Privacy Policy

1. General information

1. This policy applies to the Website operating under the url: mertz.travel.
2. The Operator of the Website and Controller of personal data is: PGH Masters Group Sp. z o. o. a company with its registered office at Rynek Główny 28, 31-010 Kraków.
3. Contact email address of the Operator: info@mertz.travel.
4. The Operator is the Controller of your personal data that you voluntarily provide on the Website.
5. The Website uses personal data for the following purposes:
   • Newsletter management
   • Conducting online chat
   • Handling of enquiries via the form
   • Provision of the services ordered
   • Presentation of an offer or information

1. The Website performs the functions of obtaining information about users and their behaviour in the following ways:
   1. Through the data voluntarily provided in the forms, which are entered into the Operator’s systems.
   2. By storing cookies on terminal devices.

2. Selected data protection methods applied by the Operator

1. The login and personal data entry points are protected in the transmission layer (SSL certificate). This ensures that the personal and login data entered on the Website are encrypted on your computer and can only be read on the target server.
2. The Operator periodically changes its administrative passwords.
3. The Operator makes regular backups for data protection purposes.
4. An important element of data protection is the regular updating of all software used by the Operator to process personal data, which in particular means regular updates of programming components.

3. Hosting

1. The Website is hosted (technically maintained) on the server of the Operator: cyberFolks.pl

4. Your rights and additional information on how we use your data

1. In certain situations, the Controller has the right to transfer your personal data to other recipients if this is necessary for the performance of a contract concluded with you or for the fulfilment of obligations incumbent on the Controller. This applies to the following groups of recipients:
   • hosting company on the basis of a processing agreement
   • postal operators
   • operators of online chat solutions
   • authorised employees and associates who use the data to fulfil the purpose of the Website
   • companies providing marketing services to the Controller
   • contractors providing services to the Controller’s customers

1. Your personal data will be processed by the Controller for no longer than it is necessary for the performance of the related activities defined by separate regulations (e.g. on accounting). With regard to marketing data, data will not be processed for longer than 3 years.
2. You have the right to request from the Controller:

1. • access to your personal data,
   • rectification of your personal data,
   • deletion of your personal data,
   • restriction of processing of your personal data,
   • transfer of your personal data.

1. You have the right to object, with regard to the processing indicated under 3.3 c), to the processing of personal data for the purposes of pursuing the legitimate interests pursued by the Controller, including profiling, whereby the right to object will not be exercisable where there are valid legitimate grounds for the processing which override your interests, rights and freedoms, in particular the establishment, assertion or defence of claims.
2. The Controller’s actions may be complained about to the President of the Office for Personal Data Protection, ul. Stawki 2, 00-193 Warszawa.
3. The provision of personal data is voluntary, but it is necessary for the operation of the Website.
4. Activities involving automated decision-making, including profiling, may be undertaken in relation to you for the purpose of providing services under a contract concluded and for the purpose of direct marketing by the Controller.
5. Personal data is not transferred to third countries within the meaning of data protection legislation. This means that we do not send them outside the European Union. “Persistent cookies” are stored on your terminal device for the time specified in the parameters of the cookies or until you delete them.

5. Information in forms

1. The Website collects information you provide voluntarily, including personal data if any is provided.
2. The Website can record information about the connection parameters (time stamp, IP address).
3. The Website may, in some cases, record information to help link the data in the form with the email address of the user completing the form. In such case, your email address appears inside the url of the page containing the form. In such case, your email address appears inside the url of the page containing the form.
4. Data provided in the form are processed for the purpose resulting from the function of a particular form, e.g. for the purpose of processing a service request or business contact, service registration, etc. Each time the context and description of a form informs in a clear way what it is used for.

6. Controller’s logs

1. Information on your behaviour on the Website may be subject to logging. This data is used for the administration of the Website.

7. Essential marketing techniques

1. The Operator uses statistical analysis of the website traffic via Google Analytics (Google Inc. based in the USA). The Operator does not transmit personal data to the operator of this service, only anonymised information are transmitted. The service is based on the use of cookies on your terminal device. With regard to information on your preferences collected by Google’s advertising network, you can view and edit the information resulting from the cookies using the following tool: https://www.google.com/ads/preferences/
2. The Operator uses remarketing techniques to match advertising messages with your behaviour on the Website, which may give the illusion that your personal data is being used to track you, but in practice no personal data is transferred from the Operator to advertising operators. A technological prerequisite for this is that cookies are enabled.
3. The Operator uses the Facebook pixel. This technology means that Facebook (Facebook Inc., USA) knows that a person registered with it is using the Website. In this case, Facebook uses data for which it is the controller. The service is based on the use of cookies on your terminal device.
4. The Operator uses a solution to study user behaviour by creating heat maps and recording behaviour on the Website. This information is anonymised before it is sent to the service provider so that they do not know which individual it relates to. In particular, passwords typed and other personal data are not recorded.
5. The Operator uses a solution that automates the operation of the Website with respect to users, e.g. it may send an email to you after you have visited a particular page, provided that you have consented to receive commercial correspondence from the Operator.

8. Information on cookies

1. The website uses cookies.
2. Cookies are computer data, in particular text files, which are stored on your terminal device and allow you to use the pages of the Website. Cookies usually contain the name of the website from which they originate, the duration of their storage on the terminal device, and a unique number.
3. The entity that places cookies on your terminal device and that has access to those files is the operator of the Website.
4. Cookies are used for:
   1. maintaining a session for the Website user (after logging in), thanks to which you do not have to re-enter your login and password on each page of the Website;
   2. achieving the objectives set out above under “Essential marketing techniques”;
5. The Website uses two types of cookies: “session cookies” and “persistent cookies”. “Session cookies” are temporary files that are stored on your terminal device until you log off, leave the website or turn off the software (web browser). “Persistent cookies” are stored on your terminal device for the time specified in the parameters of the cookies or until you delete them.
6. sually the software used for browsing websites (web browser) allows cookies to be stored on your end device by default. You can change your settings in this respect. Your web browser allows you to delete cookies. It is also possible to automatically block cookies. Please refer to your browser’s help or documentation for details.
7. Applicable restrictions on the use of cookies may affect certain functionalities available on the Website.
8. Cookies stored on your terminal device may also be used by entities cooperating with the operator of the Website. In particular, this applies to the following companies: Google (Google Inc. based in the USA), Facebook (Facebook Inc. based in the USA), Twitter (Twitter Inc. based in the USA).

9. Managing cookies – how to give and withdraw consent?

1. If you do not wish to receive cookies, you can change your browser settings. Please note that disabling cookies that are essential for authentication, security and maintaining user preferences can make it difficult, and in extreme cases impossible, to use websites.
2. To manage your cookie settings, select your web browser from the list below and follow the instructions:
   • Edge
   • Internet Explorer
   • Chrome
   • Safari
   • Firefox
   • Opera

Mobile devices:

1. • Android
   • Safari (iOS)
   • Windows Phone