Regulations and Privacy Policy

PRIVACY POLICY

APPLICABLE TO INTEGRAL POLAND LIMITED LIABILITY COMPANY

WITH ITS REGISTERED OFFICE IN WARSAW

KRS 0000913274

NIP 5242922674

Effective as of April 18, 2024.

1. The purpose of the document

1.1. This document (hereinafter referred to as the “Policy”) sets out the entirety of the rules for the processing and protection of personal data applicable to Integral Poland Limited Liability Company with its registered office in Warsaw (the “Company”) entered into the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw, XIV Economic Department of the National Court Register, under the number KRS 0000913274, NIP: 5242922674. Share capital: PLN 5,000.

1.2. The document also contains templates of documents used by the Company in connection with the processing of personal data.

1.3. The Policy and the implemented principles of personal data protection have been developed taking into account the subject matter of the Company’s activity, i.e., activities related to the sale of tickets and VIP tickets for sports and cultural events, as well as cooperation with other entities in planning the participation of clients in the aforementioned events.

1.4. The principles implemented in the Policy are aimed at ensuring the highest level of protection of personal data processed by the Company, taking into account the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR“).

1.5. This Policy is subject to updating in line with changes in legal regulations and changes in the Company concerning operations on Personal Data. The review is carried out by the Company at least once a year, unless the need for more frequent updates is caused by significant changes in legal regulations or planned changes in the Company’s operations.

1.6. Processing of your personal data enables us to provide services including maintaining your account, processing orders, contact related to the execution of the contract, as well as sending marketing information (including newsletters).

2. Scope of Application

2.1. The Policy applies to all employees and collaborators of the Company, as well as other individuals who have access to personal data. Additionally, the Company ensures the application of principles arising from this Policy by entities processing personal data on its behalf in accordance with the rules specified in Point 11.

2.2. The Administrator uses cookies, i.e., small text information stored on the User’s end device (e.g., computer, tablet, smartphone). Cookies can be read by the Administrator’s IT system.

2.3. The Administrator, through the Website and other forms of communication, collects and processes the personal data of Users listed below, provided during the registration processes on the Website:

  • first name and last name,
  • residential address,
  • email address,
  • phone number.

2.4. The Administrator stores cookies on the User’s end device, and then accesses the information contained therein for the following purposes:

  • creating statistics to understand how users use websites, which allows for improving their structure and content;
  • marketing purposes (remarketing);
  • determining the user’s profile to display tailored materials to them in advertising networks, especially the Google network;
  • ensuring the proper functioning of the Store.

2.5. Personal data will be stored for the duration of the agreement and for the period specified by applicable regulations, taking into account the limitation period for claims and tax obligations.
2.6. Personal data for which you have given consent to processing will be stored until you withdraw your consent.

2.7. There is a possibility for the User to configure their internet browser in a way that prevents the storage of cookies on their end device. However, in such a situation, the use of the website by the User may be difficult.

2.8. Cookies can be deleted by the User after they are saved using the appropriate functions of the internet browser, programs designed for this purpose, or by using appropriate tools available within the operating system used by the User.

2.9. Below are links containing information on how to delete cookies in the most popular internet browsers:

⦁ Firefox: http://support.mozilla.org/pl/kb/usuwanie-ciasteczek,
⦁ Opera: http://help.opera.com/Linux/9.60/pl/cookies.html,
⦁ Internet Explorer: http://support.microsoft.com/kb/278835/pl,
⦁ Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647
⦁ Safari: http://support.apple.com/kb/HT1677?viewlocale=pl_PL

3. Terminology

Abbreviations used in the Policy:

PERSONAL DATA – information about an identified or identifiable natural person; an identifiable natural person is someone who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number PESEL, location data, an online identifier, or one or more specific factors defining the physical, physiological, genetic, mental, economic, cultural, or social identity of the natural person.

AUTHORIZED PERSON – a person to whom the Company has issued authorization to process Personal Data within the scope indicated in the authorization.

DATA SUBJECT – a natural person whose Personal Data is being processed.

