Privacy Policy

  1. General thoughts
    1. This Privacy Policy (hereinafter: "Policy") is of a nature informative, which means that it is not a source of responsibilities for Website Users. The policy mainly contains rules regarding the processing of personal data by the Administrator in The website, including the grounds, purposes and period of data processing personal data and the rights of data subjects, and information on the use of cookies on the Website and analytical tools.

    2. The administrator of Personal Data is the leading Piotr Kozłowski business activity under the name CampRest Piotr Kozłowski, ul. Gałczyńskiego 2/16, 43-300 Bielsko-Biała, NIP 9372364105, REGON: 072911180, hereinafter as „Administrator”.

    3. In matters related to data processing and protection personal data, you can contact the Administrator via the e-mail address: mailto:[email protected]. Contact in the indicated places matters is also possible in the form of traditional correspondence to the Administrator's address with the annotation: "Personal Data Protection".

    4. Personal data collected by the Administrator via The website is collected and processed in accordance with the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in connection with processing of personal data and on free movement such data and repealing Directive 95/46 / EC (general Data Protection Regulation), hereinafter referred to as "GDPR" and the Act of May 10, 2018 on the protection of personal data (i.e. Journal Of Laws of 2019, item 1781).

    5. Any words that appear in Polityka and begin with a large one the letter (eg User) should be understood according to their definition contained in the Regulations of the Website available at the link: camprest.com/en/terms-of-service.


  2. Types of processed data and the source of their origin
    1. The administrator processes the following personal data:

      1. When visiting the Website:

        • IP address,

        • browser data.

      2. In the case of inquiries about the availability of a product:

        • name,

        • e-mail adress,

        • data on the date of stay,

        • accommodation information (type accommodation, number of adults, number of children and their age).

      3. In the case of sending the newsletter and submitting inquiries via the contact form or e-mail addresses indicated in Service:

        • e-mail adress.

      4. When creating a user account:

        • nick,

        • e-mail adress,

        • phone number,

        • image,

        • website addresses for media accounts social networks,

        • travel preferences.

      5. in case of joining the Search Engine:

        • e-mail adress,

        • phone number,

        • address.

      6. In the case of visiting the Administrator's profiles kept in social media (Facebook, Instagram, YouTube, TikTok):

      • data that visitors of these profiles leave behind (including comments, likes, messages, identifiers Internet).

      • name and surname / nick,

      • image.

    2. Personal data is collected from data subjects.

  3. Purposes and legal grounds for data processing

    Users' personal data may be processed by the Administrator for the following purposes:

    1. providing services by electronic means to the extent made available Users of the content collected on the Website and the conclusion of and performance of the contract - necessity to perform the contract (legal basis: Article 6 [1] [b] of the GDPR)

    2. responses to inquiries submitted by the User, what is the legitimate interest of the Administrator (legal basis: Article 6 [f] of the GDPR);

    3. marketing - the legal basis for processing is legally legitimate interest of the Administrator (legal basis: Article 6 [1] [f] of the GDPR) consisting in conducting marketing activities;

    4. analytical and statistical - on a legal basis the Administrator's legitimate interest (legal basis: Article 6 [1] [f] of the GDPR) consisting in keeping statistics and analyst of the use of the services provided;

    5. replying to comments and messages, maintaining relationships with interactors and for analysis effectiveness of communication on social networks - on the basis of a legitimate interest Administrator (legal basis: Article 6 [1] [f] of the GDPR);

    6. possible determination and pursuit of claims or defense against them - the legal basis for processing is the legitimate interest Administrator (legal basis: Article 6 [1] [f] of the GDPR) consisting in the protection of his rights;

    7. archival (evidence) to secure information on the event of a need to prove the facts as legally legitimate interests of the administrator (legal basis: Article 6 [1] [f] of the GDPR);

    8. based on the consent expressed by the User (legal basis: Article 6 [1] [a] of the GDPR);

    9. implementation of the complaint procedure to complete the incumbent on The administrator has a legal obligation and fulfillment of obligations resulting from accounting or tax regulations (legal basis: Article 6 [1] [c] of the GDPR);


  4. Data sharing

    1. Personal data is transferred to service providers from which they help is used by the Administrator to run the Website, in particular in in the field of IT services, accounting and marketing services and analytical. These entities provide services on the basis of entrustment agreements concluded.

    2. In the event of a booking inquiry, personal data will be provided communicated directly to the Advertiser.

    3. Users' data may also be made available to the authorities and institutions authorized to receive data on the basis of legal regulations.

  5. Duration of data storage
    1. As a rule, the period of personal data processing by The administrator depends on the purpose and legal basis of the processing.

    2. The data is stored:

      1. for the period necessary to perform or terminate the concluded agreement agreement for the provision of services by electronic means (legal basis: art. 6 [1] [b] of the GDPR).

