Privacy Policy

I Definitions

The terms indicated below, used in the content of this Privacy Policy and written with a capital letter, have the meaning given to them below:

  1. Administrator/Website Administrator – nearB company. P.S.A. based in Kraków (30-698), ul. Jana Muszyńskiego 12, entered into the Register of Entrepreneurs of the National Court Register by the District Court for Kraków – Śródmieście in Kraków, 11th Commercial Division of the National Court Register under the number 0000949348, NIP 6793231570, REGON 521079030, share capital PLN 350,180.00.
  2. Cookies – IT data stored on users’ end devices, intended for using websites. In particular, these are text files containing the name of the website they come from, their storage time on the end device and a unique number;
  3. Policy – this Privacy Policy,
    GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
  4. Website – the online portal made available to Users on the website at;
  5. User – a natural person, legal person or organizational unit without legal personality using the Website.

II General provisions

  1. This Privacy Policy sets out the rules for the processing and protection of personal data provided by Website Users.
  2. Before using the Website, in particular before registering an account on the Website, each user should read this Privacy Policy.
  3. This Policy applies only to the Website administered by the Administrator indicated above. The Administrator is not responsible for links placed on the Website that enable Users to go directly to websites that are not administered by the Website Administrator. Users should read the privacy provisions posted on websites linked to the Website.

III General principles of personal data processing

  1. The administrator of personal data collected and processed on the Website and using it is the Website Administrator.
  2. To ensure the security of processed data, the Administrator has developed internal procedures and recommendations to prevent disclosure of data to unauthorized persons. The Administrator controls and observes their implementation and constantly checks their compliance with the law, in particular with the GDPR and other provisions of generally applicable law in Poland. The administrator constantly checks the adequacy and effectiveness of the security procedures used to ensure full and effective protection of the processed data.
  3. The information provided by our Users is processed and stored using appropriate security measures in accordance with the requirements set out by generally applicable provisions of Polish law. The Administrator protects Users’ data against access, use or disclosure to unauthorized persons. Data is processed while maintaining high standards of protection.
  4. Users can use certain functionalities of the Website anonymously, however, in order to obtain full access to the services offered via the Website, it is advisable to register by completing the contact form, which requires providing personal and contact details in the appropriate fields of the form.
  5. The Administrator may process the following personal data of Users who have completed and submitted the contact form (in principle):
    a). first name and last name;;
    b). e-mail adress;
    c). Phone number.
  6. The Administrator’s services offered on the Websites are addressed to people over 18 years of age. Therefore, the Administrator does not consciously process children’s personal data.

IV Purpose of processing of collected personal data

Personal data collected and processed on the Website are generally processed for the following purposes (and based on the indicated factual and legal bases):

  1. Providing services via the website – in order to provide content and services to Users, including information about available content and services on the website (Article 6(1)(b) of the GDPR – acceptance of the website regulations).
  2. Conducting marketing activities and improving the services offered – in order to measure and improve content and services, including matching content to Users’ interests (Article 6(1)(f) of the GDPR – implementation of the legitimate interest of the administrator, i.e. improving its services, ensuring their the best quality and matching marketing information to users’ interests).
  3. Sending a newsletter/newsletters (Article 6(1)(a) of the GDPR (User’s consent to receive correspondence from the administrator).
  4. Fulfillment of obligations imposed on the administrator by applicable legal provisions – when data processing is necessary to fulfill the administrator’s obligations arising from legal provisions (Article 6(1)(c) of the GDPR – implementation of legal obligations).
  5. In order to ensure the security and functionality of the website – the administrator processes personal data when it is necessary to ensure the security of processed data (not only personal data) and necessary for the proper management of ICT systems (Article 6(1)(f) of the GDPR – implementation of a legitimate interest administrator responsible for ensuring the operation of the website and high quality of services).
  6. Handling inquiries from users and other persons using the websites – the administrator processes personal data in order to consider user complaints and complaints related to the activities of the websites, contact the user or a third party using the websites and to take appropriate clarifying or corrective actions (depending on the type of inquiries, the basis may be Article 6(1)(C) of the GDPR – for example in the case of the user exercising rights under the warranty for defects), Art. 6 section 1 letter b GDPR – for example in the case of considering a complaint in connection with a concluded service contract, or Art. 6 section 1 letter f GDPR (implementation of a legitimate interest, i.e. ensuring the operation of the Websites and high quality services).
  7. Pursuing or protecting against possible claims – in the event of possible claims against users or the need to protect against claims against the administrator, the administrator may process user data obtained via the website (Article 6(1)(f) of the GDPR (implementation of the legitimate interest of the administrator consisting in the need to protect against claims or pursue the claims he is entitled to).

