phone mobile mobile pin heart heart user user Biuro Podróży ITAKA Flag of Belarus airplane
>How to book?>Terms and Conditions of the Website

Terms and Conditions of the Website


Table of contents

  1. GENERAL PROVISIONS
  2. COPYRIGHTS AND LEGAL DISCLAIMERS
  3. EXPRESSIONS USED IN THE TERMS AND CONDITIONS
  4. SUBJECT MATTER AND CONDITIONS OF THE PROVIDED SERVICES
  5. INFORMATION ON ELECTRONIC SERVICES
  6. MAKING A RESERVATION, CONCLUSION AND PERFORMANCE OF THE AGREEMENT
  7. WITHDRAWAL FROM THE AGREEMENT
  8. COMPLAINTS
  9. PAYMENTS
  10. SECURITY
  11. PRIVACY POLICY
    1. CONCLUSION OF THE AGREEMENT FOR PARTICIPATION IN A TOURIST EVENT
    2. CUSTOMER ZONE
    3. OFFER FORM
    4. CONTACT FORM
    5. ITAKA CHATBOT APPLICATION
    6. NEWSLETTER
    7. BLOG
    8. SOCIAL MEDIA
    9. FINAL PROVISIONS
  12. COOKIE POLICY

I. GENERAL PROVISIONS

  1. The Terms and Conditions specify the rules of using the www.itaka.pl website and mobile application.
  2. The Administrator of www.itaka.pl website (Website) and mobile application (Application) is Nowa Itaka sp. z o.o.
  3. The Terms and Conditions define the rights and obligations of the Website Users, persons making Reservations, Registering on the Website as well as other activities on the Website.
  4. The Terms and Conditions have been developed on the basis of applicable law, in particular taking into account the following:
    1. Act of 10 May 2018 on personal data protection (Journal of Laws of 2018 item 1000),
    2. Act of 30 May 2014 on Consumer Rights (Journal of Laws of 2014 item 827),
    3. Act of 18 July 2002 on the provision of electronic services (Journal of Laws of 2002 No. 144,item 1204),
    4. Civil Code Act of 23 April 1964 (Journal of Laws of1964, No. 16, item 93 as amended),
    5. Act of 24 November 2017 on tourist events and related tourist services
    6. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
  5. Using the Website means accepting the Terms and Conditions and confirming that the User has read and understood its provisions and agrees to abide by them. Acceptance of the Terms and Conditions is equivalent to consent to conclude an agreement with the Administrator for the provision of services by electronic means – in accordance with the Act on the provision of services by electronic means.

II. COPYRIGHTS AND LEGAL DISCLAIMERS

  1. The www.itaka.pl website is the property of the Administrator, they have the right to make changes, add, modify and remove content, and all collections on the Website, its name, method of functioning and data are subject to legal protection. Reproduction, transfer, distribution or storage on any media without the prior written consent of the Administrator is prohibited, except for the exceptions described below. The user of the website has the right to browse the posted sites and save them on the computer's hard drive in the form of temporary files. The user also has the right to print selected sites for their personal use. The right to use the entire website is limited to private and non-commercial use. The use of materials described as “Press” materials is allowed provided the source is quoted.
  2. The Website is available in the state in which the User receives it from the supporting server. The Administrator does not give any warranty as to the availability of the Website, which may be limited or interrupted at any time without notice to the user.
  3. The Website may not be used otherwise than for personal and non-commercial purposes. The Administrator prohibits the use of any automated systems or software to obtain data from this Website for commercial purposes (the so-called "screen scraping"), or to make available or operate links to this website without the prior written consent of its owner.
  4. All information, data and materials made available on the Website are protected by copyright, trademark rights, database rights or other intellectual property rights.
  5. In the event of any unauthorized use of this Website, the Administrator reserves the right to take any necessary action, including legal action, without prior notice to the user. Despite all possible efforts, the Administrator does not guarantee that the information and prices contained on the Website are free of errors and deficiencies, which cannot be the basis for claims.
  6. The Administrator reserves the right to change the content of the Website at any time by turning off previously accessible pages and turning on new pages. The Administrator shall not be responsible for events resulting from browsing the subpages of the Website. An offer is only available if it can be booked on the website www.itaka.pl or in the application at the time of its display on this site.
  7. In order to improve the functionality of the www.itaka.pl website, hypertext references to third-party Internet resources are likely to be included. In such a case, the User should get familiar with the legal restrictions applicable to these resources.
  8. The Administrator shall provide the Traveler/User with the information on the location of the hotel required by Art. 40 sec. 1 item 1 letter c) of the Act by indicating the place where the hotel is located. This information is contained in the Event's description at www.itaka.pl in the “Map and information about the region” tab. Additionally, Travel Agency provides Travelers with an online tool for use, enabling detailed location of a hotel on the map via Google , and OpenStreetMap. The provision of this Internet tool does not constitute a determination by the Travel Agency of the hotel's location within the meaning of Art. 40 sec. 1 item 1 letter c) of the Act of 24 November 2017 on tourist events and related tourist services.

