Privacy Policy

§ 1 GENERAL PROVISIONS

1. The privacy policy uses concepts introduced and explained in the U2Camp.com Service Regulations (hereinafter: Regulations), which in this document have the same meaning as in the indicated Regulations, available at www.u2camp.pl/terms-of-use, unless the privacy policy directly indicated a different meaning.

2. The privacy policy defines the rules for processing and protecting personal data provided to the Operator, hereinafter also referred to as the Data Administrator, by Service Providers who are natural persons, which are processed for purposes other than those provided for by applicable law. Whenever the privacy policy refers to Service Providers, this should be understood to mean only natural persons who have provided personal data in order to enable the provision of Services offered by the Service, as well as natural persons who have not registered in the Service, referred to in the Regulations as Users.

3. The privacy policy also defines the rules for processing and protecting personal data provided to the Data Administrator by Customers in connection with their use of the Service. Personal data of Service Providers and Customers are processed in accordance with generally applicable regulations.

4. Personal data of Service Providers and Customers are processed in accordance with the provisions of generally applicable law, in particular with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR) and national regulations enacted in implementation or in connection with the GDPR.

5. This privacy policy is informative and does not constitute a source of obligations for Service Providers and Customers.

§ 2 PERSONAL DATA

1. The data administrator processes personal data provided by Service Providers during Registration in the Service, in order to enable the use of the functionality of the Service provided by the Operator and to enable the use of Services offered through the Service. The data administrator processes the following data provided to him by Service Providers and Customers: name and surname, address, phone number, and email address, country (hereinafter: Personal data). In the case of entrepreneurs, the indicated scope of Personal Data is extended to the company name and its tax identification number (NIP).

2. The personal data administrator is the company U2Camp Sp. z o.o.

3. Service Providers and Customers may contact the Data Administrator via: email - [email protected]

4. The Data Administrator may entrust the processing of collected personal data of Service Providers and Customers to another entity based on a contract concluded with it for the processing of personal data (data recipient), with these entities being obliged to respect confidentiality and security, in particular not to disclose Personal Data to unauthorized persons, and to use organizational, technical, and physical security measures adequate to the way of processing this data. These entities are in particular providers of services supplying the Data Administrator with IT, technical and organizational solutions enabling the conduct of activities, including the website and services provided through it, as well as providers of legal, accounting, and advisory services providing the Data Administrator with support in these areas.

5. In the event of a Reservation of a Service offered in the Service by a Customer, the Data Administrator will provide the parties to the concluded service agreement with mutual Personal Data in order to enable its proper performance, as well as to issue a sales document in accordance with the applicable regulations.

6. In order to ensure high quality of the service provided and its usefulness as well as the optimization of the Service, the Data Administrator may use external analytical tools based on the automated collection of some data about Service Providers and Customers, including using tools like Google Analytics and Hotjar.com. On the websites of these tools, regulations, privacy policies and other internal documents are available, which Service Providers and Customers can familiarize themselves with and whose content they accept, accepting the Privacy Policy.

7. Service Providers and Customers can submit a request to the Data Administrator to remove some of the external tools, however, this request is not binding on the Data Administrator, and the Service Providers and Customers will be notified of the final decision by email.

§ 3 PROCESSING

1. The Data Administrator processes the personal data of Service Providers and Customers solely for the purpose of enabling the use of the functionalities of the Service provided by the Operator and for enabling the use of Services offered through the Service.

2. Providing personal data is voluntary, but necessary to grant Service Providers and Customers access to the functionalities of the Service and the Services offered by the Service Providers through the Service.

3. The processing of personal data is necessary, among others, for:

• the performance of a contract to which the person to whom the data relates is a party, or to take action at the request of the person to whom the data relates, before concluding a contract - Art. 6 para. 1 letter b) of the GDPR,
• fulfilling accounting obligations by the Data Administrator in the case of providing paid services to the Service Providers - Art. 6 para. 1 letter c) of the GDPR,
• responding to questions asked via the contact form available in the Service that allows contacting the Data Administrator - Art. 6 para. 1 letter a) of the GDPR; Personal data may be processed until the issue presented by the Service Provider or Customer is resolved or until his consent to the processing of personal data is withdrawn; in some cases, depending on the content of the message sent via the contact form, personal data may be archived based on the legitimate interest of the Data Administrator, in order to demonstrate the course of the conversation in the future (e.g., in case of claims of the Service Provider) - Art. 6 para. 1 letter f) of the GDPR,

