PRIVACY POLICY OF THE VCENTRUM WEBSITE
1. Data Controller
The controller of users’ personal data is:
VCentrum Grupa Spółka Akcyjna,
with its registered office at ul. Jana Pawła Woronicza 19, 02-625 Warsaw, Poland.
KRS: 0000921177, NIP: 5211010943, REGON: 010727065.
2. Contact Details
Postal address: ul. Jana Pawła Woronicza 19, 02-625 Warsaw, Poland
3. Categories of Data Processed
The Controller may process the following data:
- identification data (first name, last name),
- contact data (e-mail address, phone number),
- data voluntarily provided in the content of an inquiry,
- technical data (IP address, browser type, operating system – recorded in server logs),
- data collected through cookies (in accordance with the Cookie Policy).
4. Purposes and Legal Bases of Processing
Personal data are processed for the following purposes:
- handling bookings and inquiries – Article 6(1)(b) GDPR,
- contacting the User – Article 6(1)(f) GDPR,
- fulfilling the Controller’s legal obligations – Article 6(1)(c) GDPR,
- statistics and website security – Article 6(1)(f) GDPR.
5. Data Retention Period
Personal data will be processed:
- for the time necessary to handle the booking or inquiry,
- until consent is withdrawn (if consent was the legal basis for processing),
- for the period required by law or until the limitation of claims.
6. Users’ Rights
The User has the right to:
- access their data,
- rectify or complete their data,
- delete their data,
- restrict processing,
- data portability,
- object to processing,
- lodge a complaint with the President of the Personal Data Protection Office (UODO).
7. Data Recipients
Data may be shared with:
- entities providing website services (hosting, IT),
- entities providing legal and accounting services (if required),
- public authorities if required by law,
- other entities legally affiliated with VCentrum Grupa Spółka Akcyjna.
8. Data Transfer Outside the EEA
If tools such as Google Analytics are used on the website, data may be transferred to countries outside the European Economic Area.
The Controller ensures that, in such cases, appropriate legal mechanisms are applied (e.g., EU Standard Contractual Clauses).
9. Data Security
The Controller applies technical and organizational measures to protect personal data against unauthorized access, loss, or damage.
10. Cookies
The rules for using cookies are described in a separate Cookie Policy available on the Website.
11. Final Provisions
This Privacy Policy is effective as of:
The Controller reserves the right to amend this Privacy Policy.
The amended Policy will be published on the Website with the date of its entry into force.