III. EXPRESSIONS USED IN THE TERMS AND CONDITIONS

  1. Administrator/Travel Agency – an entity indicated in § I. item 2 of the Terms and Conditions.
  2. Application – a mobile application ITAKA, which provides an access to the Website.
  3. Contact form – an electronic path of contact with the Administrator in order to submit an inquiry.
  4. Password – an unique sequence of characters determined by the User in order to log in to the Website Customer Zone.
  5. Tourist event – tourist services within the meaning of the Act of 24 November 2017 on tourist events and related tourist services.
  6. Account on the Customer Zone – an individual account available for Users registered and logged in the Customer Zone.
  7. Login – User's e-mail address provided during the Registration on the Website.
  8. Opinion – the possibility of evaluating the selected offer of a tourist event and the quality of services provided by the Administrator.
  9. Terms and Conditions – Terms and Conditions for using the itaka.pl website and providing services by the Administrator.
  10. Registration – an action performed by the User consisting in creation of an individual Account in the Customer Zone on the Website.
  11. Reservation – placing an order for participation in a tourist event available on the Administrator's Website. Reservation is tantamount to reading and accepting the Terms and Conditions of Participation in Tourist Events, Practical Information, Standard Information Form, Product Card and Conditions of Travel Insurance as well as Privacy Policy.
  12. Website – a website and all related subpages located at www.itaka.pl, also at other websites where the Administrator runs the Website, which are the property of the Administrator.
  13. Seller – or Website Administrator, providing the Service to the Customer.
  14. Customer Zone – a service made available within the www.itaka.pl website, available to a registered and logged in User, enabling direct access to information (e.g. on Reservations made by the User) and management of services.
  15. Agreement – a contract for participation in a tourist event concluded between a User and Nowa Itaka sp. z o.o. via the Website in electronic form on the terms specified in these Terms and Conditions.
  16. Service – services provided by electronic means within the meaning of the Act of 18 July 2002 on the provision of services by electronic means.
  17. User – a person using the Website – a natural person who has full legal capacity; a legal person or an organizational unit without legal personality, with rights to legal acts granted by the Act, using the Website. A User of the Website may also be a person who does not have full legal capacity, with the consent of their legal guardian.

IV. SUBJECT MATTER AND CONDITIONS OF THE PROVIDED SERVICES

  1. Via the Website, the Users are offered an access to Services and the possibility to use the content of the Website, in accordance with the Terms and Conditions and additional conditions published by the Administrator.
  2. The Website provides Services enabling making a Reservation and concluding an Agreement.
  3. By making a Reservation, the User confirms that they have read the Terms and Conditions of Participation in a Tourist Event, Practical Information, Standard Information Form, Product Card and Conditions of Travel Insurance as well as Privacy Policy. The Administrator shall not be responsible for the consequences of providing false or incomplete information.

