Short version - the most important information
We care about your privacy, but also about your time. That is why we have prepared a shortened version of the most important rules related to privacy protection.
- By creating an account in the system, editing your profile, subscribing to the newsletter or simply contacting us, you provide us with your personal data, and we guarantee that your data will remain confidential, secure and will not be disclosed to any third parties without your express consent.
- By collecting personal data of your clients via the bookero system, you entrust us with their processing, while consenting to further entrusting them to third parties for the purpose of providing access to the bookero system. Details in this regard are described in Annex 1 to the Bookero regulations specifying the principles of entrusting data processing.
- We use Google Tag Manager to manage the various tools and tags associated with our website.
- We use Google Analytics analytical tools that collect anonymous information about your website visits, such as the subpages you have displayed, the time you spent on the website or the transitions between individual subpages. For this purpose, Google LLC cookies are used for the Google Analytics service.
- We use the HotJar tool to analyse your behaviour while using the website and the system. HotJar does not collect any of your personal data. The conducted analysis help us to improve the website and the system to make using them even more convenient for you. HotJar Limited cookies are used to manage this process.
- We use the Smartsupp tool to ensure that you can contact us in real time (chat). For this purpose, Smartsupp.com s.r.o. cookies are used.
- We use Facebook tools to provide you with specific social functions (Facebook Connect) and conduct marketing activities based on non-standard audiences (Facebook Custom Audiences).
- We use BugSnug to log JS errors within Bookero.
If the above information is not sufficient for you, you will find further details below.
The administrator of your personal data within the meaning of the provisions on the protection of personal data is SAFI STUDIO Paweł Nowakowski, Dębina, ul. Spacerowa 25, 05-152 Czosnów, NIP (tax identification number): 5311610855.
The purposes, legal bases and period of personal data processing are indicated separately for each purpose of data processing (see the provisions below for a detailed description of the various purposes of data processing).
In connection with the processing of your personal data by us, you have the following rights:
- the right to information, to request access to your data, its rectification, deletion or limitation of processing,
- the right to object to the processing,
- the right to data portability
- the right to withdraw consent to the processing of personal data for a specific purpose, if the User previously gave such consent,
- the right to lodge a complaint with the supervisory authority in relation to the processing of personal data by us.
You can exercise the above rights in accordance with the principles described in Article 16 - 21 of the GDPR by contacting us at firstname.lastname@example.org.
Providing your personal data is always voluntary, but necessary to set up an account in the system, subscribe to the newsletter or simply contact us.
We guarantee the confidentiality of all personal data provided to us. We ensure that all security and personal data protection measures required by the provisions on the protection of personal data are taken. Personal data is collected with due diligence and properly protected from access by unauthorised persons.
Your personal data will be disclosed to entities to which SAFI STUDIO Paweł Nowakowski entrusted their processing, i.e. providers of technical and IT services used for the proper functioning of Bookero, in particular: the hosting provider and cloud software providers.
All entities entrusted with the processing of personal data guarantee the use of appropriate measures for the protection and security of personal data required by law.
Some of the technical service providers may transfer data to third parties. In such a situation, these providers always guarantee the appropriate level of security of personal data, in particular through the use of standard contractual clauses.
When creating a user account in the system, you must provide your basic data, such as company, e-mail address, telephone number and password. Subsequently, it may be necessary to provide further data as part of the system configuration.
You can modify your data assigned to your account at any time using the options available after logging in to your account.
The legal basis for the processing of your personal data contained in the user account is the performance of the contract for the provision of access to the bookero system, which you conclude with us on the basis of the regulations (Article 6 (1) (b) of the GDPR). The data is processed in order to provide services.
Your data contained in the user account may also be processed for the purpose of individual contact - related to the use of the system, e.g. for technical service, analysis of satisfaction with the use of the system.
Your personal data contained in the user account is processed for the duration of the account operation, i.e. for the duration of the contract referred to above. If you decide to delete your account, your personal data will be deleted from the database. We reserve, however, that we may continue to process your data also after deletion of the account and termination of the contract to the extent and for the time necessary to pursue claims related to the contract and use of the system, which is our legitimate interest referred to in Article 6 (1) (f) of the GDPR.
If you have consented to the sending of information about new products, promotions, products and services related to the system to your e-mail address, your data (name and e-mail address) will also be processed for this purpose. The legal basis for this processing of your data is Article 6 (1) (a) of the GDPR.
You can withdraw your newsletter consent at any time by resigning from receiving the newsletter. It is possible from the level of each e-mail received as part of the newsletter by clicking on a special link that allows you to cancel the subscription.
