PL / EN

Booking: + 48 667 997 103

  • Home
  • Apartments
  • Perła Brewery
  • EXPLORE LUBLIN
  • Contact
  1. Definitions
    1. Controller – Perła – Browary Lubelskie S.A., with its registered office in Lublin, ul. Bernardyńska 15, 20-950.
    2. Personal Data – information about a natural person identified or identifiable by one or more factors referring to physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, online identifier and information collected through cookies, and other similar technology.
    3. Policy – this Privacy Policy.
    4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
    5. Website – the website run by the Controller on the following address: http://apartamentybrowarperla.pl/.
    6. User – any natural person visiting the Website or using one or several services or functionalities described in the Policy.
  2. Data processing in connection with using the Website
    1. In connection with using the Website, the Controller collects Users’ data to the extent necessary for providing the individual services offered, as well as information on the User’s activity on the Website. The detailed principles and purposes of the processing of Personal Data collected in connection with using the Website are described below.
  3. Purposes and bases of data processing on the Website
      USE OF THE WEBSITE
    1. Personal Data of all persons using the Website (including data on attaining one’s maturity, their IP addresses or other identifiers and information collected by means of cookies and similar technologies), who are not registered users (i.e., persons who do not have an account on the Website) is processed by the Controller:
      1. for the purpose of providing electronic services in the scope of making the content collected on the Website available to Users – the legal basis for such processing is the fact that the processing is indispensable for the performance contractual provisions (Article 6.1.b of GDPR);
      2. for analytical and statistical purposes – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR) consisting of conducting analyses of Users’ activities, as well as their preferences in order to improve the functionalities used and the services provided;
      3. for the purpose of establishing and investigating claims or defending against them – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR), consisting of the protection of the User’s rights.
    2. The User’s activity on the Website, including his/her Personal Data, is recorded in system logs (special software used to store a chronological record containing information about the events and activities that concern the IT system used by the Controller to provide services). The information collected in the logs is processed primarily for purposes related to the provision of services. The Controller shall also process data for technical and administrative purposes, for the purpose of ensuring security and managing the IT system, as well as for analytical and statistical purposes – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR).
      3. BOOKING VIA THELEPHONE
    3. The Controller provides a possibility to book the apartments it offers via telephone. Personal Data provided when contacting the Controller via telephone is processed by the Administrator:
      1. for booking purposes – the legal basis for such processing is the fact that the processing is indispensable for the performance of contractual provisions (Article 6.1.b of GDPR); in the scope of data provided optionally, the legal basis for such processing is the consent granted by the User (Article 6.1.a of GDPR);
      2. for the purpose of investigating claims or defending against them – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR) to enable the Controller to determine and investigate claims, or to defend against them.
    4. When contacting the Controller via telephone on matters unrelated to the services provided, the Controller may demand the provision of Personal Data only if it proves indispensable to handle the matter to which the contact refers. The legal basis in this case is the Controller’s legitimate interest (Article 6.1.f of GDPR) connected with the need to resolve the reported matter related to its business activity.
      5. NEWSLETTER
    5. The Controller provides a newsletter service on the principles laid down in the rules and regulations, to persons who have provided their e-mail address for that purpose. The provision of data is required for the newsletter service to be rendered and failure to do so will result in no newsletter being sent. This form of communication with the User may include profiling.
    6. Personal Data is processed:
      1. for the purpose of providing newsletter service – the legal basis for such processing is the fact that the processing is indispensable for the performance contractual provisions (Article 6.1.b of GDPR);
      2. in connection with sending marketing content to the User via a newsletter – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR) under the consent to receive the newsletter;
      3. for analytical and statistical purposes – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR) consisting of conducting analyses of Users’ activities on the Website in order to improve the functionalities used;
      4. for the purpose of establishing and investigating claims or defending against them – the legal basis for such processing is the Controller’s legitimate interest (Article 6.1.f of GDPR), consisting of the protection of the User’s rights.
  4. Social networking sites
    1. The Controller processes Personal Data of Users visiting the Controller’s profiles on social media (Facebook, Instagram). This data is processed in connection with running the profile, also for the purpose of informing Users about the Controller’s activities and promoting various events, services and products. The legal basis for the Controller’s processing of Personal Data for this purpose is its legitimate interest (Article 6.1.f of GDPR), connected with promoting its own brand.
  5. COOKIES AND SIMILAR TECHNOLOGIES
    1. Cookies are small text files installed on the User’s device when browsing the Website. Cookies collect information making it easier to use the Website, e.g., by remembering the User’s visits to the Website and the actions performed.

      2. SERVICE COOKIES

    2. The Controller uses so-called “service” cookies primarily to render the services provided electronically to the User. Cookies used for this purpose include:
      1. cookies with data entered by the User (session ID) for the duration of the session (user input cookies).

