Privacy Policy


Please be informed that protection of our clients’ personal data is an important element of our activity. We guarantee security of your data processed by us. Please find below information on the manner of use of your personal data, aimed at providing our clients with better and more effective benefits from our website.

What does the Privacy Policy relate to?

The Controller of clients’ personal data is Netstel Software M.Matusiak sp. j. with its registered office in Kraków, ul. Prądnicka 41/2, 31-202 Kraków.

We would like to encourage you to become familiar with this Privacy Policy, describing the types and purposes of gathering personal data, providing information on when and how we may share your personal data with other organisations and how we gain access to and update your personal data.

Gathered personal data

The following data may be obtained at the time of registration on the website and use of its functionalities:

  • data of logging into the account, such as e-mail address and password,
  • personal data, data, including first name and surname, address, e-mail address, phone number, date of birth.

The following information may be gathered at the time of viewing the website or use of available mobile applications:

  • activity on the website, webpages and mobile applications,
  • clicking one of the displayed advertisements, including advertisements presented on webpages of other organisations,
  • manner of gaining access to our digital services, including the operating system, IP address, on-line identifiers and browser data,
  • social preferences, interests and activities,
  • personal data provided for the purpose of contact by e-mail, post and phone or social media, such as first name and surname, user name and contact data,
  • details of e-mails and other types of digital communications, sent by us and opened by you, including any links contained in them, clicked by you,
  • your opinions and participation in client surveys and questionnaires.

Other sources of personal data

  • We may use personal data obtained from other sources, for example from specialised companies providing information, business partners and public registers.
  • When logging into our on-line platforms and services with the use of authentication data of a social network, for example Facebook, Google+, you consent to share with us your user data. Such data include for example: first name and surname, e-mail address, date and place of birth and any information provided to us.
  • We may use the images recorded by the CCTV, IP addresses and information on your browser, obtained within or in the direct vicinity of our offices, premises and other buildings.

Use of personal data

We use your personal data in various manners as described below.

Delivery and performance of the ordered products and services

Processing of your personal data is necessary for the purpose of administering your account or reservations, provision of access to products and services you wish to purchase, giving support with respect to any services and refund of costs, if any.

Management and improvement of our products, services and everyday activity

We use your personal data for the purpose of management, improvement of our products, webpages, mobile applications, loyalty schemes or award schemes directed to our clients, as well as other services.

We monitor the manner of using our services for the purpose of protection of your personal data, detection and prevention of frauds and other criminal offences as well as abuse of our services. It allows us to guarantee secure use of our services.

We may use your personal data for the purpose of responding to and management of security incidents, accidents or similar events, including for medical and insurance purposes.

We may use your personal data for the purpose of carrying out market research, internal research and development activity, and development and improvement of the range of our products, services, offices, IT systems, security systems, know-how and methods of communication with clients.

Images from the CCTV are used for assurance of security to all employees and clients of our agencies, offices and other buildings, and prevention, detection and investigation of criminal offences. We may also use such images for the purpose of establishment, exercise or defence of our rights.

Personalisation of the client’s experience

Our objective is to assure that marketing messages related to our products and services as well as communications from our suppliers, business partners, including on-line advertisements, are adapted to your interests.

For this purpose we may use your personal data in order to find out more about your interests, which will allow us to define other products, services and information which may arouse your interest. It allows to adapt our messages so that they are the most suitable and interesting for you.

Tracing your conduct on the Internet and your purchasing is what allows us to better understand you as a client, which in turn allows us to provide you with customised offers and services.

We may also measure the level of response to marketing communications related to the products and services offered by us, which allows us to offer products and services that best meet your needs as a client.

If you do not wish to receive from us personalised services, you may change your preferences at any time by contacting us by e-mail to [email protected] or by post.

Establishing an interaction with the client

In order to guarantee better client service, in the event of contacting us, for example by e-mail, post, phone or social media, we may use your personal data for the purpose of making clarifications or providing you with support.