PROCESSING OF PERSONAL DATA – an operation or a set of operations performed on Personal Data, whether automated or not, such as collection, storage, modification, retrieval, consultation, use, disclosure, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

INFORMATION SYSTEM – a set of cooperating devices, programs, procedures, and software tools used for the Processing of Personal Data.

UODO – Personal Data Protection Office.

ACT – the act of May 10, 2018 (i.e., of August 30, 2019, Journal of Laws of 2019, item 1781, as amended) on the protection of personal data, supplementing the provisions of the GDPR.

4. Responsibility

4.1. Konrad Dejkało is responsible for familiarizing employees with the Policy and other rules of Personal Data Processing.

4.2. Every employee and associate of the Company, particularly Authorized Persons, are responsible for adhering to the security of Personal Data, especially as described in this Policy.

4.3. Regardless of the liability specified in generally applicable legal provisions, a breach of the obligations set forth in this Policy may be grounds for terminating the employment or cooperation agreement with the person who has committed the culpable breach of these rules.

4.4. Violation of the principles outlined in the Policy may be considered improper performance of a mandate or work contract, particularly if the contractor, in the event of a breach of Personal Data protection rules or a justified suspicion of such a breach, did not inform the Company. Termination of the contract with the contractor does not exclude their criminal liability.

5. Basic principles

5.1. The Company takes all steps to ensure the reliable Processing of Personal Data and to provide the highest protection of Personal Data. To this end, it ensures:

  • lawfulness, fairness, and transparency of Personal Data Processing;
  • data minimization – Personal Data is adequate, relevant, and limited to what is necessary for the purposes for which it is processed;
  • accuracy – Personal Data is accurate and, where necessary, kept up to date;
  • purpose limitation – Personal Data is collected for specified, explicit, and legitimate purposes and not processed in a manner that is incompatible with those purposes;
  • integrity and confidentiality – Personal Data is processed using appropriate technical and organizational measures, ensuring a level of security appropriate to the risk, including protection against unauthorized or unlawful processing and accidental disclosure;
  • storage limitation – Personal Data is kept in a form that permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is processed;
  • accountability – The Company is responsible for compliance with the above principles, incorporating them at the design stage (privacy by design), and demonstrating compliance with them.

6. Record of processing activities

6.1. Given that the Company’s processing of data is not of a sporadic nature, the Company maintains a record of processing activities, which constitutes Attachment No. 1. The record of processing activities is kept in electronic Excel format and is updated continuously.

6.2. The Company may process special categories of employees’ personal data, including health information, to the extent permitted by labor, social security, and social protection laws. The Company may also process data regarding food allergies of participants taking part in tourism trips. The Company does not process other categories of special categories of Personal Data.

6.3. Special categories of Personal Data are understood as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person (e.g., facial images or fingerprint data), health data, data concerning sexual life or sexual orientation.

7. Risk analysis

7.1. The Company has conducted a risk analysis of Personal Data Processing based on the criteria constituting Attachment No. 2 to the Policy and the information contained in this Policy.

7.2. As a result of the assessment:

  • conducted risk analysis;
  • prepared record of processing activities;
  • compliance of personal data processing with GDPR.

The Company has concluded that conducting a data protection impact assessment is not necessary.

7.3. The Company will re-evaluate the risk analysis in the event of a change in the categories of Personal Data processed, a change in the procedures in force at the Company, or a change in applicable law.

8. Division of tasks

8.1. General provisions

8.1.1. The Company is the data controller, which means it is responsible for the Processing of Personal Data and their protection in accordance with the provisions of the GDPR, the Act, and other applicable laws.

8.1.2. The Company informs that your personal data may be transferred to the payment operator and courier company to fulfill the service.

8.1.3. Notwithstanding the above, all Authorized Persons are obliged to ensure the security of Personal Data Processing.

8.2. Data protection officer 

8.2.1. Given that the conditions specified in Article 37(1) of the GDPR do not apply, the Company does not appoint a Data Protection Officer.

