Bel-Ami
Bel-Ami - Goszczyńskiego 24,34-500 Zakopane

Privacy Policy

The privacy policy describes the principles of processing information about you, including personal data and cookies, i.e., so-called cookies.

1. General Information

This policy applies to the website operating at the URL: belami-zakopane.pl

The website operator and the personal data administrator is:
Ośrodek Wczasowo-Konferencyjny Bel-Ami in Zakopane
ul. Seweryna Goszczyńskiego 24, 34-500 Zakopane

Contact email address of the operator: marketing@bel-ami.pl

The operator is the Administrator of your personal data with regard to the data provided voluntarily on the website.

The website uses personal data for the following purposes:

  • Handling inquiries via the contact form
  • Presenting an offer or information

The website collects information about users and their behavior in the following ways:

  • Through data voluntarily entered in forms, which are entered into the Operator's systems.
  • By storing cookies on end devices (so-called "cookies").

2. Selected Data Protection Methods Used by the Operator

  • Login and personal data entry points are protected at the transmission layer (SSL certificate). This ensures that personal data and login details entered on the website are encrypted on the user's computer and can only be read on the target server.
  • Personal data stored in the database is encrypted in such a way that only the Operator, who holds the decryption key, can read it. This protects the data in the event of a database theft from the server.
  • User passwords are stored in hashed form. The hashing function is one-way – it is impossible to reverse its operation, which is currently the modern standard for storing user passwords.
  • Two-factor authentication is used on the website, providing an additional layer of protection for logging into the Service.
  • The Operator periodically changes its administrative passwords.
  • To protect data, the Operator regularly makes backup copies.
  • An important element of data protection is the regular updating of all software used by the Operator for processing personal data, which particularly includes regular updates of software components.

3. Hosting

The Service is hosted (technically maintained) on the servers of an external provider: another company

To ensure technical reliability, the hosting company keeps server-level logs. These logs may include:

  • Resources identified by URL (addresses of requested resources – pages, files),
  • Time of the request,
  • Time of the response,
  • Client station name – identification performed by the HTTP protocol,
  • Information about errors that occurred during the execution of the HTTP transaction,
  • URL of the previously visited page (referer link) – if the transition to the Service was made via a link,
  • Information about the user's browser,
  • Information about the IP address,
  • Diagnostic information related to the process of independently ordering services through the forms on the website,
  • Information related to handling email correspondence directed to the Operator and sent by the Operator.

4. Your Rights and Additional Information on How Your Data is Used

In certain situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform a contract concluded with you or to fulfill the Administrator's obligations. This applies to the following groups of recipients:

  • Hosting company on the basis of data processing entrustment,
  • Authorized employees and associates who use the data to achieve the purpose of the website's operation,
  • Companies providing marketing services to the Administrator.

Your personal data processed by the Administrator will not be kept longer than necessary to perform activities related to them as specified by separate regulations (e.g., accounting regulations). With regard to marketing data, it will not be processed for more than 3 years.

You have the right to request from the Administrator:

  • Access to your personal data,
  • Correction of your data,
  • Deletion of your data,
  • Restriction of processing,
  • Data portability.

You have the right to object to the processing of your personal data for purposes based on legitimate interests pursued by the Administrator, including profiling. However, the right to object cannot be exercised if there are legally justified grounds for processing that override your interests, rights, and freedoms, particularly the establishment, exercise, or defense of claims.

You have the right to lodge a complaint against the Administrator's actions with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, Poland.

Providing personal data is voluntary, but necessary to use the Service.

You may be subject to automated decision-making, including profiling, for the purpose of providing services under a concluded contract and for direct marketing by the Administrator.

Personal data is not transferred to third countries within the meaning of data protection regulations. This means that it is not sent outside the European Union

5. Information in Forms

The Service collects information provided voluntarily by the user, including personal data, if it is provided.

The Service may save information about connection parameters (timestamp, IP address).

In some cases, the Service may save information that helps associate data in the form with the email address of the user filling out the form. In such cases, the user's email address appears within the URL of the page containing the form.

Data provided in the form is processed for the purpose resulting from the function of a specific form, e.g., to handle a service request, commercial contact, or service registration. Each time, the context and description of the form clearly inform about its purpose.

6. Administrator Logs

User behavior information on the website may be logged. This data is used for website administration purposes. 

7. Important Marketing Techniques

The Operator uses statistical analysis of website traffic through Google Analytics (Google Inc., based in the USA). The Operator does not transmit personal data to the operator of this service, only anonymized information. The service is based on the use of cookies in the user's end device. Regarding user preference information collected by Google's advertising network, users can view and edit information derived from cookies using this tool: Google Ads Preferences.

The Operator uses remarketing techniques to tailor advertising messages to the user's behavior on the site, which may give the illusion that the user's personal data is being tracked. However, in practice, no personal data is transferred from the Operator to advertising operators. The technical condition for such actions is the enabled support of cookies.

The Operator uses Facebook Pixel. This technology allows Facebook (Facebook Inc., based in the USA) to know that a registered user is using the Service. It relies on data for which Facebook itself is the controller. The Operator does not transmit any additional personal data to Facebook. This service is based on the use of cookies in the user's end device.

8. Information About Cookies

The Service uses cookies.

Cookies are IT data, specifically text files, which are stored in the User's end device and are intended for the use of the Service's web pages. Cookies typically contain the name of the website from which they originate, the duration of storage on the end device, and a unique number.

The Service Operator is the entity placing cookies on the User's end device and accessing them.

Cookies are used for the following purposes:

  • Maintaining the Service User's session (after logging in), so the user does not have to re-enter the login and password on each subpage,
  • Achieving the objectives specified above in the "Important Marketing Techniques" section.

The Service uses two main types of cookies: "session" (session cookies) and "persistent" (persistent cookies).

  • Session cookies are temporary files stored on the User's end device until logging out, leaving the website, or turning off the web browser.
  • Persistent cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.

Web browsers typically allow cookies to be stored on the User's end device by default. Service Users can change these settings. The web browser enables the deletion of cookies. It is also possible to automatically block cookies. Detailed information on this subject can be found in the help or documentation of the web browser.

Restrictions on the use of cookies may affect some functionalities available on the Service's websites.

Cookies placed on the User's end device may also be used by entities cooperating with the Service Operator, particularly by companies such as:

  • Google (Google Inc., based in the USA),
  • Facebook (Facebook Inc., based in the USA),
  • Twitter (Twitter Inc., based in the USA).

9. Managing Cookies – How to Give and Withdraw Consent in Practice

If the user does not wish to receive cookies, they can change their browser settings. Please note that disabling cookies necessary for authentication, security, or maintaining user preferences may hinder, and in extreme cases, prevent the use of websites.

To manage cookie settings, select your web browser from the list below and follow the instructions:

  • Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera

Mobile Devices:

  • Android
  • Safari (iOS)
  • Windows Phone