Privacy Policy

1. This privacy policy concerns the principles of processing personal data processed within the use of the set of websites located under the domain kontrabeach.com (“service”).
2. The administrators of customers’ personal data is Stowarzyszenie Kontra, 00-724 Warsaw, ul. Chełmska 9/40. In the case of individuals who have consented to the processing of their personal data for marketing purposes, the administrators of the data is Stowarzyszenie Kontra (hereinafter “we” or “us”).
3. The administrator reserves the right to change this Privacy Policy at any time, particularly due to changes in the functionality of the Service or changes in applicable legal regulations.

1. When purchasing our products, we may collect the following information:
• Your personal data, including name, address, email address, telephone number, and date of birth.
• Passenger information, passport data, other identity document data.
• Insurance data.
• Significant medical data and any special data, dietary requirements, religion, or disabilities.
• Information about purchases, including made purchases, time and place of purchase, payment method, credits, or other payment information.
• Information about activity within our websites and mobile applications.
• Information about clicking on one of our advertisements, including those presented on other organizations’ websites.
• Information about accessing our digital services, including operating system, IP address, internet identifiers, and browser data.
• Social preferences, interests, and activities.

2. When you contact us or we contact you, or if you participate in promotions, contests, surveys, and questionnaires about our services, we may collect:
• Personal data provided for contact purposes via email, traditional mail, and telephone or social media, such as name, username, and contact details.
• Details of emails and other digital communications sent and opened by you, including any links contained therein.
• Your opinions and participation in customer surveys and questionnaires.

3. Collection of personal data of other individuals.
• We use personal data of other individuals provided to us during reservations.
• When providing personal data of other individuals, ensure they consent to it and you are authorized to provide it. Also, ensure that these individuals are aware of how we use their personal data if necessary.

1. Processing personal data is necessary for managing your account or reservations, providing access to products and services you wish to purchase, and providing support regarding any services and potential refunds.
2. We use personal data to manage and improve our products, websites, mobile applications, loyalty programs or customer rewards, and other services.
3. Personal data may be used to respond to and manage security-related interventions, accidents, or similar events, including for medical and insurance purposes.
4. Personal data may be used for market research and internal research and development activities, as well as developing and improving our range of products, services, offices, IT systems, security, know-how, and methods of communication with customers.
5. During marketing communication, we may use personal data to better understand your interests, allowing us to determine other products, services, and information you may be most interested in. This enables us to tailor our messages to become more relevant and interesting to you.

1. Access to your personal data may be granted to: • Suppliers responsible for travel preparations, including airlines, hotels, and transportation companies. • Providers performing specific functions on our behalf. These may include companies assisting us in IT services, data storage and merging, marketing, market research, payment processing, and providing products and services.
2. When we transfer personal data to other organizations, we may require them to keep it in a secure place and prohibit its use for their own marketing purposes.
3. To undertake travel, disclosure and processing of your personal data may be required (in accordance with the requirements of government authorities at departure/arrival and/or destination) for immigration purposes, border control, ensuring security, counter-terrorism, or any other purposes deemed appropriate by such authorities.

Each User has the right to:
• access their data and receive a copy, rectify (correct) their data,
• delete data, if permissible under the GDPR,
• restrict data processing, to the extent permitted by the GDPR,
• object to processing of data processed for the purposes of legitimate interests pursued by the Administrator or a third party, including direct marketing, and also when processing is necessary for the Administrator to perform a task carried out in the public interest or in the exercise of official authority vested in the Administrator,
• data portability under the conditions specified in the GDPR,
• lodge a complaint with the supervisory authority – if the User believes that the Administrator processes their data unlawfully, they may lodge a complaint with the President of the Office for Personal Data Protection,
• withdraw consent to the processing of personal data – at any time, the User has the right to withdraw consent to the processing of personal data processed on the basis of their consent; withdrawal of consent shall not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

Personal data will be stored for the period necessary to achieve the purposes for which they were collected, namely:
• in the case of contract execution and reservations for the time in accordance with legal regulations (until the expiration of the statute of limitations and the expiration of periods determined by legal regulations for the storage of accounting documents),
• in the case of data processed on the basis of User consent – until consent is withdrawn, provided that if the User withdraws consent or deletes data in the Service, the Administrator may continue to process the data necessary to perform previously concluded contracts,
• in cases where personal data are processed to pursue legitimate interests of the Administrator or a third party as mentioned in this Privacy Policy, for the period until the pursuit of these interests or objection to such processing, unless a situation arises in which the GDPR allows further processing of data,
• to the extent necessary to fulfill a legal obligation incumbent on the Administrator for the period and scope required by legal regulations, and thereafter for the period resulting from legal regulations or to pursue legitimate interests of the Administrator, including securing and pursuing potential claims.

1. The Service may use cookies, including information technology data, in particular text files, which are stored on the User’s end device. Cookies may be used by both the Administrator and third parties who may be separate administrators in this regard.
2. Two main types of cookies are generally used in the Service, namely “session” cookies, which are temporary files stored on the User’s end device until logging out, leaving the Service, or turning off the software (appropriate internet browser), and “persistent” cookies – files stored on the User’s end device for a period specified in cookie parameters or until they are deleted by the User.
3. The following types of cookies may be used in the Service:
• “necessary” cookies enabling the use of services available within the Service, e.g., authentication cookies used for services requiring authentication within the Service;
• cookies for security purposes, e.g., used to detect abuses in the field of authentication within the Service;
• “functional” cookies, allowing the User’s selected settings to be “remembered” and the User interface to be personalized, e.g., in terms of the selected language or region from which the User comes, font size, appearance of the website, etc.;
• “advertising” cookies, allowing the delivery of advertising content more tailored to the User’s interests;
• “performance” cookies, allowing the collection of information about how users use the Service’s websites.
4. Users can change their cookie settings at any time by changing the settings of their internet browser. These settings can be changed, in particular, to block the automatic handling of cookies or to inform about their placement on the User’s device each time. Detailed information on the possibilities and ways of handling cookies is available in the software settings (internet browser).