8.3. Personal Data Controller

8.3.1. The Personal Data Controller is Integral Poland Spółka z ograniczoną odpowiedzialnością, based in Warsaw.

8.3.2. Company Address: ul. Poleska 6/44, 03-506 Warsaw

8.3.3. Contact details for the Company:

Mailing address: ul. Poleska 6/44, 03-506 Warsaw

Email: konrad@integralpoland.com

8.3.4. The responsibilities of the Controller are carried out by Konrad Dejkało:

  • identification of areas where Personal Data is processed;
  • identification of categories of Personal Data, taking into account the principle of data minimization;
  • supervision of the proper Processing of Personal Data, including the decision to grant authorizations, considering the principle of data minimization;
  • ensuring the correct processing and effective protection of Personal Data in accordance with the principles derived from the GDPR;
  • division of tasks and responsibilities related to the protection of Personal Data;
  • implementation and updating of technical and organizational measures ensuring the correct Processing of Personal Data and the ability to demonstrate the correctness of Personal Data Processing;
  • ensuring periodic reviews of Personal Data Processing, risk analysis, and the current Policy.

8.4. Authorized persons

8.4.1. Only individuals authorized to process Personal Data are permitted to do so.

8.4.2. Konrad Dejkało is responsible for granting authorizations to process Personal Data.

8.4.3. Access to Personal Data is granted only to individuals whose access is necessary to perform their duties or to ensure the protection of Personal Data.

8.4.4. Authorizations are issued before the commencement of Personal Data Processing upon the submission of a signed Statement to the Company, the template of which is Attachment No. 3 to this Policy.

8.4.5. The authorization is prepared in accordance with the template provided in Attachment No. 4 to the Policy.

8.4.6. The Company maintains a record of Authorized Persons to Process Personal Data in accordance with the template provided in Attachment No. 5.

8.4.7. An Authorized Person is required to be familiar with the applicable rules for the protection of Personal Data, including this Policy, and should use all available means to protect the data to the fullest extent possible, particularly to prevent unauthorized access to the Processed Personal Data.

8.4.8. Authorized Persons undergo periodic training on the Company’s rules for processing and protecting Personal Data.

8.4.9. The duties of an Authorized Person also include:

  • processing Personal Data in accordance with applicable laws, this Policy, and other internal regulations;
  • keeping Personal Data and information on their security measures confidential;
  • immediately informing the Company of any suspected incidents related to breaches of the Personal Data Processing rules.

9. Implementation of data subject rights

9.1. Basic principles

9.1.1. Data Subjects have the right to:

  • receive information about the Company’s data, data processing rules, and their rights, as specified in point 9.2 below;
  • obtain confirmation of whether data concerning them are being processed, and if so, access and obtain information as described in point 9.3 below (right of access);
  • request immediate correction of their Personal Data that is incorrect and (taking into account the purposes of processing) request completion of incomplete Personal Data, including by submitting an additional statement;
  • access and amend their personal data, and request the Controller to promptly delete them (“right to be forgotten”);
  • request restriction of Personal Data processing;
  • data portability;
  • object to the processing of their Personal Data.

9.1.2. Actions referred to in point 9.1.1 b)-g) are taken upon the request of the Data Subject.

9.1.3. Requests should be addressed to the email address: konrad@integralpoland.com or to the address: ul. Poleska 6/44, 03-506 Warsaw.

9.1.4. Requests as referred to in point 9.1.3 are processed by Konrad Dejkało.

9.1.5. If the request raises doubts for the person processing it, including regarding the scope of the requested information, this person may ask the Data Subject for clarification.

9.1.6. Responses to requests as referred to in point 9.1.1 b)-f) are provided in writing within one month of receiving the request, unless the Data Subject specifies a different form.

9.1.7. The period referred to in point 9.1.6 may be extended by two months due to the complexity of the request or the number of requests. The person processing the request is obliged to inform the Data Subject of the extension and its reasons.

9.1.8. Actions as referred to in this chapter are taken free of charge. If requests are manifestly unfounded or excessive, especially due to their repetitive nature, the Company may decide to:

  • refuse to take action;
  • charge a fee, which cannot exceed the actual costs incurred by the Company in dealing with the request.

9.1.9. The person processing the request is authorized to verify the identity of the Data Subject, if there are doubts about it, by inspecting their ID card or another identity document.