      3. ANALYTICS COOKIES

    3. The Controller uses analytics cookies to improve the quality of services on the Website. In this regard, the Controller and other entities providing analytical and statistical services to the Controller use cookies to store information or access information already stored on the User’s telecommunications terminal equipment (computer, phone, tablet, etc.). Cookies used for this purpose include:
      1. Google Analytics cookies used to analyse the use of the Website and to develop statistics and reports on the functioning of the Website;
  6. Analytical tools used by the Controller and its Partners
    1. The Controller and its Partners use various solutions and tools for analytical purposes. Basic information about these tools is provided below. For further details, please refer to the privacy policy of individual partners.

      2. Google Analytics

    2. Google Analytics cookies are used by Google to analyse the use of the Website by the User, and to develop statistics and reports on the functioning of the Website. Google does not use the collected data to identify the User, nor does it align this information to make such identification possible. Detailed information on the scope and principles of data collection in connection with this service can be found on: https://www.google.com/intl/pl/policies/privacy/partners.
  7. MANAGEMENT OF COOKIE SETTINGS
    1. Service cookies, which are necessary for the use of the web page, are automatically installed on the User’s device. Their use is necessary for the provision of the telecommunications service (data transmission for the display of content) – the User does not have the possibility to opt out of these cookies if he/she wishes to use the Website.
    2. Analytics cookies are not automatically installed by the Controller. The User may grant a permission to the Controller to install analytics cookies by giving his/her consent when entering the Website or by using this link.
    3. The User can consent to the installation of analytics cookies by clicking on the “Accept” button on the banner that appears when entering the web page. The Controller will then be entitled to install analytics cookies according to the settings of the browser used by the User (in the case of default settings, all cookies are installed).
    4. The User can consent to the installation of only selected analytical cookies. To this end, it is sufficient to click on the “Manage cookies” button on the banner that appears when entering the web page and select the cookies to the installation of which the User wishes to consent.
    5. The User can withdraw the consent given at any time. To do so, the User should click on the cookie icon in the corner.
    6. It is also possible to withdraw the consent to the use of cookies via browser settings. Detailed information can be found under the following links:
      1. Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorerdelete-manage-cookies
      2. Mozilla Firefox: http://support.mozilla.org/pl/kb/ciasteczka
      3. Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647
      4. Opera: http://help.opera.com/Windows/12.10/pl/cookies.html
      5. Safari: https://support.apple.com/kb/PH5042?locale=en-GB
    7. If the consent for a given type and provider of cookies has not been given or has been withdrawn (in the case of not accepting the installation of cookies in accordance with the settings of the browser), the Controller will not install such cookies on the User’s terminal equipment.
    8. The User may at any time verify the status of his/her current privacy settings for the browser he/she is using by means of the tools available at the following links:
      1. http://www.youronlinechoices.com/pl/twojewybory
      2. http://optout.aboutads.info/?c=2&lang=EN
  8. Period of Personal Data processing
    1. The period of data processing by the Controller depends on the type of service provided and the purpose of processing. As a general rule, data is processed for the duration of the service provided or the execution of the order, until the consent is withdrawn or until an effective objection is made to the data processing in cases where the legal basis for such processing is the Controller’s legitimate interest.
    2. The period of data processing may be extended where the processing is necessary for establishing and investigating claims or defending against them, and thereafter only if and to the extent as required by law. After the expiry of the processing period, the data shall be irreversibly deleted or anonymised.
  9. Rights arising in connection with the processing of personal data
      RIGHTS OF DATA SUBJECTS
    1. The following rights are vested in data subjects:
      1. the right to be informed on the processing of personal data – the Controller shall provide the person making the request with information about data processing, including in particular the purposes and legal bases for such processing, the scope of the data retained, the entities to which the data is disclosed, and the planned date of data erasure;
      2. the right to obtain copies of data – the Controller shall provide the person making the request with copies of the processed data;
      3. the right to rectify data – the Controller shall eliminate any inconsistencies or errors in the Personal Data being processed, and to complete it when necessary;
      4. the right to erase data – the data subject may demand the erasure of data whose processing is no longer necessary for the fulfilment of any of the purposes for which it was collected;
      5. the right to restrict processing – if such a request is made, the Controller shall cease to perform operations on Personal Data – with the exception of operations to which the data subject has given his/her consent – and to store such data in accordance with the retention rules adopted or until the reasons for restricting the processing cease to apply (e.g., a decision is issued by a supervisory authority allowing for the further processing of data);
      6. the right to data portability – to the extent that the data is processed by automated means in connection with the concluded agreement or under consent, the Controller shall supply the data provided by the data subject in a computer-readable format. It is also possible to request that the data be sent to another entity, provided that both the Controller and the entity concerned have the technical capacities to do so;