V. INFORMATION ON ELECTRONIC SERVICES

  1. The Administrator shall ensure the functioning of the IT system they use in such a way that each User can terminate the use of electronic services free of charge at any time.
  2. The Administrator shall ensure that the IT system they use operates in such a way as to prevent unauthorized persons from gaining access to the content of the message constituting the electronic services, in particular with the use of cryptographic techniques.
  3. The Administrator shall ensure unambiguous identification of the parties to electronic services.
  4. The Administrator informs that the use of electronic services may involve a risk. In order to eliminate or minimize such risk, the User is obligated to take appropriate actions necessary to protect the device on which they use the Administrator’s Website.
  5. Information concerning the function and purpose of the software or data not belonging to the content of electronic services, entered into the telecommunication system used by the User are included in the Privacy Policy.
  6. In order to use the Administrator's Website, the User should meet the following technical requirements necessary to establish cooperation with the Administrator's ICT system:
    1. Having a device that allows you to use the Internet;
    2. Internet connection;
    3. Having a web browser that enables displaying web pages and accessing the Administrator’s Website, with support for SSL and JavaScript encrypted connections;
    4. Having an active e-mail address.
  7. The Administrator reserves the right to interfere in the technical structure of the Account /Customer Zone in order to be able to diagnose possible irregularities or problems in the functioning of the Service, they may also make changes and affect the technical section of the User Account in order to modify and ensure the proper functioning of the Account or the Website itself.

VI. MAKING A RESERVATION, CONCLUSION AND PERFORMANCE OF THE AGREEMENT

  1. In order to make a reservation, the User provides the following personal data: name and surname of the person making the reservation, contact data: address, telephone number and e-mail address, as well as personal data of other Participants for whom the reservation of the event is made.
  2. In order to make a reservation of a tourist event it is required that the User read the Terms and Conditions of the Website and accept its contents, as well as read the Terms of Participation and the Terms of Insurance.
  3. After confirming the reservation, the agreement with the Website User is concluded. The agreement is concluded in an electronic form. By making a payment of the tourist event price (in part or in full), the User accepts the Terms and Conditions of the Agreement. Nowa Itaka sp. z o.o. will confirm the conclusion of the agreement to the User.
  4. After the Reservation is made, the Administrator shall provide the Travel Document which is available in the Customer Zone or in the e-mail received to the indicated e-mail address.
  5. Conditions and methods of payment are available after making a Reservation in the Reservation Summary, in the Customer Zone and in the e-mail from the Administrator of the Website.
  6. All prices quoted on the Website are gross prices and include VAT.
  7. The agreement is performed in accordance with the Conditions of Participation in tourist events and other provisions contained in the Terms and Conditions as well as documents attached to the Reservation.

VII. WITHDRAWAL FROM THE AGREEMENT

  1. Withdrawal from the agreement shall take place in accordance with the Conditions of Participation in tourist events.

VIII. COMPLAINTS

  1. Complaints may be submitted and will be considered in accordance with the Conditions of Participation in tourist events.

IX. PAYMENTS

  1. Payments at www.itaka.pl are supported by Przelewy24, which provide the largest number of payment methods in Poland and are the undisputed leader in this respect.
  2. High security for card transactions is ensured by the use of strong protection of transactions – 3D Secure (Verified by VISA and MasterCard SecureCode), SSL EV (Secure Sockets Layer Extended Validation). The system ensures high security also thanks to the solution in which payment card numbers never go to the online store and, what is equally important, they are not stored anywhere. The customer has a guarantee that their card number is known only to them and their bank. Security of transactions is ensured by the use of SSL VE protocol.

X. SECURITY

  1. SSL Certificate ensures protection of websites and confidentiality of data transmitted electronically. The algorithm used, with a 128-bit encryption key, is currently the most secure and popular of all commonly used. Thanks to this, it is not possible to intercept information transmitted through a secure website.
  2. The certification body is Thawte.

