Information for Affiliate Partners whose personal data will be processed by IdoBooking sp. z o.o.

  1. The controller of personal data of Affiliate Partners (hereinafter: ‘AP’) is IdoBooking sp. z o. o. (also referred to as the ‘Operator’) with its registered office at al. Piastów 30, 71-064 Szczecin, entered in the register of entrepreneurs kept by the District Court Szczecin-Centrum in Szczecin, XIII Commercial Division of the National Court Register under the number 00001118562 NIP: 8522710288; REGON: 529324888; with the share capital of PLN 200,000.00.
  2. In matters concerning personal data, IdoBooking may be contacted by e-mail: sales@idobooking.com and by phone: +48 91 443 66 00.
  3. The Data Protection Officer at IdoBooking is Rafał Malujda, e-mail address: gdpr-inspector@idobooking.com.
  4. The processing of personal data provided by AP when joining the Affiliate Programme, including the data of persons signing the agreement and indicated for its execution (regardless of whether the data of such persons, such as first name, surname, position, e-mail or telephone number, was obtained from such persons directly or through AP) is based on art. 6 para. 1 lit. b, c or f GDPR for the purposes of fulfilling the agreement concluded by AP with the Operator and issuing accounting evidence, for marketing purposes, as well as for the correct and full implementation of the ordered service and for the fulfilment of legal obligations incumbent on IdoBooking, e.g. for the purposes of fulfilling the demands of control bodies, courts, public prosecutor's office, for the purposes of proceedings provided for by the law, as well as for the fulfilment of other obligations imposed on the Administrator by generally applicable regulations. The legitimate interests pursued by the Operator in relation to the processing of personal data based on Article 6(1)(f) GDPR are also the conduct of correspondence, archiving of correspondence and documentation related to the services provided, and direct marketing of its own products and services.
  5. Recipients of personal data processed by the Operator are the Operator's business partners, hosting companies, software providers, marketing agencies, Internet and card payment operators, accounting offices, law firms and other entities to which the Operator entrusts AP's personal data or makes them available on the basis of an appropriate agreement in order to provide services.
  6. Personal data may be transferred to entities located in third countries such as the USA and Canada for which the European Commission has declared an adequate level of protection of personal data (in the case of the USA, the condition is that the entity in question has joined the ‘EU-US Data Protection Framework’).
  7. The Operator will store AP's personal data until the expiry of the statute of limitations for claims arising from the concluded contract or for the period required by separate regulations on tax and accounting obligations - whichever period ends later. After the expiry of this period, the Client's personal data will be processed by the Operator on the basis of Article 6(1)(f) GDPR, i.e. for the purposes resulting from the Operator's legitimate interests, such as possible defence, investigation or establishment of claims, as well as for the purposes of marketing campaigns.
  8. AP has the right to request from the Operator access to its personal data, rectification, deletion or restriction of processing, as well as the right to object to processing and the right to data portability.
  9. AP has the right to lodge a complaint to the supervisory authority, which is the President of the Office for Personal Data Protection.
  10. The provision of personal data by AP is a contractual requirement and is voluntary but necessary for the performance of the Service. Failure to provide personal data prevents AP from joining the Partner Programme.