      2. for the duration of the legitimate interest carried out by the Administrator or until submission effective objection by the User, no longer, however than for the period of limitation of the Administrator's claims in relation to the data subject on account of the conducted by the Administrator of economic activity. Period limitation periods are determined by law, in particular Of the Civil Code (basic limitation period for claims related to running a business is three years) (legal basis: Article 6 [1] [f] of the GDPR).

      3. until the consent is withdrawn by the User (legal basis: art. 6 [1] [a] of the GDPR).

      4. for the period required by the mandatory provisions of law Keeping the books of accounts for the administrator (5 years, counting from the beginning of the year following the financial year, data subject) (legal basis: Article 6 [1] [c] of the GDPR).

  6. Rights of data subjects
    1. The right of access, rectification, restriction, deletion or transfer - the data subject has the right to request from The administrator of access to their personal data, their rectification, deletion ("right to be forgotten") or processing restrictions and has the right to object against processing, and also has the right to transfer its data. Detailed conditions for the exercise of the above-mentioned rights are indicated in art. 15-21 of the GDPR Regulation.

    2. The right to withdraw consent at any time - the person to whom the data is processed by the Administrator on the basis of the expressed consent (legal basis: Article 6 [1] [a] of the GDPR), it has the right to withdraw consent at any time without affecting legal compliance processing which was carried out on the basis of consent before it withdrawal.

    3. The right to lodge a complaint with the supervisory authority - the person to whom the data is processed by the Administrator, has the right to bring complaints to the supervisory body in the manner and in the manner specified in the provisions of the GDPR Regulation and Polish law, in in particular, the Act on the Protection of Personal Data. The authority supervisory authority in Poland is the President of the Personal Data Protection Office.

    4. Right to object - the data subject has the right to object at any time - for reasons related to it a special situation - in relation to the processing of data relating to it personal data based on art. 6 [1] [f] (legally justified the interest of the administrator), including profiling based on these regulations. In such a case, the administrator is no longer allowed process this personal data, unless it proves its existence valid and legitimate grounds for processing, overriding the interests, rights and freedoms of the data subject relate to, or grounds for, the establishment, investigation or defense claims.

  7. Requirement to provide data

    Providing data is voluntary, but failure to do so will be associated with the inability to use some of the Website's Services.


  8. Data transfer to third countries and organizations international
    1. The Administrator may use the services provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA on the Website. These services help the Administrator keep statistics and analyze traffic on the Website. The collected data is processed as part of the above services to generate statistics helpful in administering the Website and analyzing traffic on the Website

    2. The Administrator, using the above services on the Website, collects such data as the behavior of Users on the Website, information on devices and browsers from which Users visit the website, IP and domain, geographic data and demographic data (age, sex) and interests.

    3. The collected data is transferred to a third country, i.e. the United States. Their transfer depends on your voluntary consent, which you can express when entering the Website. If you do not give your consent, your data will not be transferred to a third country.

    4. The United States, as a third country, has not been recognized by the European Commission as having an adequate level of data protection. This is mainly due to the lack of appropriate regulations in the field of personal data protection. Therefore, organizations operating in these countries are not required to have appropriate safeguards, as indicated in the GDPR. Therefore, the transfer of data to a third country, i.e. the USA, may involve the risk of:

      • greater likelihood of a breach of the protection of personal data, including the rights and freedoms of data subjects, which may occur, in particular, through the loss of confidentiality or data integrity,
      • access to data by public authorities of the United States, because the law of that state allows public authorities to access data more than necessary, and thus in a manner inconsistent with the principle of proportionality established in EU law,
      • hindered method of asserting one's rights in court, as persons whose data are transferred to the United States are not provided with sufficient judicial protection.
    5. Due to the possibility of the Administrator using the advertising and analytical services provided by Google LLC on the Website, the Administrator indicates that full information on the principles of processing the data of visitors to the Website (including information stored in Cookies) by Google LLC is included in the privacy policy of services Google available at: https://policies.google.com/privacy?hl=en.


  9. Profiling
    1. The data will be profiled in order to carry out activities personalization and customization of content. That means thanks automatic data processing, the Administrator performs evaluation of selected factors relating to Users for the purpose analyze their behavior or create a behavior forecast for future.

    2. The effect of using profiling on the Website may be, for example, displaying a Product proposal that may correspond interests or preferences of the User.

    3. Despite profiling, it is the User who freely decides whether will want to use the proposed Product.

  10. Cookies
    1. To make the Website more attractive, the so-called cookies. It serves is to protect the legitimate interest of the Administrator, consisting in the optimal presentation of the website Service.

    2. Cookies are small text files that are automatically placed saved on the User's end device.

    3. Information is displayed during the first visit to the Website on the use of cookies.

    4. Cookies are used on the website of the Service informing about the acceptance of cookies (i.e. accepted-cookie-consent) and cookies from the following suppliers:

      1. Facebook Pixel,

      2. Facebook Ads,

      3. Google Tag Manager,

      4. Hotjar,

      5. Albacross.

    5. Some cookies used by the Website are deleted after completion a web browser session, i.e. after closing it (the so-called session cookies). Other cookies are stored on the device end user and enable the recognition of the browser at the next visit to the website (persistent cookies).