XI. PRIVACY POLICY

  1. The Administrator of personal data collected through the website www.itaka.pl (Website) and mobile application (Application) is Nowa Itaka sp. z o.o. with its registered office in Opole 45-072, ul. Reymonta 39, entered into the Register of Entrepreneurs kept by the District Court in Opole, 8th Division of the National Court Register under No. 0000002269, Polish Tax Identification Number (NIP) 754-26-86-316, Polish National Business Register Number (REGON) 532179139, share capital PLN 3,315,000 Contact the Administrator: phone no.: 77 5412 202, e-mail: info@itaka.pl. The Administrator of data is responsible for the security of the personal data transferred and for their processing in accordance with the provisions of the law.
  2. The Administrator has appointed a Data Protection Officer (DPO), who can be contacted in matters related to the processing of personal data and the exercise of rights vested in the users in accordance with the provisions on the protection of personal data via e-mail: daneosobowe@itaka.pl
  3. Personal data are processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC and other currently applicable (i.e. for the entire period of processing specified data) provisions of the law on personal data protection.
  4. Each time the purpose and scope of data processed by the Administrator result from the concluded agreement, consent of the Website user or mobile application, or legal regulations and are specified in detail as a result of actions taken by the user.

XI.I. CONCLUSION OF THE AGREEMENT FOR PARTICIPATION IN A TOURIST EVENT

  1. The Administrator processes personal data for the following purposes:
    1. Conclusion of agreement for participation in a tourist event and its performance, including ensuring the correct quality of services (legal basis - Article 6 sec. 1 letter b GDPR) – “performance of the agreement”.
    2. Performance of the Administrator's legal obligations, e.g. financial settlements and accounting reporting, including issuing and storing invoices (legal basis – Art. 6 sec. 1 letter c of the GDPR) – “legal obligation”.
    3. Claiming damages resulting from the agreement (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”. The deadlines for claiming damages resulting from the agreement are specified in detail in the Civil Code and the Act on tourist events and related tourist services.
    4. Improvement of the quality of services provided, including customer satisfaction surveys (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”.
    5. Sending marketing information (e.g. newsletter), where consent is given to the use of data for this purpose (legal basis – Art. 6 sec. 1 letter a of the GDPR) – “consent”.
    6. Direct marketing, including personalization of marketing content (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “lawful interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. The Administrator may process personal data in order to perform the agreement for participation in a tourist event, in particular:
    1. given name(s),
    2. surname,
    3. date of birth,
    4. gender,
    5. e-mail address,
    6. phone number,
    7. residence address,
    8. specimen of the signature,
    9. and data from identity card or passport necessary to perform the agreement (depending on the country of departure or offer) and to verify the identity of the customer, i.e. place of birth, citizenship, facial image, series and number of the document, authority issuing the document, date of issue and date of expiry of the document.
  3. Provision of personal data indicated above is voluntary, but necessary for the conclusion of the agreement and its performance. The consequence of a failure to provide personal data will be the impossibility of concluding and performing the agreement.
  4. To the extent necessary to conclude and perform the agreement for participation in a tourist event and to ensure the proper quality of services, the Administrator may also process special categories of personal data (including data concerning health, e.g. disabled persons, persons with reduced mobility, persons requiring special medical care) if the data subject has given their explicit consent to the processing of such data for the indicated purpose (legal basis – Art. 9 sec. 2 letter a of the GDPR) – “consent”.
  5. The Administrator processes personal data in order to send commercial information (to e-mail address) and for the purposes of direct marketing (using a phone number) on the basis of separate consents, in accordance with the provisions of the Telecommunications Law and the provisions of the Act on the provision of services by electronic means.
  6. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 5. above. Depending on the legal basis, this will be accordingly:
    1. the time needed to perform the agreement,
    2. time of performing legal obligations and time period the legal regulations require data to be stored for, e.g. tax regulations,
    3. the time after which the claims resulting from the agreement expire,
    4. the time to object,
    5. the time until the withdrawal of consent.
  7. Subject to all data security guarantees, the Administrator may transfer the personal data of the customer – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. agents, technical service providers and entities providing consulting services,
    2. other administrators to the extent necessary for the provision of services and legal requirements, e.g. electronic payment operators, couriers, carriers, insurers, hotel service providers, additional service providers (e.g. parking lots, airport services), local or national tourist chambers, contractors providing services for the Administrator on the basis of concluded agreements.
  8. To the extent necessary for the proper performance of the agreement, the Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  9. In connection with the processing of personal data by the Administrator, the customer is entitled to:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator,
    6. the right to withdraw consent if the Administrator processes personal data of the customer based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the customer considers that the processing of personal data violates the provisions of the Regulation.
  10. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.II. CUSTOMER ZONE