9.1.10. Within 14 days, the Company informs each recipient to whom Personal Data has been disclosed about the correction or deletion of Personal Data, or restriction of processing, in accordance with the request, unless this is impossible or would require disproportionate effort.

9.2. Information provided to the data subject

9.2.1. Before commencing the Processing of Personal Data, the Data Subject receives the following information in writing from the Company:

  • Company details;
  • purpose and legal basis for Processing Personal Data;
  • duration for which Personal Data will be processed or criteria for determining this period;
  • right of access to Personal Data, their correction, deletion, or restriction of Processing, and the right to object to their Processing;
  • right to withdraw consent at any time (if data processing is based on consent);
  • right to lodge a complaint with the supervisory authority;
  • categories of recipients of Personal Data;
  • information on whether the provision of data is a statutory or contractual requirement or a requirement necessary to enter into a contract, and whether the Data Subject is obliged to provide the data and what the consequences are of not providing the data.

9.2.2. The information referred to in point 9.2.1 is not provided if the Data Subject already has this information.

9.2.3. The information is provided in informational clauses, constituting Attachment No. 6 to the Policy. Information clauses are made available to Data Subjects as follows:

  • Employees and Collaborators – as an attachment to the agreement.
  • Job Applicants – the first layer in the job advertisement, with additional information available on the Company’s website.
  • Customers – on the Company’s website.

9.3. Right of access for the data subject

9.3.1. The Data Subject may obtain confirmation from the Company as to whether their Personal Data is being processed, and if so, they are entitled to access them and obtain information about:

  • the purposes of Processing;
  • the source of data (if not collected directly from the Data Subject);
  • the categories of Personal Data being processed;
  • recipients or categories of recipients to whom the Personal Data have been or will be disclosed;
  • the envisaged period for which the Personal Data will be stored, or if not possible, the criteria used to determine that period;
  • their rights.

9.3.2. Along with the information mentioned above, the Data Subject is provided with a copy of the Personal Data undergoing Processing. The copy is provided via email, unless the Data Subject specifies a different form.

9.3.3. For any subsequent copies requested by the Data Subject within two months of receiving the previous copy, the Company charges a fee corresponding to the administrative costs incurred by the Company in preparing such copies.

10. Security of personal data processing

10.1. Authorized Persons are obliged to take actions to ensure the highest protection of Personal Data.

10.2. The Company establishes the following basic security principles:

  • Personal data stored in a cloud system,
  • Paper-based data stored in a binder in a locked cabinet inaccessible to unauthorized persons,
  • Application of server security measures,
  • Every person with access to data is briefed on data protection principles,
  • Persons with access to Personal Data are obligated to keep Personal Data and information about their security measures confidential,
  • The obligation to keep Personal Data and information about their security measures confidential is also enforced through written declarations received from individuals authorized to process Personal Data.

11. Sharing and outsourcing of personal data processing

11.1 Sharing of personal data

11.1.1. Personal Data may only be shared with entities authorized to receive them under the law or with the Data Subjects.

11.1.2. The principles of sharing Personal Data with Data Subjects are specified in point 9.

11.1.3. Sharing of Personal Data occurs only with the consent of the Company, considering data security principles, including the principle of data minimization.

11.1.4. Information containing Personal Data should be provided to authorized entities in a manner ensuring the protection of Personal Data.

11.1.5. When sharing Personal Data with other entities, the Company is obliged to record information about the sharing, including: information about the recipient of Personal Data, the date and scope of the shared Personal Data, and the legal basis for sharing.

11.1.6. When sharing Personal Data, it should be noted that it can only be used for the purpose for which it was shared.

11.2. Outsourcing of personal data processing

11.2.1. The Company entrusts the processing of Personal Data primarily to entities that provide IT services for maintaining computer systems and accounting services on its behalf.

11.2.2. The outsourcing of Personal Data Processing occurs only based on a written agreement, which specifies in particular:

  • The type of Personal Data,
  • Categories of individuals whose data are concerned,
  • The period for which data are entrusted,
  • Duties and rights of the Company,
  • The scope of responsibility of the entity entrusted with processing data in case of non-performance or improper performance of the agreement,
  • The commitment of the external entity to process Personal Data only upon documented instructions from the Company.