Processing of your personal data is necessary for management of any promotions and competitions in which you wish to participate, including the ones held in cooperation with our suppliers and business partners.

We may invite you to take part in client surveys, questionnaires and other market research conducted by us and other organisations on our behalf.

In order to help us to get to know you better as a client, and to be able to offer service and marketing communications (including on-line advertisements adapted to your interests), we may combine personal data gathered at the time of purchasing in offices with personal data gathered on our webpages, mobile applications and personal data obtained from other sources.

Marketing communications

We may send to you relevant offers and information on our products and services with the use of many methods, including by e-mail. We may also send to you information on products and services of other companies, if, in our opinion, they may interest you. The above will be done only upon your prior free consent to receiving such marketing information.

At the time of making a reservation or registration you will be asked whether you wish to receive marketing information and to choose the method of contacting you. You may change your marketing preferences at any time by contacting us by e-mail to [email protected] or by post, or using the link “resign” contained in our marketing messages. The choice is yours, but if you do not wish to receive any marketing information from us, it will prevent you from using the offers or promotions that might be interesting for you.

You may also receive information connected with the purchased services. For example, confirmation of the reservations and provision of important information on the use of the products or services purchased form us.

Market research

We would like to ask your opinion, which will allow us to improve our products and services, so we may contact you in the event of conducting market research. You may always decide whether or not you wish to participate, or continue your participation, in the market research carried out by us.

Sharing your personal data with suppliers and business partners

We also cooperate with carefully selected suppliers, performing certain functions on our behalf. They include, for example, companies providing services in the scope of IT support, storage and combination of data, marketing, market research, payment processing and supply of products and services.

There may arise a necessity to share your personal data for the purpose of establishment, defence or exercise of our rights, including sharing your personal data with third parties for the purpose of prevention of abuses and reduction of the credit risk.

At the time of providing your personal data to other organisations we may require them to maintain your personal data in a secure place and prohibit the use of your personal data for their own marketing purposes.

We only provide the minimum scope of personal data, allowing our suppliers and business partners to provide services to you and to us.

Trusted Partners list

The Trusted Partners list is available below. In order to find out more, contact us.

Sharing data with regulatory bodies

We may share the minimum scope of personal data with public authorities, if we are required to do so under legal provisions in force or if it is permitted by law.

Sharing your personal data

We may share your personal data with organisations to which we sell or assign (or with which we conduct negotiations on sale or assignment of) the website or webpage. If the assignment or sale is effected, the organisation that receives personal data may use them in compliance with this Privacy Policy.

Personal data protection

We guarantee appropriate security measures for the purpose of protection of your personal data from accidental loss and unauthorised access, use, alteration and disclosure.

Security of your data also depends on you. For example, in the event of receiving from us, or selecting, the access password to some services, you are responsible for keeping the password secret.

The personal data obtained from you may be transferred to and stored beyond the European Economic Area (the “EEA”). They may also be processed by organisations operating beyond the EEA, working for us or one of our suppliers. We have introduced appropriate security measures in order to guarantee proper protection of personal data and their treatment in compliance with this Privacy Policy. The afore-mentioned security measures include, but are not limited to, relevant contractual clauses, such as the standard contractual clauses approved by the European Commission and other appropriate security measures.

Data archiving

Your personal data will only be stored as long as it is necessary for the purposes defined in this Privacy Policy and/or for the purpose of meeting legal and regulatory requirements. After the expiry of the afore-mentioned period your personal data will be erased. If, following the expiry of the afore-mentioned period, your personal data are needed for legal analytical purposes or for any other purposes, we will take relevant steps aimed at their anonymisation.

Information on cookies and similar technologies

Cookies are small data files thanks to which websites gather and store a wide range of data from PCs, laptops or mobile devices. Cookies allow us to make available important properties and functionalities on pour webpages and in our mobile applications and are used by us for the purpose of improvement of the quality of client service.

