services, including IT, security, payment, banking and marketing. Such entities process data on the basis of authorization or agreement with the Administrator and only in accordance with his instructions. Personal data may be disclosed to the Administrator’s insurer if it is necessary for the settlement of the loss. If the Guest takes part in a group stay, personal data may be disclosed to the organizer of the group stay, and if the Guest booked the stay through an external booking portal, data about the stay, including submitted complaints, may be disclosed to the operator of this portal.

Personal data storage period

Your personal data will be processed:

  • for the duration of the contract, and after its completion (expiration, termination), the data will be stored for a period of: 3 years or 6 years in relation to personal data processed for the purpose of establishing, pursuing or defending claims, counting from the end of the calendar year. The length of the period depends on whether both parties are entrepreneurs or not;
  • 6 months in relation to personal data that was collected when pricing the service or taking other actions aimed at concluding a contract, and at the same time no contract was concluded;
  • 5 years in relation to personal data related to the fulfillment of obligations under tax law (invoices, corrections and duplicates of accounting documents) counting from the end of the calendar year in which the tax payment deadline expired;
  • until you withdraw your consent or until the purpose of processing is achieved;
  • video data for a period not exceeding 3 months from the date of recording, except when the recording may constitute evidence in the proceedings and it has been secured – the recording storage period will be extended until the completion of the explanatory, evidentiary or court proceedings;
  • until an effective objection is raised or in the scope of exercising the rights of data subjects or achieving the purpose of processing, but no longer than 6 years from the end of the calendar year in which the purpose of processing ceased in relation to personal data processed on the basis of a legitimate interest Administrator or for marketing purposes of own services and goods;
  • until it becomes obsolete or no longer useful, but no longer than 3 years in relation to personal data processed mainly for analytical purposes, the use of cookies and website administration.

The above periods are counted in years from the end of the calendar year in which we started processing personal data in order to improve the process of deleting or destroying personal data.

Rights of data subjects

Pursuant to the principles set out in data protection regulations, you have the following rights: access to your data and receiving a copy thereof, rectification of your data, request to delete data,

Information about the voluntariness or obligation to provide data

Providing personal data by you is obligatory in a situation where the premise for the processing of personal data is a legal provision or a contract concluded between the parties. Providing personal data when making a reservation or purchasing a Voucher is voluntary, but necessary in order to make a reservation and use the services of the Facility. . If you wish to receive a VAT invoice, the obligation and scope of providing data for the VAT invoice results from the provisions of the Goods and Services Tax Act. Failure to provide data will prevent the issuance of a VAT invoice. If processing is based on consent, providing personal data to the Administrator is voluntary.

Processing of personal data in an automated manner

The administrator will not process your data in a manner leading to automated decision-making within the meaning of Art. 22 section 1 and 4 GDPR.

Transfer of data to third countries

The data will not be transferred outside the European Economic Area or international organization.

Cookies

Our website does not automatically collect any data about Users, except for information collected using HTTP Cookie technology (hereinafter referred to as “cookies”).

What are cookies and what are they for?

Cookies are small text files that are sent by the website to the web browser installed on the User’s device, and then sent by the User’s web browser each time they visit the website.

Cookies make using the website easier and more comfortable for the User.

Types of cookies used on the website:

  • conversion files that allow us to analyze the performance of various sales channels
  • tracking files that, in combination with conversions, help analyze the performance of various sales channels
  • remarketing files that we use to personalize advertising content and target it appropriately
  • analysis cookies that help us improve your experience of our website by understanding how users use it
  • Necessary files that are important for the basic functionality of the website

The website may use cookies to:

  • obtaining statistical data on User traffic and their use of individual pages of the Website;
  • enabling the identification and remembering of the User’s preferences in order to learn about his/her behavior and interests;
  • proper functioning of our website so that the booking process is carried out with as little difficulty as possible.

How can the User manage cookies?

By enabling the functionality of accepting cookies in your browser, you consent to the storage and use of cookies when using the website. Accepting cookies is a condition for proper and full use of our website. The user may at any time disable the option of accepting cookies in his browser, however, disabling cookies may cause difficulties or even prevent the use of this website. Detailed information about configuring cookie settings in browsers is available in browser settings.

Technical server logs

The fact that each element of the page is displayed by the browser is saved in the so-called server technical log. Data records saved in this way contain the following data: date and time of download, name of the page opened, IP address, source port, URL of the reference page (address of the page from which the user was redirected), amount of data downloaded, as well as information about the product version used web browser.

This information is used to optimize and monitor the condition of the website’s servers, increase the website’s security, including protection against attacks, and to provide information to law enforcement authorities in cases/investigations conducted in the field of suspected impersonation or fraud.

How do we inform about changes to the Cookie Policy?

Information about the content of changes to the Cookie Policy is immediately published on the website and comes into force on the day of their publication on the website.

Copyright

All content and information contained on our website, including in particular graphic signs, data, texts, photos, graphics, videos, or other materials, are the property of Tree Houses Karolina Banasiak ul. H. Galle 3, 96-330 Olszanka, are protected in accordance with the Act of February 4, 1994 on copyright and related rights in the scope of use, display, copying, transmitting, disseminating, changing or deleting. Due to the above, any actions in the indicated scope, undertaken without prior written consent, are unlawful and will constitute an infringement of intellectual property belonging to Tree Houses Karolina Banasiak ul. H. Galle 3, 96-330 Olszanka.

Links to third parties

Links/redirects to websites of other entities are included in the content of the website only for the convenience of its users, but they operate independently of our website. The administrator (facility) is not responsible for the information provided by the owners of other websites, as well as for the privacy/personal data protection policies of other entities.

social media

On the website we have the so-called pixels of Facebook, Instagram, YouTube, which enable, when using the Website, to go directly to a given social media page and log in to your profile, and then continue to browse the facility’s Facebook or Instagram page and/or like it, insert a post or comment, photo . However, to make this possible, we must use cookies provided by Facebook as part of its products, including: Instagram, Messenger and other products and features offered by Facebook and Google.