4. In case of giving additional and voluntary consent by the Service Providers and Customers, their personal data may be processed for marketing purposes related to the services offered by the Data Administrator. If consent is given, personal data will be processed for marketing purposes until it is withdrawn, which can occur at any time, in the manner indicated in § 3 para. 6. While processing personal data for marketing purposes, the Data Administrator respects all control rights of the Service Providers and Customers, which can be exercised in the manner and on the terms indicated in § 4 para. 1-5.

5. In case of giving additional and voluntary consent by the Service Providers and Customers, their personal data can be used to transfer commercial information about the services offered by the Data Administrator, using electronic means of communication within the meaning of the Act of July 18, 2002 on the provision of services by electronic means, in the form of text messages (SMS) and via e-mail, about the services offered by the Operator. If consent is given, commercial information will be transferred via electronic means of communication until it is withdrawn, which can occur at any time, in the manner indicated in § 3 para. 8. While using personal data to transfer commercial information in the above manner, the Data Administrator respects all control rights of the Service Providers and Customers, which can be exercised in the manner and on the terms indicated in § 4 para. 1-5.

6. The consents given by the Service Providers and Customers, referred to in § 3 para. 4 and 5, can be withdrawn by them at any time, without affecting the legality of the processing, by sending an appropriate request via e-mail to the email address [email protected].

7. In case of providing personal data solely to gain access to selected functionalities provided by the Data Administrator in the Service or offered by the Service Providers through the Service, personal data will be processed for the time necessary for the proper implementation of these functionalities and Services, unless the Service Provider and/or Customer consent to the processing of the personal data provided by them also after the termination of the provision of these functionalities and Services. In such a case, personal data will be processed until the consent to the processing of personal data is withdrawn, in the manner indicated in § 3 para. 6.

8. If consent is given to transfer commercial information via electronic means of communication, as mentioned in § 3 para. 5, it can be withdrawn at any time by sending an appropriate request via e-mail to the email address [email protected].

§ 4 RIGHTS OF THE SERVICE PROVIDERS AND CUSTOMERS

1. Service Providers and Customers have the right to access their personal data, to rectify them, to erase them, to restrict their processing, and to transfer them.

2. If the Service Provider or Customer has given consent to the processing of personal data, they can withdraw it at any time. The withdrawal of consent does not affect the legality of the processing carried out before its withdrawal.

3. The Service Provider or Customer has the right to object to the processing of their personal data. The Data Administrator no longer processes the personal data unless he demonstrates compelling legitimate grounds for the processing that override the interests, rights and freedoms of the Service Provider or Customer, or grounds for establishing, asserting or defending claims.

4.The Service Provider or Customer has the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection, if they consider that the processing of their personal data violates the provisions of the GDPR.

5. Requests, statements and complaints regarding personal data processing can be directed to the Data Administrator via e-mail to the address [email protected].

§ 5 SECURITY

1. The Data Administrator applies appropriate organizational, technical, and physical safeguards aimed at protecting Personal Data from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.

2. The Data Administrator ensures that access to Personal Data is granted only to those authorized by him, and only to the extent necessary for the tasks they perform.

§ 6 FINAL PROVISIONS

1. The Service may contain links to other websites. The Data Administrator encourages after going to other websites, to read the privacy policy set there. This privacy policy applies only to this Service.

2. The Data Administrator uses technical and organizational measures ensuring the protection of the processed personal data appropriate to the risks and categories of data protected, and in particular, protects data against unauthorized access, being taken over by an unauthorized person, processing in violation of applicable laws, and change, loss, damage or destruction.

3. The Data Administrator reserves the right to change the privacy policy if it is required by applicable law, technological conditions or the manner and scope of the Services change. The Data Administrator will inform the Service Providers and Customers about any changes in a way accessible to them, in particular by posting a new privacy policy on the Service's website.

4. The policy is in effect from the day of June 1st 2023.

Questions?

Contact Us