Links to other webpages

Our webpages and mobile applications may contain links to webpages maintained by other organisations, which defined their own principles of privacy protection. Before you provide any of your personal data on a website of any other organisation, become familiar with the terms of and information on privacy protection, since we bear no liability for operation of such third-party webpages.

Functions of social media

Our webpages and mobile applications may contain functions of social media, such as Facebook, Twitter, Google+ and Pinterest, which defined their own principles of privacy protection.

Before you provide any of your personal data on a website of any other organisation, become familiar with the terms of and information on privacy protection, since we bear no liability for such functions.

Gaining access to and updating personal data; complaints

You have the right to request a copy of your personal data being in our possession. By contacting us by e-mail to [email protected] or by post you may ask us to create a copy of other personal data related to you, being at our disposal.

For this purpose you should provide all information allowing us to identify and locate your personal data. Access to your personal data will be provided free of charge, insofar as possible, except for the request for further copies of data, in which event we may collect a reasonable charge for the administrative costs incurred by us.

We want to make sure your personal data being in our possession are accurate and up-to-date. If any of the information being in our possession is incorrect, please notify us.

You may also request that your personal data be rectified or erased, object to the processing of your personal data and, to the extent technically feasible, request that the personal data provided to us be transferred to any other organisation.

We will update or erase your personal data, unless we are obliged to retain your personal data for the purpose of conducting economic activity or compliance with law.

You may contact us if you have any reservations related to the manner of gathering, storage or use of your personal data. We make every effort to consider any complaints in a final manner, but if you are dissatisfied with our response, you may file a complaint with a local supervisory authority dealing with personal data protection.

Please note that prior to taking any actions in response to your request or complaint we may require verification of your identity. We may also require that further information be provided, in order to make sure you are duly authorised to file a request or complaint on behalf of any third party.

Legal basis for the processing of personal data

Your personal data will be gathered and used by us provided that at least one of the following conditions is met:

  • if you have given consent;
  • if it is necessary for conclusion of an agreement with us or taking desirable actions prior to conclusion of the agreement;
  • if it is necessary for the purpose of fulfilment of a legal obligation;
  • if it is necessary for the purpose of protection of your or third parties’ legitimate interests;
  • if it is in the public interest or we have a relevant authorisation; or
  • if it is in our or third parties’ legitimate interest, but it does not result in withdrawal of your interests or rights.

For example: For the purpose of personalisation of the client’s experience

We may use your personal data in order to find out more about your interests, which will allow us to define other products, services and information which may interest you. It allows to adapt our messages so that they are the most suitable and interesting for you.

Amendments

This Privacy Policy replaces all previous versions. The content of the Privacy Policy may be amended by us at any time, so you should check our webpage on a regular basis as regards any updates. If amendments are significant, we will present a clear notice on our webpage, including, if we consider it appropriate, electronic notification of any amendment to the Privacy Policy.

Key expressions

Controller: The Controller defines the purpose and method of use of personal data.

European Economic Area (EEA): Member States of the EU, Norway, Iceland and Lichtenstein.

On-line advertisements: Advertising messages that may be viewed on the Internet.

Specific categorises of personal data: Categorises of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

Caricom API Data: Any or all CARICOM member states have concluded agreements with the USA, pursuant to which personal data required and established for CARICOM member states for the purpose of security of borders are provided in advance to the US Department of Homeland Security for the purpose of processing on behalf of such CARICOM member states. More information is available on Caricom webpage.

Secure Flight Data: The US Transportation Security Administration (TSA) requires that first name and surname, date of birth and gender be provided for the purpose of control of the observation list. You may also provide your Redress Number, if any. Non-provision of data may result in refusal to carry or board. The TSA may share the provided information to law enforcement agencies or intelligence agencies or any other authorities as part of the public system of exchange of information. More information is available on the webpage of the TSA