Privacy policy

I. Information about the administrator

1. The administrator of data, within the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), is G24 Group Sp. z o.o. with its registered office in Wrocław, at 244A Żmigrodzka Street; 51-131 Wrocław, entered into the National Court Register - Register of Entrepreneurs kept by the District Court in Wrocław. kept by the District Court for Wrocław-Fabryczna in Wrocław, IX Commercial Division of the National Court Register under KRS number: 0000222815, NIP: 8961379789, REGON: 933043872, share capital of 80 000,00 PLN, hereinafter referred to as the G24 Group or alternatively as the Administrator.
2. Data and privacy of users visiting the www.golf-booking.com website provided by users and data collected automatically are used by the Administrator only for the purposes indicated in this privacy policy.
3. This privacy and personal data protection policy applies to the website maintained at the address: http://www.golf-booking.com.
4. The provisions of this Privacy Policy exhaust the information obligations of G24 Group Sp. z o. o. resulting from Article 13 of the general Regulation on the protection of personal data of 26 April 2016 (Official Journal of the European Union L 2016, No. 119, hereinafter: RODO).
5. In matters related to personal data protection, you can contact us by phone at +48 509 942 743, by e-mail at iod@golf24.pl or in writing at the registration address of the personal data controller

II. Processing of users' personal data

1. The controller shall exercise special care to protect the rights and freedoms of data subjects and in particular shall ensure that the data are:
a) Processed lawfully, fairly and transparently,
b) Collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes,
c) Adequate, relevant and limited to what is necessary for the purposes for which they are processed,
d) Correct and, where necessary, updated,
e) kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which they are processed,
f) processed in such a way as to ensure adequate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by appropriate technical or organisational measures.
2. As part of the measures set out in points 1 f above, the Administrator has implemented the following security measures: encrypted data transmission, securing access to the system with a password of at least 8 characters, creating backup copies of data stored on a server located in the European Economic Area, while the effectiveness of the User's data security measures requires that the User complies with the specified Golf-booking.com Regulations, in particular not making his or her passwords available to third parties. The User of the service also takes care of the correctness of the data provided by him during the registration of the account in the service and their updating.
3. Dane Personal data of the Customer are processed in accordance with the Regulation of the European Parliament and of the Council (EU) No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (general regulation on data protection; hereinafter: RODO) (Official Journal of the European Union L 119 of 4.05.2016), the Act of 10 May 2018 2018 on the protection of personal data and the Act of 18 July 2002 on the provision of electronic services (i.e. Journal of Laws of the European Union of 2017, item 1219). III. Purpose, basis and scope of processing of personal data

1. Each time the purpose, basis and scope as well as recipients of data processed by the Service Provider result from actions taken by the G24 Group.
2. Possible purposes for which G24 Group may collect personal data about Users:
a) Conclusion and performance of a contract for the use of an electronic service, including payment processing, communication with the service user in connection with the service provided; basis for processing: Article 6(1)(b) of the RODO (processing is necessary for the performance of the contract)Scope of personal data processed (ordinary data only): first and last name, email address
b) Personal data of the account holder and data related to the user's use of the service through this account: name, surname, address, e-mail address, telephone number, bank account number, NIP number, PESEL number data on payments related to the service provision,
c) Direct marketing of G24 Group's own products or services, including the newsletter - basis for processing: Article 6(1)(f) of the RODO (processing is necessary for purposes arising from legitimate interests pursued by the controller or by a third party) Scope of personal data processed: first and last name, e-mail address, telephone number. In the case of newsletters and other forms of advertising provided by electronic means - the User's consent resulting from the relevant regulations is required.
d) Direct marketing of products/services of G24 Group partners - basis for processing: Article 6(1)(f) of the RODO (processing is necessary for purposes arising from legitimate interests pursued by the controller or by a third party). Scope of the processed personal data: first and last name, e-mail address, telephone number. In the case of newsletters and other forms of advertising provided by electronic means - the User's consent resulting from the relevant regulations is required.
e) Ensuring the security of the service and data protection of its users - the basis for processing: Article 6(1)(f) of the RODO (processing is necessary for purposes arising from legitimate interests pursued by the controller or by a third party).
Scope of the processed personal data: logging data to golf-booking.com. The Service Provider also processes anonymised data related to the use of the Service (e.g. the number of Users) to generate statistics on the use of the Service. These data are of aggregate and anonymous character, i.e. they do not contain features identifying persons using the Golf-booking.com service.
3. By registering at golfbooking.com or registering for the Golf Tournament, the User consents to the processing of personal data in the following areas: name, surname, gender, date of birth, email address, telephone number, mailing address, current HCP by the G24 Group for the implementation of golf tournaments and information about the results of golf tournaments and HCP of the competitor, including in particular livescoring, leaaderboard system and via the website of the tournament and/or application on the Internet. Consent to the processing of personal data is voluntary, but necessary for the proper implementation of a G24 Group golf tournament.
4. The User acknowledges and agrees that in the event of his/her participation in a golf tournament, information about his/her sports results may be made public, in particular in the livescoring system, leaderboard system and through services and/or applications on the Internet.

5. By registering for or purchasing a tourist service, the User consents to the processing of personal data in the scope of name, surname, address, e-mail address, telephone number, identity document number, PESEL number, date of birth in order to present an individualised offer or to provide a tourist service.