11.2.3. Outsourcing of Personal Data Processing must comply with the requirements set out in Article 28 of the GDPR. In particular, the external entity to which Personal Data Processing is to be entrusted is obliged, before commencing Personal Data Processing, to take measures required under Article 32 of the GDPR.

11.2.4. The Data Processor may not subcontract the processing of Personal Data without obtaining prior written consent from the Company.

11.2.5. Outsourcing of Personal Data Processing does not exempt the Company from liability for law-compliant Personal Data Processing. This means that the Company must be granted the right to conduct, at the premises of the external entity, inspections of the execution of the agreement constituting the basis for entrusting Personal Data Processing, including compliance with internal regulations, granted authorizations for data processing, and obligations to maintain confidentiality. The external entity should also provide the Company with all necessary information to demonstrate compliance with the obligations specified in the Regulation.

12. Incident management

12.1. Events breaching Personal Data security

12.1.1. Random threats compromising Personal Data security include:

  • Internal random threats (e.g., mistakes, software errors, hardware failures).
  • External random threats (e.g., power outages, natural disasters).

12.1.2. Threats can also be deliberate, including:

  • Unauthorized access to the Information System from outside (hacking).
  • Unauthorized access to the Information System caused by an employee.
  • Unauthorized disclosure of Personal Data.
  • Deterioration of the Information System quality resulting in loss or reduction of confidentiality protection.

12.1.3. Breach of Personal Data security also includes inadequate securing of places storing Personal Data, such as unauthorized access to computers, open cabinets containing files, leaving storage devices in public places.

12.2. Incident monitoring and reporting

12.2.1. Anyone noticing an event that could lead to a breach of Personal Data security must immediately inform Konrad Dejkało.

12.2.2. Upon receiving a report of a potential breach of Personal Data security, the informed person must promptly take actions to:

  • Clarify the event, including determining if there has been a breach of Personal Data security.
  • Determine the causes of the breach and gather any evidence of the breach of Personal Data protection principles.
  • Minimize the consequences of the Personal Data breach.
  • Rectify the effects of the incident.

12.2.3. Clarification of the reported incident includes:

  • Conducting an analysis of the functioning of the information system.
  • Verifying the methods of securing data processing in the information system, especially the configuration data of the IT system.

12.2.4. After clarifying the incident related to Personal Data security, Konrad Dejkało prepares a report, which includes:

  • Description of the identified incident.
  • Actions taken to minimize the incident’s consequences.
  • Any measures aimed at preventing such incidents in the future.

12.2.5. Incident reports are archived in the Company for evidentiary purposes. The incident report template is provided as Attachment No. 7 to the Policy.

12.2.6. The Company maintains a record of interventions related to incidents of Personal Data security breaches, containing the following information:

  • Name of the person reporting the incident.
  • Name of the person receiving the incident report.
  • Date of the incident report.
  • Circumstances of the Personal Data security breach.
  • Consequences of the Personal Data security breach.
  • Actions taken to clarify the causes of the incident.
  • Results of the actions taken.
  • Remedial actions taken and their effectiveness assessment.

12.2.7. The intervention record is provided as Attachment No. 8 to the Policy and can be kept in paper or electronic format.

12.2.8. At least once a year, the Company conducts an analysis of incidents to:

  • Determine the effectiveness of the actions taken to clarify and rectify incidents.
  • Identify necessary actions to enhance the security of the Information System and minimize the risk of incidents.
  • Identify training needs for Authorized Persons.

12.3. Reporting breaches to the Polish Data Protection Authority (UODO)

12.3.1. In the event of a breach of Personal Data security, the Company must report it to the UODO no later than 72 hours after becoming aware of the breach.

12.3.2. Reporting is not required if, based on the incident report, it is unlikely that the breach will result in a risk to the rights or freedoms of individuals.

12.3.3. If the report is made after 72 hours from discovering the breach, an explanation of the reasons for the delay must be included in the report.

12.3.4. The notification template to the UODO is provided as Annex 9 to the Policy. It is permissible to make the notification using a form available on the UODO website.

