Privacy Policy

§ 1 General Provisions

  1. The administrator of personal data is the company Usługi przewodnickie Michał Gajewski, based at os. Centrum B 1/42, with NIP number 5961621697. You can contact the administrator in writing at the above-mentioned address or via email at kontakt@krakow-tour.pl.
  2. This Privacy Policy is an integral part of the Terms and Conditions. By using our services, you entrust us with your information. This document serves solely to help you understand what information and data are collected, for what purpose, and how they are used. These data are very important to us, so we kindly ask you to read this document carefully, as it sets out the rules and methods for processing and protecting personal data. Additionally, this document defines the policies for the use of Cookies.
  3. We strictly adhere to the principles of personal data protection and all legal regulations provided by the Personal Data Protection Act as well as Regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016 on the protection of individuals concerning personal data processing and the free movement of such data, repealing Directive 95/46/EC (GDPR).
  4. Upon request, we provide comprehensive information on how we use personal data. We always strive to clearly inform about the data we collect, how we use it, what purposes it serves, and to whom it is transferred. We ensure appropriate data protection when transferring information to other entities and provide details on institutions that should be contacted in case of concerns.

§ 2 Privacy Policy

  1. We respect your privacy and strive to ensure a comfortable experience while using our services.
  2. We value the trust you place in us by sharing your personal data for service fulfillment. We always use personal data honestly and responsibly, ensuring it is processed only to the extent necessary for the provision of services.
  3. Your Rights as a User:
    You have the right to obtain clear and complete information regarding how your personal data is used and why it is necessary. We always transparently inform you about the data we collect, how it is processed, and with whom it may be shared.
  4. If you have any concerns regarding the use of your personal data, we will take immediate action to address and clarify them. We will provide detailed answers to any questions related to data protection. 
  5. We will undertake all reasonable measures to safeguard your data from unauthorized or improper use.
  6. Legal Basis for Processing Your Personal Data. Processing of personal data is based on Article 6 of the GDPR, including:
  • Consent given by the data subject for one or more specific purposes.
  • Processing necessary for the execution of a contract.
  • Compliance with a legal obligation imposed on the administrator.
  • Protection of vital interests of the data subject or another individual.
  • Performance of tasks carried out in the public interest or under official authority.
  • Pursuit of legitimate interests of the administrator or a third party.

   7. Personal data related to contracts is processed for the duration of the contract and up to 10 years after completion, as required by law (Civil Code and Accounting Act).
   8. Data for future contracts will be processed until an objection is raised.
   9. You have the right to:

  • Access your personal data, including obtaining a copy
  • Correct inaccurate data or complete missing information.
  • Request deletion of your data (right to be forgotten).
  • Restrict processing in specific cases under Article 18 GDPR.
  • Object to processing, as stated in Article 21 GDPR.
  • Transfer your data in a machine-readable format.

       10. If you believe your data is processed unlawfully, you may file a complaint with the Data Protection Authority. We comply with all data protection regulations and cooperate fully with relevant authorities and law enforcement agencies.
       11. For inquiries regarding data privacy or exercising your rights, please contact us by mail at the address provided.

§ 3 Scope and Purpose of Data Collection

  1. We process only necessary personal data for the provision of services and accounting purposes.
  2. We collect, process, and store the following user data: Full name Email address Phone number (mobile or landline) Information on the used web browser Other voluntarily provided personal data
  3. Providing these data is completely voluntary but necessary for full service execution.
  4. We may transfer personal data to servers outside your country or to third parties located in other countries, including those in the EEA (European Economic Area). These entities process personal data on our behalf, in accordance with this Privacy Policy and applicable laws and regulations.
  5. Access to your data may be provided to essential service providers, such as: Hosting companies responsible for maintaining the platform infrastructure. IT support and maintenance service providers ensuring system stability.

§ 4 Cookies

  1. We use Cookies or similar technologies, which refer to electronic data, primarily text files, stored on users’ end devices to enhance website usability. Cookies allow us to: Adapt our services and content to individual user needs. Generate general statistics on user interactions. Encrypt data for security and privacy protection.
  2. Types of Cookies Used:
  • Internal Cookies – stored directly by our system.
  • External Cookies – stored via third-party services integrated into our website.
  • Session Cookies – temporary files deleted after a session ends
  • Persistent Cookies – stored until manually removed.

Purpose of Cookies:

  • Necessary Cookies – ensure authentication-based services.
  • Security Cookies – detect fraud or unauthorized access.
  • Performance Cookies – analyze website usage trends.
  • Functional Cookies – store user preferences for interface customization.
  • Advertising Cookies – display personalized content based on interests.

   4. Managing Cookie Settings:Web browsers allow cookies by default, but users can: Disable cookies, Prevent automatic storage, Receive alerts when cookies are being saved. 

   5. Guides for adjusting cookie settings can be found for:
Chrome
Opera
FireFox
Edge
Safari
Internet Explorer

§ 5 Social Media Plugins

  1. Our website may include Social Media Plugins, such as Facebook or Twitter integrations.
  2. These plugins share information about visited pages and user interactions with third-party providers.
  3. If you are logged into your social media account while visiting our website, the provider can link your activity to your account, including preferences, likes, and searches.
    Tip: To prevent tracking, log out from your social media accounts before visiting our website.

§ 6 Rights and Obligations

  1. We have the right—and in certain cases, a legal obligation—to disclose specific personal data to public authorities or third parties who request such information under Polish law.
  2. User Rights:
  • Access to personal data Users have the right to request access to their personal data from the Administrator.
  • Correction of personal data Users can request immediate correction of inaccurate personal data or completion of missing information by contacting the Administrator.
  • Deletion of personal data (“Right to Be Forgotten”)Users may request the immediate deletion of their personal data. For user accounts, deletion means anonymization of identifying details. The Administrator reserves the right to delay deletion where necessary to protect legitimate interests, such as violations of the Terms of Service or data acquired through correspondence. For Newsletter subscriptions, users can delete their personal data themselves via the unsubscribe link included in every email.
  • Restriction of personal data processing Users may request restrictions on data processing in specific cases under Article 18 of the GDPR, such as disputing the accuracy of their data.
  • Data portability Users have the right to receive their personal data in a structured, commonly used, and machine-readable format upon request.
  • Objection to data processing Users may object to the processing of their personal data in cases outlined in Article 21 of the GDPR.
  • Right to file a complaint Users have the right to submit a complaint to the Data Protection Authority regarding the handling of personal data.