  1. The Administrator processes personal data for the following purposes:
    1. Conclusion of an agreement for the provision of services by electronic means (in accordance with the Act of 18 July 2002 on the provision of services by electronic means, Journal of Laws, No. 144, item 1204, as amended), including the registration and operation of a user account in the Customer Zone at www.itaka.pl and in a mobile application (legal basis – Art. 6 sec. 1 letter b of the GDPR) – “performance of the agreement”.
    2. Claiming damages resulting from the agreement (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”. The deadlines for claiming damages resulting from the agreement are specified in detail in the Civil Code.
    3. Sending marketing information (e.g. newsletter), where consent is given to the use of data for this purpose (legal basis – Art. 6 sec. 1 letter a of GDPR) – “consent”.
    4. Direct marketing, including personalization of marketing content (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “lawful interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. Providing personal data is voluntary, however it is necessary to conclude an agreement, including registration and operation of a user account in the Customer Zone.
  3. The Administrator processes personal data in order to send commercial information (to e-mail address) and for the purposes of direct marketing (using a phone number) on the basis of separate consents, in accordance with the provisions of the Telecommunications Law and the provisions of the Act on the provision of services by electronic means.
  4. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 15. above. Depending on the legal basis, this will be accordingly:
    1. the time needed to perform the agreement,
    2. time of performing legal obligations and time period the legal regulations require data to be stored for, e.g. tax regulations,
    3. the time after which the claims resulting from the agreement expire,
    4. the time to object,
    5. the time until the withdrawal of consent.
  5. Subject to all data security guarantees, the Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators to the extent necessary for the implementation of services, on the basis of concluded agreements.
  6. To the extent necessary for the proper performance of the agreement, the Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  7. In connection with the processing of personal data by the Administrator, the user is entitled to:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator,
    6. the right to withdraw consent if the Administrator processes personal data of the user based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  8. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.III. OFFER FORM

  1. The Administrator processes personal data for the purpose of:
    1. Processing the inquiry, i.e. presentation of an offer for participation in a tourist event (legal basis – Art. 6 sec. 1 letter b of the GDPR) – “taking action at the request of the data subject prior to the conclusion of the agreement”.
    2. Sending marketing information (e.g. newsletter), where consent is given to the use of data for this purpose (legal basis – Art. 6 sec. 1 letter a of the GDPR) – “consent”.
    3. Personalization of marketing content where consent is given to the use of data to obtain marketing information (legal basis – Art. 6 sec. 1 letter f) of RODO) – “legitimate interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. The provision of data is voluntary, but necessary to process the inquiry, i.e. to present an offer for a tourist event. The consequence of a failure to provide the required personal data is the lack of possibility to send an offer to the user.
  3. The Administrator processes personal data in order to send commercial information (to e-mail address) and for the purposes of direct marketing (using a phone number) on the basis of separate consents, in accordance with the provisions of the Telecommunications Law and the provisions of the Act on the provision of services by electronic means.
  4. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 23. above. Depending on the legal basis, this will be accordingly:
    1. time necessary to process the inquiry, i.e. preparation and presentation of an offer and obtaining a response from the customer, but not longer than 60 months from the date of sending the offer.
    2. the time to object,
    3. the time until the withdrawal of consent.
  5. Subject to all data security guarantees, the Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators, to the extent necessary to provide answer the question asked.
  6. The Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  7. In connection with the processing of personal data by the Administrator, the user is entitled to, respectively:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator in cases in which the basis for the processing is the consent given,
    6. the right to withdraw consent if the Administrator processes personal data of the customer based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  8. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.IV. CONTACT FORM