13. Store information

13.1. Registry Names and Supervisory Authority:

Integral Poland Limited Liability Company based in Warsaw (“Company”) registered in the National Court Register maintained by the District Court for the Capital City of Warsaw, XIV Economic Department of the National Court Register, under the KRS number 0000913274, NIP: 5242922674.

13.2. Accepted Payment Methods:

The customer can choose the following payment methods for ordered Goods: BLIK payments, payment card, electronic transfer through an external payment system called imoje, operated by ING Bank Śląski S.A. based in Katowice.

13.3. Payment is made through payment links.

14. Profiling

Integral Poland does not engage in Profiling as defined: any form of automated processing of Personal Data that involves the use of Personal Data to evaluate certain personal aspects relating to an individual, in particular to analyze or predict aspects concerning that individual’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

15. Final provisions

15.1.1. Attachment No. 1 – register of processing activities.

15.1.2. Attachment No. 2 – criteria for risk analysis.

15.1.3. Attachment No. 3 – declaration of compliance with Personal Data protection regulations.

15.1.4. Attachment No. 4 – authorization for Personal Data processing – template.

15.1.5. Attachment No. 5 – template record of Authorized Persons.

15.1.6. Attachment No. 6 – information clauses.

15.1.7. Attachment No. 7 – template incident report.

15.1.8. Attachment No. 8 – incident log.

15.1.9. Attachment No. 9 – UODO notification template.

15.2. Matters not regulated in the Policy are governed by the provisions of the GDPR, the Act, and the executive regulations to the Act.

15.3. This Policy shall enter into force on the date of adoption.

Store Regulations

The Regulations are available for inspection to everyone free of charge before entering into any agreement on the website, and also – upon your request – in such a way that allows you to obtain, reproduce, and record the content of the Regulations using the teleinformatics system you use. Some special services provided by Integral Poland may be subject to additional and complementary conditions compared to these Regulations. In the event of any discrepancies between these Regulations and the terms relating to such a special service, the terms relating to it shall take precedence.

Contact and method of communication between Integral Poland and the Client:

by email at: info@integralpoland.com

via the contact form available on the website: https://integralpoland.com/

by phone at: +48 537 547 555 (open on business days between 9 am and 3 pm)

SHOP INFORMATION

1.1. Registry and governing body names:

Integral Poland limited liability company based in Warsaw (“Company”) registered in the National Court Register kept by the District Court for the Capital City of Warsaw, XIV Economic Department of the National Court Register, under the KRS number 0000913274, NIP: 5242922674.

1.2. Accepted payment methods.

1.2.1. The customer can choose the following payment methods for ordered Goods: BLIK payments, payment card, electronic transfer through the external payment system imoje, operated by ING Bank Śląski S.A. based in Katowice.

1.2.2. Payment is made through payment links.

1.3. The store does not have a fixed price list for the services offered, due to the individual nature of each order. To obtain information about a specific service, please fill out the contact form on the website or contact us by email/phone.

PRELIMINARY PROVISIONS

2.1. As part of the sale, we provide free and paid services provided electronically in the form of: forms, email and telephone contact, newsletter, and support during organized trips.

2.2. Each agreement for the provision of free electronic services may be terminated at any time without giving a reason, in the manner indicated here or in further provisions of the Regulations. You can also unsubscribe from the newsletter services by opting out at the bottom of each newsletter.

2.3. By using the Services, you declare that you are aware and fully accept that we are not the provider of attractions and services indicated in the proposal, but merely present compiled offers from third-party entities.

2.4. The Seller does not provide tourist services within the meaning of the Act of November 24, 2017, on tourist events and related tourist services.

2.5. The Seller is not responsible for the Customer’s failure to meet formal requirements necessary for entry into a particular country (e.g., having a valid passport or visas) or for using a specific offer.

PROPOSAL SUBMISSION

3.1. To receive a proposal, you must first complete and submit the form on the website: integralpoland.com. You can also use email or phone contact with the office:

email: info@integralpoland.com

phone: +48 537 547 555

3.2. You are required to accept or express a desire to make changes to the proposal. Changes to the travel proposal are made via email.

