Privacy Policy

1. General information

This Privacy Policy sets out the rules for the processing of personal data on the Beelio website (the "Service").

The data controller is BEELIO sp. z o.o., with its registered office in Warsaw at Aleja Jana Pawła II 27, 00-867 Warsaw, Poland, NIP: 527-32-06-944, REGON: 544066058, KRS: 0001226189, email: kontakt@beelio.pl, hereinafter the "Controller".

The Controller processes personal data in accordance with Regulation (EU) 2016/679 (GDPR), national data protection laws and other applicable legislation.

2. Nature of Beelio Service

Beelio is a Discovery-type platform enabling: discovery of product, attraction and accommodation offers; browsing content (including videos and offer cards); sending enquiries to selected offerors.

3. Scope of data processed

4. Purposes of processing

Personal data are processed for the following purposes:

• enabling use of the Service,
• handling enquiries sent by Users,
• e-mail and/or SMS communication,
• improving the quality of the Service,
• fulfilling the Controller's legal obligations,
• securing the Service against abuse.
• weryfikacji numeru telefonu (SMS) przy rejestracji i resetowaniu hasła,
• wysyłania powiadomień push (po wyrażeniu zgody),
• utrzymania sesji i tokenów uwierzytelniania.

5. Legal basis for processing

Data are processed on the following legal basis:

• Art. 6(1)(a) GDPR – consent of the User,
• Art. 6(1)(b) GDPR – performance of the service,
• Art. 6(1)(c) GDPR – legal obligations,
• Art. 6(1)(f) GDPR – legitimate interest of the Controller.
• art. 6 ust. 1 lit. a RODO – zgoda na powiadomienia push i opcjonalny marketing.

6. Data disclosure

Data may be disclosed to:

• entities providing technical services (hosting, e-mail, SMS),
• only to the extent necessary for the operation of the Service.
• dostawcom usług hostingu, e-mail, SMS oraz CDN/streamingu wideo (w tym możliwość przekazania poza EOG – z zastosowaniem standardowych klauzul umownych lub innych gwarancji przewidzianych w RODO).

Data are not transferred outside the EU unless required by the use of technical tools (e.g. servers).

7. Data retention period

Data are stored:

• for the duration of use of the Service,
• until consent is withdrawn,
• or for the period required by law.
• kody weryfikacyjne SMS i resetu hasła – do kilkunastu minut (automatyczne usuwanie),
• tokeny sesji i odświeżania – do czasu wygaśnięcia lub wylogowania.

Enquiry data may be retained for evidential and statistical purposes.

8. User rights

The User has the right to:

• access their data,
• rectification,
• erasure ("right to be forgotten"),
• restriction of processing,
• data portability,
• object,
• withdraw consent at any time.
• wniesienia skargi do Prezesa Urzędu Ochrony Danych Osobowych (ul. Stawki 2, 00-193 Warszawa), gdy Użytkownik uważa, że przetwarzanie narusza RODO.

To exercise these rights, please contact the Controller.

9. Cookies

The Service uses cookies for:

• proper operation of the Service,
• statistical analysis,
• improving functionality.

The User can manage cookies in their browser settings.

Restricting cookies may affect the operation of the Service.

10. Data security

The Controller applies appropriate technical and organisational measures to protect data.

Only authorised persons have access to the data.

11. Changes to the Privacy Policy

The Controller reserves the right to change the Privacy Policy.

Changes take effect upon publication on the Service.