  1. The Administrator processes personal data for the purpose of:
    1. Answering questions asked with the use of the contact form (or e-mail and telephone address) available at www.itaka.pl and the mobile application (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”.
    2. Sending marketing information (e.g. newsletter), where consent is given to the use of data for this purpose (legal basis – Art. 6 sec. 1 letter a of the GDPR) – “consent”.
    3. Personalization of marketing content where consent is given to the use of data to obtain marketing information (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. Providing the data indicated in the contact form and in the mobile application is voluntary, but necessary to answer the question. The consequence of a failure to provide the required personal data is the lack of possibility to send a reply to the user.
  3. The Administrator processes personal data in order to send commercial information (to e-mail address) and for the purposes of direct marketing (using a phone number) on the basis of separate consents, in accordance with the provisions of the Telecommunications Law and the provisions of the Act on the provision of services by electronic means.
  4. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 31. above. Depending on the legal basis, this will be accordingly:
    1. the period necessary for the implementation of the purpose indicated above, i.e. until the moment of answering the inquiry sent by the user,
    2. the time to object,
    3. the time until the withdrawal of consent.
  5. Subject to all data security guarantees, the Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators, to the extent necessary to provide answer the question asked.
  6. The Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  7. In connection with the processing of personal data by the Administrator, the user is entitled to:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator in cases in which the basis for the processing is the consent given,
    6. the right to withdraw consent if the Administrator processes personal data of the customer based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  8. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.V. ITAKA CHATBOT APPLICATION

  1. The Administrator processes personal data for the purpose of:
    1. Answering questions asked with the use of the ITAKA Chatbot software available in Messenger application (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”.
    2. Processing the inquiry, i.e. presentation of an offer for a tourist event (legal basis – Art. 6 sec. 1 letter b of the GDPR) – “taking action at the request of the data subject prior to the conclusion of the agreement”.
    3. Sending marketing information (e.g. newsletter), where consent is given to the use of data for this purpose (legal basis – Art. 6 sec. 1 letter a of the GDPR) – “consent”.
    4. Personalization of marketing content where consent is given to the use of data to obtain marketing information (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. In order to contact the Administrator, i.e. to use the ITAKA Chatbot software, the user of the Messenger application provides personal data, in particular their name and other data (in accordance with the rights specified by the user in the application settings). The provision of data is voluntary, but necessary to make contact and obtain answer to a question asked.
  3. The Administrator processes personal data of the user in order to process the inquiry. Provision of data is voluntary, but necessary to process the inquiry, i.e. to present an offer for a tourist event. The consequence of a failure to provide the required personal data is the lack of possibility to send an offer to the user.
  4. The Administrator processes personal data in order to send commercial information (to e-mail address) and for the purposes of direct marketing (using a phone number) on the basis of separate consents, in accordance with the provisions of the Telecommunications Law and the provisions of the Act on the provision of services by electronic means.
  5. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 39. above. Depending on the legal basis, this will be accordingly:
    1. time necessary to process the inquiry, i.e. prepare and present an offer and obtain a response from the customer, but not longer than 60 months from the date of sending the offer
    2. the time to object,
    3. the time until the withdrawal of consent.
  6. Subject to all data security guarantees, the Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators to the extent necessary for the implementation of services, on the basis of concluded agreements.
  7. The Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  8. In connection with the processing of personal data by the Administrator, the user is entitled to, respectively:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator in cases in which the basis for the processing is the consent given,
    6. the right to withdraw consent if the Administrator processes personal data of the customer based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  9. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.VI. NEWSLETTER