3.3. In case we receive a request to prepare a modified travel proposal, the above procedure applies accordingly.

3.4. The proposal is the current proposal as of the date of its preparation, and attractions or services indicated therein, as beyond the control of Integral Poland, may change from day to day. Services in the proposal, their prices, and availability are continuously updated. Before entering into the Agreement, we may also send a travel proposal in a revised version, taking into account the most current situation.

3.5. Acceptance of the proposal occurs by activating payment or through email confirmation.

AGREEMENT

4.1. Acceptance of the proposal by you is equivalent to submitting an offer by you to conclude an Agreement for the provision of Services through the implementation of the proposal accepted by you.

4.2. Confirmation of accepting the proposal for implementation is a statement by Integral Poland of accepting the offer referred to above. Upon confirmation of accepting the proposal for implementation, an Agreement is concluded between you and Integral Poland. Integral Poland has one working week to confirm acceptance of the travel proposal for implementation (counting from the moment you accept the proposal). In the event that we do not confirm acceptance of the travel proposal for implementation within the above-mentioned period, no agreement is concluded between you and Integral, and any payments made for the proposal not accepted for implementation will be promptly refunded to you.

4.3. Upon conclusion of the Agreement, the travel proposal cannot be changed, except in cases where, due to force majeure or circumstances arising on the part of third parties included in the travel proposal, it is necessary to change the travel proposal to prevent an increase in travel costs and to maintain the date of implementation of the travel proposal indicated in the Agreement. This may occur, in particular, due to the unavailability of services indicated in the travel proposal or a significant change in the price indicated in the travel proposal. The change to the proposal can only occur without prejudice to the interests of the Client. In the event of a change to the travel proposal, Integral Poland will inform you immediately of the change. You are then entitled to withdraw from the Agreement – until Integral Poland makes the first purchase from the proposal – or to use the deposited amount to carry out a similar service, after consultation with Integral Poland.

4.4. We may make changes to the proposal due to force majeure.

4.5. By entering into an Agreement with us, you authorize us (grant us power of attorney) to:

  • conclude on your behalf and for your benefit agreements with entities providing services and attractions indicated in the proposal;
  • perform factual and legal acts to implement the services and attractions provided for in the proposal;
  • transfer your funds to entities offering services and attractions indicated in the proposal for the purpose of providing these services and attractions on your behalf;
  • pursue claims in connection with the non-performance or improper performance of the agreement by the entity providing the service or attraction indicated in the proposal, provided that this authorization will be exercised on special terms agreed between Integral Poland and you.

4.6. The above authorization (power of attorney) is limited to the amount indicated in the proposal that is the subject of the Agreement and cannot result in the incurring of debt or other negative disposition of your assets not included in the travel proposal.

4.7. After concluding all agreements on your behalf and for your benefit with entities offering services and attractions indicated in the travel proposal, we will provide you with details.

COMPLAINTS

5.1. Due to the nature of the services provided, Integral Poland does not foresee the possibility of returns.

5.2. Any notifications of non-conformity of the Service with the agreement and the submission of a request can be made by email to: info@integralpoland.com

5.3. The Seller will respond to the Customer’s request promptly, no later than within 14 days from the date of notification.

5.4. The Seller is not responsible for the improper performance of the obligation by airlines, hotel service providers, or any other entities to which services were indicated by the Seller’s offers. All claims should be directed to the entities that provided or were supposed to provide the mentioned services.

RIGHT OF WITHDRAWAL FROM THE AGREEMENT

6.1. Subject to point 2 of this paragraph, a Customer who is also a Consumer or a party who has concluded a distance contract may withdraw from it without giving any reason by submitting a relevant statement within 14 days.

The right of withdrawal from a distance contract shall not apply to the Consumer or the entity in the case of an Agreement:
6.1.2. for which the Consumer is obliged to pay the price, if the Seller has fully performed the service with the explicit prior consent of the Consumer, who was informed before the provision began that upon the performance of the service by the Seller, they would lose the right to withdraw from the contract, and the Consumer has accepted this fact,
6.1.2. the subject of which is a non-prefabricated item, manufactured according to the Consumer’s specifications or serving to satisfy their individual needs.

6.2. The right to withdraw from the Agreement is available to both the Seller and the Customer in the event of non-performance by the other party of their obligation under the agreement within the strictly specified deadline.

