Privacy Policy

I

[Content of the Administrator's Privacy Policy]

  1. The Administrator's Privacy Policy contains information regarding the processing of personal data and other information concerning users of the website (hereinafter referred to as the "Website"). This privacy policy also includes all the information that data subjects should receive in accordance with the GDPR.

  2. The Privacy Policy contains information on the processing of data collected by the Website. Detailed information on the use of cookies or other similar technologies is also included in the Cookie Policy.

  3. The Privacy Policy includes information regarding the privacy of users of the contact form service.

  4. The Privacy Policy includes information on the processing of personal data and other information concerning users of Facebook and Instagram on the Administrator's fan page. This privacy policy also contains all the information that data subjects should receive in accordance with the GDPR.

  5. The Privacy Policy includes information regarding the processing of personal data contained in electronic correspondence.

II

[Data Administrator]

The administrator of personal data of Website users is Businessman Fun Club Sp. z o.o., the owner of Hotel BoniFaCio Spa & Sport Resort ****. The Administrator can be contacted at:

  1. Correspondence address: Warsaw (02-202), Drawska Street 22, Floor 1, Unit 1.23

  2. Email address: recepcja@hotelbonifacio.pl

III

[Purposes, Legal Basis, and Duration of Personal Data Processing]

Personal data is processed by the Administrator for different purposes, in various scopes, and on different legal bases provided for in the GDPR. Below are details regarding the processing of personal data, grouped according to the purposes for which the Administrator processes the data.

Website Operation

  1. In order to provide the Website service, the service provider processes:

    • Information about the user's device to ensure the proper functioning of services: IP address, information contained in cookies or other similar technologies, session data, web browser data, device data, and activity data on the Website, including on individual subpages.

  2. This information does not contain user identity data but, when combined with other information, may constitute personal data; therefore, the Administrator applies full protection under the GDPR.

  3. Data is processed in accordance with Article 6(1)(b) GDPR, for the purpose of providing the Website service, i.e., an electronic service agreement, and in accordance with Article 6(1)(a) GDPR in relation to the consent given for the use of specific cookies or other similar technologies, expressed through browser settings in accordance with telecommunications law. Data is processed until the user ceases to use the Website.

Service Usage Statistics

  1. To improve service quality, the Administrator processes statistical data regarding the use of the Website, including session data, IP address, time spent on specific subpages, usage of specific functionalities, and browser and device information. The Administrator uses cookies or other similar technologies and statistical tools.

  2. These data are processed under Article 6(1)(f) GDPR in the legitimate interest of the Administrator, which includes facilitating the use of the Website, improving the quality and functionality of services, without infringing the rights and freedoms of users. Users' information is not used for any additional purposes, and given the nature of online services, adjusting website content and improving service quality is both a market standard and a user expectation.

  3. Users can withdraw their consent at any time by changing browser settings regarding the use of cookies or other similar technologies.

  4. Data is processed as part of the Administrator's ongoing activities but no longer than 60 days from the date of collection. After this period, the Administrator may continue processing general statistical data, which will not contain any user-identifying information.

  5. The availability period for statistical data may exceed 60 days, but this is beyond the Administrator's control. The Administrator will not use the data beyond this period but may have access to them until they are deleted by the analytics service provider.

  6. The Administrator uses Google Analytics – a website analytics tool developed by Google Inc. ("Google"). Google Analytics uses "cookies" – text files stored on users' computers that enable an analysis of Website usage. The collected information (including the user's IP address) is transferred to and stored on Google Inc. servers in the USA. Google may share this information with third parties if required by law or if third parties process the data on Google's behalf. Google ensures that users' IP addresses are not linked to other Google data. For detailed information about Google Analytics terms of use and privacy policy, visit: http://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html.

Marketing Activities

The Administrator may display marketing information about its services on the Website. The display of such content is carried out under Article 6(1)(f) GDPR, in the legitimate interest of the Administrator in publishing content related to the services provided. This activity does not infringe users' rights and freedoms, as users expect or seek such content when visiting the Website.

Responding to Inquiries and Handling Requests

  1. The content of correspondence and contact information is processed for the time necessary to address the user's inquiry, including sending marketing information about the selected services, and no longer than 3 months after the matter has been resolved for archival purposes, in case of potential legal claims against the Administrator.

  2. These data are processed to provide the online contact form service – Article 6(1)(b) GDPR.

  3. For sending commercial information electronically, data will be processed based on explicit consent (Article 6(1)(a) in connection with Article 4(11) GDPR), which is given by filling in the appropriate email or phone number field.

Email Correspondence

The legal basis for processing data contained in email correspondence includes:

Managing the Fan Page

  1. The Administrator processes users' personal data to enable them to use the fan page. The Administrator has information about:

    • Liking the fan page;

    • Activity on the fan page;

    • Comments and posts added by users.

  2. These data are processed under Article 6(1)(b) GDPR to provide the service.

List of data processors

Manage cookie settings
Manage privacy settings
Essential cookies

Cookies necessary for the operation of services available on the website, enabling browsing offers or making reservations, supporting security mechanisms, including user authentication and abuse detection. These files are required for the proper functioning of the website. They do not require your consent.

Analytical cookies

Cookies allowing the collection of information about the user's use of the website in order to optimize its functioning and adapt it to user expectations. By consenting to these cookies, you agree to the processing of data regarding your activity on the site for analytical purposes.

Marketing cookies

Cookies enabling the display of marketing content tailored to the user's preferences and directing marketing offers to them corresponding to their interests, including information about user activity, products, and services of the site administrator and third parties. Consent to these cookies means that your data may be used for advertising personalization and analysis of the effectiveness of our advertising campaigns.

Your preferences have not yet been saved