  1. The Administrator processes personal data for the purpose of:
    1. Providing marketing information to persons interested in the Administrator's offer by means of a newsletter (legal basis – Art. 6 sec. 1 letter a of the GDPR) – "consent".
    2. Personalization of marketing content where consent is given to the use of data to obtain marketing information (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”. The Administrator may process personal data in order to prepare and present a customized offer for a tourist event. Such data will also be processed in an automated manner, however decisions taken will not have any legal effect on the customer.
  2. The provision of data is voluntary, but necessary to receive marketing information. The consequence of a failure to provide the required personal data is the lack of possibility to send a newsletter to the user.
  3. A user using a newsletter may at any time and without giving any reason, resign from receiving it, in particular by clicking on the deactivation link contained in each e-mail sent to the user or by sending correspondence to the following address: info@itaka.pl.
  4. The Administrator has the right to process personal data until the withdrawal of consent by the user.
  5. The Administrator has the right to process personal data for the period necessary to achieve the purposes specified in point 39. above. Depending on the legal basis, this will be accordingly:
    1. the time until the withdrawal of consent,
    2. the time to object.
  6. The Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators to the extent necessary for the implementation of services and legal requirements, on the basis of concluded agreements.
  7. The Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  8. In connection with the processing of personal data by the Administrator, the user is entitled to:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator,
    6. the right to withdraw consent if the Administrator processes personal data of the user based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to object to the processing of data if the basis for the processing is the legitimate interest of the Administrator,
    8. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  9. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.VII. BLOG

  1. The Administrator processes personal data in order to enable the user to register and exchange information, including adding comments on the Administrator's blog, and to answer questions of the user (legal basis – Art. 6 set. 1 letter a of the GDPR) – “consent”.
  2. The provision of data is voluntary, but necessary to use the blog. The consequence of failure to provide the required personal data is the inability to register and exchange information, including adding comments on the Administrator's blog.
  3. The user may, at any time and without giving any reason, withdraw their consent to the processing of data, which will mean resignation from using the blog.
  4. The Administrator has the right to process personal data until the withdrawal of consent by the user.
  5. The Administrator may transfer the personal data of the user – apart from persons authorized by the data Administrator – to other entities, including:
    1. entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services,
    2. other administrators to the extent necessary for the implementation of services and legal requirements, on the basis of concluded agreements.
  6. The Administrator may transfer data to countries outside the European Economic Area (EEA) which do not provide an adequate level of protection. However, the Administrator shall ensure that the transfer is carried out in a secure, controlled manner and is secured by appropriate agreements with the recipients, meeting the conditions set out in Chapter V of the GDPR. The Administrator may also transfer personal data to countries outside the EEA for which the European Commission has established that they offer an adequate level of protection.
  7. In connection with the processing of personal data by the Administrator, the user is entitled to:
    1. the right to access personal data,
    2. the right to rectify personal data,
    3. the right to delete personal data (the right to be forgotten),
    4. the right to limit the processing of personal data,
    5. the right to transfer data to another administrator,
    6. the right to withdraw consent if the Administrator processes personal data of the user based on consent at any time and in any way, without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal,
    7. the right to lodge a complaint with the Director of the Office for Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych), if the user considers that the processing of personal data violates the provisions of the Regulation.
  8. In order to exercise the rights specified above, please contact the Administrator via e-mail: daneosobowe@itaka.pl.