PROVISIONS CONCERNING BUSINESSES (B2B)

7.1. This paragraph contains provisions solely applicable to entrepreneurs not covered by the protection provided by the Consumer Rights Act.

7.2. The Seller has the right to withdraw from the Agreement concluded with a Customer who is not a Consumer within 14 working days from the date of its conclusion. Withdrawal from the Agreement in this case may occur without giving any reason and does not give rise to any claims against the Seller on the part of the Customer who is not a Consumer.

7.3. The Service Provider may terminate the agreement for the provision of Electronic Services with immediate effect and without giving any reasons by sending a declaration of termination to the non-Consumer Service Recipient.

PROVISIONS CONCERNING BUSINESSES UNDER CONSUMER RIGHTS

8.1. A sole proprietor conducting business activity (this paragraph does not apply to commercial partnerships) is covered by the protection provided by the Consumer Rights Act provided that the agreement concluded with the Seller is directly related to their business activity but the content of this agreement indicates that it does not have a professional nature, resulting in particular from the subject matter of the business activity carried out by them.

8.2. The person conducting business activity referred to in point 1 of this paragraph is covered by protection only in the scope of:
8.2.1. unfair contract terms – so-called abusive clauses,
8.2.2. liability for non-conformity of the Service with the agreement,
8.2.3. the right to withdraw from a distance contract.

8.3. The entrepreneur referred to in point 1 of this paragraph loses consumer protection rights if the Sales Agreement they concluded with the Seller has a professional nature, which is verified based on the entry of this entrepreneur in the Central Register and Information on Economic Activity of the Republic of Poland, in particular the codes of the Polish Classification of Activities indicated there.

8.4. Entrepreneurs referred to in point 1 of this paragraph are not covered by the institutional protection provided for Consumers by district consumer ombudsmen as well as the President of the Office of Competition and Consumer Protection.

Cookie Policy

  1. The website does not collect any information automatically, except for the information contained in cookies.
  2. Cookies (so-called “cookies”) are IT data, in particular text files, which are stored on the end device of the User and are intended for use on websites. Cookies usually contain the name of the website from which they originate, the time of storing them on the end device, and a unique number.
  3. The entity placing cookies on the end device of the User and accessing them is the operator of the Website.
  4. Cookies are used for the following purposes::
    • adapting the content of the Store’s websites to the User’s preferences and optimizing the use of websites; in particular, these files allow recognizing the User’s device and properly displaying the website adapted to his individual needs;
    • creating statistics that help understand how Users use websites, which enables improving their structure and content;
  5. Two main types of cookies are used within the Website: “session” cookies and “persistent” cookies. “Session” cookies are temporary files that are stored on the User’s end device until leaving the website or turning off the software (web browser). “Persistent” cookies are stored on the User’s end device for the time specified in the parameters of cookies or until they are deleted by the User.
  6. The following types of cookies are used within the Website:
    • “essential” cookies, enabling the use of services available within the Store, e.g., authentication cookies used for services requiring authentication within the Store;
    • cookies used to ensure security, e.g., used to detect abuses in the authentication process within the Store;
    • “performance” cookies, allowing the collection of information about how the Store’s websites are used;
    • “functional” cookies, allowing to “remember” the settings chosen by the User and personalize the User interface, e.g., in terms of the selected language or region, from which the User comes, font size, appearance of the website, etc.;
    • “advertising” cookies, allowing to deliver Users with advertising content more tailored to their interests.
  7. In many cases, software used to browse websites (web browser) allows cookies to be stored on the User’s end device by default. Users can change their cookie settings at any time. These settings can be changed, in particular, in such a way as to block the automatic handling of cookies in the web browser settings or to inform about each placement of cookies on the User’s device. Detailed information on the possibilities and ways of handling cookies is available in the software settings (web browser).
  8. The Website operator informs that limiting the use of cookies may affect some functionalities available on the websites.
  9. Cookies placed on the User’s end device and used may also be used by advertising providers and partners cooperating with the Website operator.
  10. More information about cookies is available at www.allaboutcookies.org or in the “Help” section of the web browser menu.