    6. The storage time is given in the cookie settings web browser. The browser can be configured in this way to receive information about the use of cookies and be able to decide on their acceptance or rejection in certain cases or entirely.

    7. The user may at any time disable or restore the option of collecting cookies by changing the settings in web browser. File management manual cookies are available on the website http://www.allaboutcookies.org/manage-cookies .

  11. Social media
    1. The website uses plug-ins from the following portals social media:

      • Facebook,

      • Instagram,

      • Pinterest,

      • YouTube,

      • TikTok..

    2. Plugins allow the User, among others to share the content published on the Websites in the selected social networking site.

    3. The use of plugins makes the given social network receives information about the use of the Website by the User and can assign them to the User profile created in a given social networking site.

    4. The Administrator processes Users' Personal Data visiting the Administrator's profiles in the media social media (Facebook, Instagram, Pinterest, YouTube, TikTok) based on a legitimate interest.

    5. The above information does not apply to the processing of personal data by website administrators (Facebook, Instagram, Pinterest, YouTube, TikTok). By using the social application The user provides his personal data to the administrator of such application. The administrator is not responsible for the method of processing data by the application provider, which has the status of a separate one personal data administrator. Principles of data processing personal data by the application provider are available on the pages application providers.

  12. Google Analytics
    1. The Administrator may use Google services on the Website Analytics, Universal Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). These services help the Administrator to run statistics and analyze traffic on the Website. Collected data are processed as part of the above generating services statistics helpful in administering the Website and traffic analysis in the service.

    2. These data are collective. Administrator using of the above services on the Website collects such data such as the way User behavior on the Website, information on devices and browsers from which Users visit the website, IP and domain, geographic data and demographic data (age, gender) i interested.

    3. It is possible to block easily by the User sharing information about its activity with Google Analytics on the Website - for this purpose you can, for example, install browser add-on provided by Google Ireland Ltd. available here: https://tools.google.com/dlpage/gaoptout?hl=en .

    4. Due to the possibility of the Administrator using in The website with advertising and analytical services provided by Google Ireland Ltd., the Administrator indicates that full information on the principles of data processing of visitors to the Website (in including information stored in cookies) by Google Ireland Ltd. can be found in the privacy policy of Google services available at: https://policies.google.com/privacy?hl=en .

  13. Remarketing

    In order to conduct remarketing, the Administrator uses the following types of tools:

    1. Google Analytics (remarketing and targeting service behavioral information provided by the company Google Inc., which links tracking performed by Google Analytics and its files Adwords ad network cookie and cookie Doubleclick.).

    2. AdWords Remarketing (remarketing and targeting service behavioral information provided by the company Google Inc., which links activity of this Application with the Adwords advertising network and Doubleclick cookie. Lets you browse content hosted on external platforms directly from the pages of this Application i interact with them. If the of this kind, it may still collect internet traffic data on the pages where it is installed, even if Users do not use it.).

    3. Facebook Remarketing (remarketing and targeting service behavioral services provided by Facebook Ireland Ltd, which connects the Website's activity with the Facebook advertising network.)


  14. Hotjar

    The website uses the HotJar tool, which allows you to obtain information about the activities performed on the website by the User, such as cursor movement, page scrolling and the places where the User is clique. Hotjar's privacy policy is available at the link: https://www.hotjar.com/legal/policies/privacy-v4/

  15. Google Search Console

    The website also uses the Google Search Console tool, which allows you to monitor the website of the Service in the results search and eliminate Website problems. privacy policy Google is available at the link: https://policies.google.com/privacy?hl=en

  16. Facebook Pixel
    1. The website uses marketing and analytical tools available on Facebook. Actions in this regard are carried out on the basis of a legitimate interest Administrator, consisting in marketing and analysis i statistics.

    2. To target behavioral personalized advertising Users on the Website, Facebook Pixel has been implemented, which automatically collects information about the use of Website in terms of the pages viewed. Collected in this way the information is most often transferred to the Facebook server in United States and stored there.

    3. The information collected as part of Facebook's Pixel is anonymous, i.e. they do not allow us to identify the User. Administrator it only knows what actions the User has taken on the website Website.

    4. Facebook may combine the information it collects with other information about Users collected as part of their use of the website Facebook and use it for your own purposes, incl marketing. Facebook's actions like this are no longer dependent on Administrator, and information about them can be found directly in Facebook's privacy policy. From your Facebook account The user can also manage his own settings privacy. Here you can find useful information including range: https://www.facebook.com/help/568137493302217.

  17. Final Provisions
    1. If the way of dealing with personal data changes Users, the Policy will be updated.

    2. The administrator reserves the right to change practices and content of this Policy at any time.

    3. The Administrator will inform about each change of the Policy Users, through information on the website of the Service or by sending the amended Policy to User's e-mail addresses.