XI.VIII. SOCIAL MEDIA

  1. The Administrator processes personal data of users visiting the Administrator's profiles in social media (e.g. Facebook, YouTube, Twitter, Google+). This data is only processed in connection with the Administrator's profile, including for the purpose of promoting the Administrator's own brand (legal basis – Art. 6 sec. 1 letter f of the GDPR) – “legitimate interest”.
  2. The scope of personal data processing, detailed objectives, as well as rights and obligations of the user of a social networking website result directly from the regulations of a given portal.

XI.IX. FINAL PROVISIONS

  1. The Administrator shall secure the personal data processed by them in accordance with generally applicable regulations concerning personal data protection and security of information.
  2. This Privacy Policy is for informational purposes only and applies only to the Website www.itaka.pl and mobile application. The Website and mobile application may contain links to other websites. The Administrator suggests that each user, after accessing other websites, should read the privacy policy applicable there.
  3. The Administrator reserves the right to introduce changes to the applicable Privacy Policy in case of technology development, changes in generally applicable legal regulations, including personal data protection and in case of the development of the Website.

XII. COOKIE POLICY

  1. The Administrator collects information obtained automatically – system log files (the so-called event logs), containing in particular public IP addresses and MAC identifiers of users visiting the Website www.itaka.pl and using services provided within the Website. System log files are used by the Administrator for statistical purposes. The overall summaries in the form of statistics do not contain any features identifying the users visiting the Website.
  2. The Administrator, pursuant to the provisions of Articles 173-174 of the Telecommunications Act of 16 July 2004, informs about the use of cookies, which are used to collect information concerning the use of the website www.itaka.pl (Website) by the users.
  3. The Website uses cookies – text files, stored in the end user's device, used for accessing the Website pages.
  4. The purpose of using cookies by the Website:
    1. creation of analyses, reports and statistics concerning the way the Website pages are used by the users,
    2. adjusting the content of the Website to users’ preferences and optimizing the use of the Website,
    3. presentation of advertisements, taking into account users' preferences
    4. maintenance of the Website user session (after logging in), thanks to which the User does not have to re-enter login and password on every subpage of the Website.
  5. Only anonymous statistical data on users is collected with the use of cookie technology. The information obtained thanks to cookies is not assigned to a specific person and do not allow them to be identified.
  6. When visiting the Website, at least one cookie file is sent to the end user's device in order to uniquely identify the browser. The information sent by the user's browser is automatically recorded by the Website.
  7. The Administrator may share data related to cookie files with external entities, including entities processing data on behalf of the Administrator, e.g. technical service providers and entities providing consulting services.
  8. Cookie files may also be placed and used by advertisers and partners cooperating with the Administrator.
  9. The Website may contain buttons, tools or content that directs to third party services, including but not limited to: social network plug-ins (Facebook, YouTube, Instagram), maps (Google Maps, OpenStreetMap), applications (e.g. AppStore, Google Play). The use of these applications may result in the transmission of information about users to indicated third parties.
  10. Cookie files, information stored by them and obtaining access to this information does not cause configuration changes in the terminal device or software installed on this device.
  11. The User may change the settings or disable cookies in their browser at any time, but this may cause the incorrect functioning of the Website.
  12. If the user does not change the default settings of the Internet browser in terms of cookies, these cookies will be placed on the end device and will be used in accordance with the rules set by the provider of the Internet browser.
  13. Information on managing cookie files in particular browsers – including in particular instructions on blocking the reception of cookies – can be found on websites dedicated to particular browsers:
    1. Chrome: https://support.google.com/chrome/answer/95647?hl=pl
    2. Firefox: https://support.mozilla.org/pl/kb/ciasteczka
    3. Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
    4. Microsoft Edge: https://support.microsoft.com/pl-pl/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy
    5. Opera: https://help.opera.com/pl/latest/web-preferences/#cookies
    6. Safari: https://support.apple.com/pl-pl/HT201265
  14. Users who, after reading the information available on the Website, do not want the cookie files to remain stored in the browser of the device, should remove them from their browser after their visit to the Website.
arrow-rightarrow-rightclockfacebooktwitter