In accordance with the requirements of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR”), as well as other generally applicable legal provisions on the protection of personal data, we undertake to maintain the security and confidentiality of the personal data obtained.
The administrator of personal data is Przewozy Pasażerskie Statek “CYRANKA” Firma Handlowo – Usługowa Krzysztof Rojewski with the seat at ul. 3 Maja in Ostróda, NIP: 741-101-54-26.
In all matters concerning the processing of personal data and exercising rights connected with such processing, one can contact the following e-mail address: email@example.com.
When processing Users’ personal data, we apply the principles of:
On our website www.rejsypotrawie.pl via the “Contact Us” form and the “Booking a Cruise” form, we collect the following personal data from Users:
Providing the above data is voluntary, however, it is necessary in order to establish communication.
If the data are not provided, it will not be possible to contact the customer and the service will not be provided.
If the User does not agree with personalization of the service, he/she should disable cookies in the options of the Internet browser.
The User’s personal data, as part of our services, shall be processed only if we have the consent of the data subject (legal basis of processing) and only for the purpose of communication with that person.
Personal data obtained by Przewozy Pasażerskie Statek Cyranka F.H.U. Krzysztof Rojewski shall be processed for the purpose and to the extent necessary to place an enquiry and to book a cruise through the forms on the website www.rejsypotrawie.pl and for the purpose of return contact consisting in the provision of information, e.g. about the offer to the e-mail address indicated in the form, answers to questions asked via the form, etc. as well as the processing of data contained in cookies when visitors use the website.
The data shall be processed until there is a basis for such processing:
in the case of granting consent until its withdrawal, limitation or other actions on your part limiting this consent.
We do not disclose the personal data obtained from the Customer to third parties, with the exception of entities cooperating with us, e.g. hosting companies, companies providing accounting services, etc. In such cases, the amount of data provided to cooperating companies is limited to the required minimum.
Our Customers’ personal data may be disclosed to competent public authorities if required by applicable law.
The personal data we have received from our Clients shall not be transferred outside the European Economic Area.
Customers have the following rights in relation to our processing of their personal data:
If the Customer’s data are processed on the basis of consent or as part of the service provided (the data are necessary for the purpose of providing the service), the Customer may exercise the right to personal data portability. They may be sent to another data controller.
In order to exercise the above rights, please contact the controller at the given email address: firstname.lastname@example.org.
Cookies are small information in the form of text files sent by a server and stored on the website visitor’s side (e.g. on the hard drive of a computer, laptop or smartphone memory card – depending on the device used by the visitor to our website). The Administrator may process data contained in cookies when visitors use the website for the following purposes:
Detailed information on how to change the settings for cookies and how to delete them on your own in the most popular web browsers is available in the help section of your web browser.
The Administrator has implemented an appropriate level of security of personal data processing in the IT system.
The Administrator shall apply technical and organisational measures to ensure protection of the processed personal data, appropriate to the threats and the category of data covered by the protection, and in particular to protect the data against their disclosure to unauthorised persons, against their appropriation by an unauthorised person, against their processing in violation of the applicable regulations, and against their alteration, loss, damage or destruction.