V Period of processing of collected personal data

  1. The Administrator stores Users’ personal data only for the time necessary to achieve the purposes for which the data was collected in accordance with point 1 above. After this time, the data is deleted or anonymized in such a way that it is not possible to determine the User’s identity on their basis.
  2. Personal data may be stored longer if such an obligation results from legal provisions or it is necessary to defend against claims against the Administrator or pursue claims by the Administrator against Users or other persons.
  3. In each case, data processed on the basis of consent will be processed until it is withdrawn. After this time, the data will be deleted or anonymized in such a way that it is not possible to determine the User’s identity on their basis, unless the Administrator is entitled or obliged to further process them based on a basis other than consent.

VI Period of processing of collected personal data

  1. The User has the following rights in relation to his personal data processed by the Administrator within the Website:
    a). the right to access personal data – by way of a request addressed to the Administrator (including an inquiry about the full scope of personal data processed by the Administrator and obtaining a copy thereof) or via an account on the Website;
    b). the right to rectify personal data – if the User’s personal data is incorrect or incomplete, by way of a request sent to the Administrator or via an account on the Website;
    c). the right to withdraw consent – in the case of personal data processed on the basis of consent and to the extent to which they are processed on this basis, the User has the right to withdraw it at any time;
    d). the right to delete personal data – the User may request the Administrator to delete personal data processed by him in situations specified by law, e.g. when the data have become in any respect unnecessary for the Administrator, who has lost the basis for their processing;
    e). the right to limit the processing of personal data – in certain situations (e.g. when raising an objection), the User may request a temporary suspension of the processing of his or her data. During the restriction of processing, the Administrator will still be entitled to store personal data;
    f). the right to request the transfer of personal data – in cases specified by law, the User also has the right to receive personal data in a machine-readable format for further transfer to another administrator;
    g). the right to object to the processing of personal data. The User may object to the processing of personal data by the Administrator on the basis of a legitimate interest or for statistical purposes.
  2. Users may submit requests and applications to exercise their rights described above via the e-mail address:
  3. The Administrator will consider each received request and provide a response as soon as possible, no later than the deadline provided for in the relevant legal provisions, regardless of whether the response is positive or negative.
  4. If the Administrator is unable to comply with the content of the request, he will inform the User about it in response to the request.
  5. If it is considered that there has been a violation of the provisions on the protection of personal data, the User has the right to lodge a complaint with the President of the Personal Data Protection Office.

VII Data Sharing (GDPR)

  1. Personal data left on the website will not be sold or made available to third parties contrary to any provisions of the GDPR or other provisions on the protection of personal data.
  2. The Administrator may make the collected personal data available to competent public administration authorities or other entities authorized to access these personal data under the law at the request of these authorities or other entities.
  3. Access to the User’s data may be obtained by external entities to which the Administrator entrusts specific tasks in order to provide services to Users (e.g. entities providing hosting of the Website, media houses that may gain access to aggregated data collected using cookies, etc.). In such cases, the Administrator provides personal data only on the basis of appropriate contracts or arrangements previously concluded with these entities, the subject of which is to ensure data processing by a given entity in a way that ensures the application of an appropriate level of security for the entrusted personal data.
  4. The Administrator may share the processed personal data of Users with entities affiliated with the Administrator in order to ensure the possibility of providing services and fulfilling the Administrator’s corporate obligations arising from separate provisions of law and regulations constituting the basis for the operation of the Company.
  5. The Administrator uses the CAPTCHA mechanism to sporadically and randomly check whether Users’ behavior does not bear the characteristics of internet robots. For this reason, the Administrator may disclose the User’s data, in particular the IP of his computer, to entities providing related services.
  6. Some of the Administrator’s service providers may store Users’ data outside the European Economic Area. In such cases, the Administrator, based on agreements with service providers, will ensure that Users’ data will be stored only in countries that ensure an adequate level of personal data protection.
  7. The Website may contain links to other websites. Such websites operate independently of the Website and are not supervised in any way by These websites may have their own privacy policies and regulations, which we recommend that you read. If you have any doubts regarding any of the provisions of this privacy policy, we are at your disposal – our details can be found in the Contact tab on the website

VIII Final information

  1. Questions and comments regarding the Policy should be sent electronically to the e-mail address:, or in writing to the registered office address of the Administrator.
  2. The Administrator reserves the right to make changes to the Policy, which may result from the development of Internet technology, changes in applicable law and the development or change of the profile of running the Website. The Administrator will inform about any changes in a visible and understandable way and in advance. The Administrator places the most current version of the Policy in the footer of the Website.

The goal of the project is to create an innovative travel platform that takes travel to a whole new level – integrating local entrepreneurs, travelers and the wider community into one coherent ecosystem.


© 2023 “nearB.” All rights reserved