The data is processed in the mailing system database for the duration of the newsletter operation, unless you unsubscribe from the newsletter, which will delete the data from the database.
By contacting us via e-mail or system chat, you naturally provide us with your data contained in the message.
The legal basis for the processing of personal data in this case is your consent resulting from initiating contact with us (Article 6 (1) (a) of the GDPR).
Your personal data provided to us as part of an e-mail contact is processed solely for the purpose of handling your inquiry. The content of the correspondence may be archived, which is our legitimate interest referred to in Article 6 (1) (f) of the GDPR.
Data entrusted for processing
In addition to your personal data, we also process the personal data of your customers that you collect as part of the system. In this regard, you entrust us with the processing of these data, while consenting to their further entrusting for the purpose of providing access to the bookero system. You can rest assured that your customers' data is safe and we do not access it in any way, unless it is necessary to handle your technical inquiry. In such a situation, however, we undertake to maintain full confidentiality of the data and not to use it for any purposes other than the provision of the service.
Remember that in relation to customer data, you are their administrator, so you are responsible for the obligations imposed by applicable regulations on personal data administrators. These duties include, among others the need to have an appropriate legal basis for the processing of personal data and the fulfillment of the information obligation.
Details on entrusting data processing are described in Annex 1 to the Bookero regulations, which replaces the written contract for entrusting data processing due to the fact that the GDPR allows the possibility of concluding an entrustment contract also in electronic form.
Cookies and other tracking technologies
Cookies are small, text based information, stored on your terminal device (e.g. computer, tablet and smartphone) that can be read by our IT system.
We use both our own cookies and third party cookies.
See below for more details.
Cookie consent settings
First-party cookies. First-party cookies are used for the proper operation of the website and the system, in particular to remember your login to the system, as well as to ensure the possibility of logging into it in general.
Google Analytics. We use the Google Analytics tool provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. We carry out activities in this area based on our legitimate interest, consisting in the creation of statistics and their analysis in order to optimise our websites.
In order to use Google Analytics, we have implemented a special Google Analytics tracking code in the website code. This tracking code uses Google LLC cookies for Google Analytics service. You can block the Google Analytics tracking code at any time by installing the browser add-on provided by Google: https://tools.google.com/dlpage/gaoptout.
Google Analytics automatically collects information about your use of the website. The information collected in this way is most often transferred to Google servers, which can be located all over the world and stored there.
Due to the IP anonymisation activated by us, your IP address is shortened before forwarding. Only in exceptional cases is the full IP address sent to Google servers and shortened there. The anonymized IP address provided by your browser as part of Google Analytics is not combined with other Google data.
We emphasize that as part of Google Analytics we do not collect any data that would allow your identification. Therefore, the data collected as part of Google Analytics is not personal data for us. The information we have access to as part of Google Analytics is, in particular:
- information about the operating system and web browser you use,
- subpages that you browse as part of our website,
- time spent in our store and on its subpages,
- transitions between individual subpages,
- the source from which you go to our website.
In addition, as part of Google Analytics, we use the following Advertising Functions:
- demographic and interest reports,
- advertising reporting functions, user-ID.
As part of the Advertising Functions, we also do not collect personal data. The information we have access to is, in particular:
- the age range you are in,
- your gender,
- your approximate location limited to the city,
- your interests based on your online activity.
Google Analytics and Google Analytics 360 services have been certified by the independent security standard ISO 27001. ISO 27001 is one of the most recognized standards in the world and certifies compliance with the relevant requirements by systems that support Google Analytics and Google Analytics 360.
If you are interested in details related to Google's use of data from websites and applications that use Google services, we encourage you to read this information: https://policies.google.com/technologies/partner-sites.
Google Tag Manager. We use the Google Tag Manager tool provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. It enables tag management, i.e. small code fragments, thanks to which we are able to control traffic and user behaviour, collect information on the effectiveness of advertisements and undertake activities aimed at improving our store. Google Tag Manager does not collect any information that allows your identification, however, this tool triggers other tags, which in turn may collect data.
Hotjar. We use the Hotjar tool to better understand your needs and to optimise our website in terms of your experience of using it, which is our legitimate interest. The tool is provided by an external entity, i.e. Hotjar Limited, Level 2, St Julian's Business Center, 3, Elia Zammit Street, St Julian's STJ 1000, Malta.
Hotjar registers every visitor to our website and allows you to play a video recording of their traffic on our website, as well as generate the so-called heat maps. As part of the Hotjar tool, we do not have access to information that allows us to identify you, because Hotjar does not record the process of filling in the forms. The information we have access to as part of Hotjar is, in particular:
- information about the operating system and web browser you use,
- subpages that you browse as part of our website,
- time spent on our website and on its subpages,
- transitions between individual subpages within our website,
- the source from which you go to our website,
- the places where you click with the mouse.