IV. Sharing of personal data

1. In connection with the implementation of its basic functions, G24 Group provides personal data (name and surname) to one of the partners (golf course) providing green fee sales services, club cars and accepting enrolment for golf tournaments it organises.
2. With the user's consent, the data may be transferred to entities providing payment services (payment platforms). Currently G24 Group uses the payment platform PayU S.A., 182 Grunwaldzka Street, 60-166 Poznań, NIP: 779-23-08-495.
3. The data of the user who has consented to the processing of his/her personal data for marketing purposes and to the use of electronic means of communication may be transferred to entities specializing in the provision of mass e-mail sending services. When selecting entities providing this category of services, the Administrator shall be guided by the criteria specified in Article 28 paragraph 1 of the RODO, i.e. that each of the contractors must guarantee the implementation and application of technical and organisational measures appropriate to the category of personal data aimed at their security.
4. In cases described in separate provisions of law and in accordance with the procedure indicated in these provisions, personal data may be transferred to authorized state administration bodies.
5. In the event of concluding a tourist service agreement, user data may be provided to entities cooperating with the Administrator in the performance of tourist service agreements, such as insurers, flight service providers, hoteliers, transfer providers to the destination, as well as golf courses.
6. Providers of services providing the Administrator with technical and organizational solutions enabling the performance of agreements and management of the Administrator's organization, in particular courier and postal companies and providing IT solutions for safe storage of personal data.
7. Personal data may also be disclosed for audits, compliance and corporate governance purposes.
8. The Administrator declares that in each case the provision or transfer of personal data for processing is based on an agreement entrusting the processing of personal data or on the basis of a legal obligation to.

V. Processing periods for personal data (data retention)

1. Personal data of the service user may be stored:
a) Personal data assigned to the User's account in the service - for the entire period of account activity (duration of the contract) and for 10 years after its expiry in an archive form (in accordance with the provisions of the Civil Code concerning the statute of limitations of claims).
b) Marketing data - until the withdrawal of consent to the processing of data for this purpose, while the data concerning prior consent and marketing operations performed towards the User of the service will be stored in an archive form for at least 5 years from the moment of withdrawal of consent.
c) Personal data concerning facts and events subject to tax obligations or inclusion in relevant accounting books - for at least 5 years in an archive form, in accordance with the provisions of, inter alia, the Tax Ordinance and the Accounting Act.
d) Personal data necessary to assert claims by the Administrator or third parties, or constituting evidence in proceedings before a court or state administration body - until the usefulness of such data in pending proceedings or until the completion of other legally permissible activities related to the assertion of claims.
 

VI. Rights of the person whose data are processed by the Administrator

1. Each person whose data is processed by G24 Group Sp. z o. o. is entitled to:
a) Right of access to their personal data, rectification, erasure, restriction of processing, right to object, and right to data portability in cases specified in the provisions of the RODO;
b) the right to withdraw consent at any time without affecting the lawfulness of the processing carried out on the basis of consent prior to its withdrawal (this applies in particular to the processing of data for marketing purposes),
c) the right to object at any time to the processing of personal data - for reasons related to the specific situation of the data subject, as well as the right to object to the processing of data for the purposes of direct marketing,
d) the right to lodge a complaint with the Supervisory Authority (President of the Office for Personal Data Protection, address: ul: ul. Stawki 2, 00-193 Warszawa, if the data subject considers that the processing of data by the Administrator violates the provisions of the RODO.


VII. Ability to choose within the scope of personal data collected by the Administrator

1. Providing personal data during registration in the service is voluntary, but failure to provide this data will prevent the conclusion of a contract for the use of the functionality of the golf-booking.com service.
2. Providing personal data for marketing purposes is voluntary, but failure to provide such data results in the inability to receive a personalized offer of services and bonuses offered by the Administrator and its business partners.

  VIII. Collection of data collected automatically ("cookies")  

1. Cookies are small text files that are stored on your computer or other mobile device when you use the website (hereinafter referred to as cookies). Using the website is tantamount to consent to the placement of cookies on the user's terminal equipment. Each user can disable cookies by configuring their browser accordingly.
2. Cookies contain, inter alia, the following data:
a) the public IP address of the computer from which the query was received;
b) information about the type of the user's operating system;
c) information about the user's browser;
d) the amount of time spent on each page visited by the user, and the amount of time spent on each page.
3. Cookies do not contain any personally identifiable information about website visitors or other information collected from users.  

IX. Use of cookies

Collected cookies are stored by the Administrator for an indefinite period of time only for auxiliary purposes, used to administer the website. Information contained therein is disclosed only to persons authorized to administer the server of the website http://www.golf-booking.com. The Administrator uses cookies exclusively for statistical purposes and in order to adjust the content and layout of the website to the needs of its visitors.. By default, most web browsers on the market accept cookies by default. Everyone has the possibility to determine the terms of use of cookies by means of their own browser settings. This means that you can, for example, partially (e.g. temporarily) or completely deactivate the storage of cookies - in the latter case, however, this may affect certain functionalities of the van service group. The settings of your browser regarding cookies are important for the consent of our website to the use of cookies - this consent can also be given by the settings of your browser in accordance with the law. If you do not agree to this, you must change your browser's settings for cookies accordingly. Detailed information on how to change the settings for cookies and how to delete them yourself in the most popular web browsers can be found in the help section of your browser and on the following pages (simply click on a link):

  X. Changes in privacy policy

  The Administrator may change the applicable privacy policy, in particular in order to adjust it to the requirements set forth in the applicable laws, informing about the changes made on the website http://www.golf-booking.com and by e-mail.