      7. the right to object to data processing for marketing purposes – the data subject may at any time object to the processing of Personal Data for marketing purposes, without having to justify such objection;
      8. the right to object to other data processing purposes – the data subject may at any time object, for reasons connected with his/her unusual circumstances, to the processing of Personal Data which takes place in connection with the Controller’s legitimate interest (e.g., for analytical or statistical purposes, or for reasons connected with property protection); such objection should be made along with providing justification;
      9. the right to withdraw the consent – if the data is processed under the consent, the data subject has the right to withdraw it at any time; however, this shall not affect the lawfulness of the processing carried out before the withdrawal of the consent;
      10. the right to file a complaint – if the processing of Personal Data is considered to be in breach of the provisions of GDPR or other provisions relating to the protection of Personal Data, the data subject may file a complaint with the supervisory body for the processing of Personal Data, having jurisdiction over the data subject’s usual place of residence, place of work or place where the alleged breach has been committed.. In Poland, the supervisory body is the President of the Personal Data Protection Office.
  10. REPORTING A REQUEST CONCERNING THE EXERCISE OF RIGHTS
    1. A request for the exercise of data subjects’ rights can be made:
      1. in writing to the Controller’s address;
      2. electronically to the e-mail address: kodo@biuro.perla.pl.
    2. The request should, as far as possible, indicate precisely what the request concerns, in particular:
      1. which right the requesting person wants to exercise (e.g., the right to obtain a copy of the data, the right to erasure, etc.);
      2. which processing the request refers to (e.g., use of a particular service, activity on a particular website, receipt of a newsletter containing commercial information to a particular e-mail address, etc.);
      3. which processing purposes the request refers to (e.g., marketing purposes, analytical purposes, etc.).
    3. If the Controller is unable to identify the natural person on the basis of the request, it shall request additional information from the person making the request. The provision of such data is not mandatory but failure to provide it shall result in the request rejection.
    4. The request can be made in person or through a proxy (e.g., a family member). For reasons connected with data security, the Controller encourages the use of a power of attorney in a form certified by a civil-law notary or an authorised legal counsel or attorney, which will all significantly speed up the verification process of the authenticity of the request.
    5. A response to the request should be provided within one month of receipt. If it is necessary to extend this deadline, the Controller shall inform the requesting persons of the reasons.
    6. If the request has been addressed to the Company electronically, the response shall be provided in the same form unless the requesting person demanded the response in another form. Otherwise, the response shall be provided in writing. Where the timing of the request makes it impossible to provide the response in writing and the extent of the requesting person’s data processed by the Controller enables electronic contact, the response shall be provided electronically.
  11. FEE COLLECTION PRINCIPLES
    1. The processing of submitted requests is free of charge. Fees may be charged only in the case of:
      1. making a request for issuing the second and each subsequent copy of data (the first copy of data is free of charge); in such cases, the Controller may change PLN 200.00. The aforementioned fee includes administrative costs related to processing the request;
      2. submitting excessive (e.g., very frequent) or clearly groundless requests by the same person; in such cases, the Controller may charge PLN 500.00. The aforementioned fee includes the costs of communication and the costs related to taking the requested action;
    2. If the decision to impose the fee is contested, the data subject may file a complaint with the supervisory body for the processing of Personal Data, having jurisdiction over the data subject’s usual place of residence, place of work or place where the alleged breach has been committed. In Poland, the supervisory body is the President of the Personal Data Protection Office.
  12. Data recipients
    1. In connection with the provision of services, Personal Data will be disclosed to external entities, including in particular suppliers responsible for the supply and operation of IT systems.
    2. The Controller reserves the right to disclose selected information concerning the User to the competent bodies or third parties who make a request for such information by referring to the appropriate legal basis and in accordance with the provisions of the applicable law.
  13. Provision of data outside the EEA
    1. The level of Personal Data protection outside the European Economic Area (EEA) differs from that envisaged by European law. For this reason, the Controller transfers Personal Data outside the EEA only when necessary and with an adequate level of protection, primarily by:
      1. cooperating with the processors of Personal Data in countries for which a relevant decision of the European Commission has been issued regarding the determination of an adequate level of Personal Data protection;
      2. applying standard contractual clauses issued by the European Commission;
      3. applying binding corporate rules approved by the competent supervisory body.
    2. The Controller shall always disclose its intent to transfer Personal Data outside the EEA upon its collection.
  14. Contact details
    1. The Controller can be contacted via e-mail kodo@biuro.perla.pl or the following mailing address:
    2. The Controller has appointed the Personal Data Coordinator who can be contacted via e-mail kodo@biuro.perla.pl on any matter concerning the processing of Personal Data.
  15. Amendments to the Privacy Policy
    1. The policy is updated on an ongoing and as needed basis.
    2. The current version was adopted on and has been binding since 19.04.2023.
© THE PERŁA BREWERY APARTMENTS
Privacy policy