In order to use Hotjar, we have implemented a special Hotjar tracking code in the website code. The tracking code uses Hotjar Limited cookies. The information collected as part of cookies is stored by Hotjar as part of a pseudonymous user profile. Neither Hotjar nor we use this information to identify you.
You can object to Hotjar creating your user profile, Hotjar's storage of information about your use of our website and the use of Hotjar cookies here: https://www.hotjar.com/legal/compliance/opt-out.
Facebook Custom Audiences. As part of the Facebook Ads advertising system provided by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA, we use Custom Audience Groups to target targeted advertising messages to specific user groups. We carry out activities in this area based on our legitimate interest, consisting in the marketing of our own products or services.
In order to send you personalised ads in terms of your behaviour on our website, we have implemented Facebook as part of the Pixel website, which automatically collects information about your use of the website. The information collected in this way is most often transferred to Facebook servers, which may be located all over the world, in particular in the United States of America (USA).
The information collected as part of Facebook's Pixel is anonymous, i.e. it does not allow us to identify you. Depending on your activity on our website, you can reach a specific group of recipients, but we do not identify individuals belonging to these groups in any way.
Social tools, especially Facebook Connect. Our website uses plugins, buttons and other social tools, hereinafter collectively referred to as "plugins", provided by social networking sites such as Facebook, Instagram, LinkedIN, Twitter, Pinterest.
When displaying a website containing a plug-in of a given social networking site, your browser sends information about the visit to the administrator of that social networking site. Since the plug-in is a part of the social networking site embedded in our website, the browser sends information about the request to download the content of the social networking site to our site.
The plugins collect certain information about you, such as user ID, website visited, date and time, and other information about the web browser.
Social network administrators use some of this information to personalise the viewing conditions of our website. For example, when you visit a page with a "Like" button, the administrator of the social network site needs to know who you are to show you which of your friends also like our page.
Information collected by plugins may also be used by administrators of social networking sites for their own purposes, such as e.g. improving their own products, creating user profiles, analysing and optimising their own activities, targeting ads. We have no real influence on how the information collected by the plugins is then used by the administrators of social networks. You can look for details in this regard in the regulations and privacy policies of individual social networking sites.
Social network plugins collect and transmit information to the administrators of these websites even when you browse our website without being logged in to your account on the social network. However, then the browser sends a more limited set of information.
If you have logged in to one of the social networking sites, the website administrator will be able to directly assign a visit to our site to your profile on a given social networking site.
If you do not want social networks to assign the data collected during your visit to our website directly to your profile on a given website, you must log out of this website before visiting our website. You can also completely prevent loading of plugins on the website by using appropriate extensions for your browser, e.g. blocking scripts.
In addition, the use of some plugins may involve the publication of certain information within your social profiles. For example, information about clicking the "Like" button may be available on your Facebook timeline. Of course, if you share some content on your social media using plugins embedded on my website, this sharing will naturally be visible in your profile.
As for the details related to the processing of information collected by plugins by social network administrators, in particular about the purpose and scope of data collection and their further processing and use by administrators, as well as the possibility of contact and your rights in this regard and the possibility of making settings to protect your privacy, you can find everything in the privacy policies of individual service providers:
- Facebook - https://www.facebook.com/privacy/explanation,
- Twitter - https://twitter.com/en/privacy,
- LinkedIN - https://www.linkedin.com/legal/privacy-policy,
- Instagram - https://www.facebook.com/help/instagram/155833707900388,
Live Chat. We provide you with the possibility to contact us directly in real time via chat. The chat is provided by Smartsupp.com s. r. o., which means that cookies of this company are also used. As part of these cookies, no information allowing your identification is stored. In this case, cookies are used for the proper functioning of the chat.
BugSnug. We strive to ensure that our application works flawlessly as possible. That is why we track JS errors. In this regard, we use the BugSnug tool, which may be based on cookies. These cookies do not store any information that allows for your identification. In this case, cookies are used to properly control JS errors.
Using the Website is associated with sending queries to the server on which the Website is stored. Each query directed to the server is saved in the server's logs.
Logs include your IP address, server date and time, information about the web browser and the operating system you are using. Logs are saved and stored on the server.
The data saved in the server logs are not associated with specific people using the Website and are not used by the Administrator to identify the User.
Server logs are only auxiliary material used to administer the Site, and their content is not disclosed to anyone except those authorised to administer the server.