Privacy policy

TRAVELBOATAPP PLATFORM PRIVACY POLICY

 

Effective Date: 10.04.2026

 

Travelboat Sp. z o.o., with its registered office in Warsaw at ul. Grzybowska 2/31, 00-131 Warsaw, entered in the Register of Entrepreneurs of the National Court Register maintained by the District Court for the Capital City of Warsaw in Warsaw, 12th Commercial Division of the National Court Register, under KRS No. 0001220993; with tax identification number (NIP) 5253077082, acting as the personal data controller (hereinafter: “Travelboatapp,” “Controller,” ‘we’), undertakes to protect the privacy of users of the Travelboatapp Platform available at https://www.travelboatapp.com (hereinafter collectively: “Platform”) .

This Privacy Policy sets out the rules for the collection, processing, and use of personal data in accordance with:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR),
  • the Act of May 10, 2018 on the Protection of Personal Data,
  • the Act of July 18, 2002 on the Provision of Electronic Services.

 

This Privacy Policy applies to all users of the Platform, including tenants, landlords, contractors, and individuals who contact us in connection with the Platform’s operations.

 

I. TYPES OF DATA COLLECTED

 

The Administrator may process the following data:

  1. Data voluntarily provided by the User, including:
    • first and last name,
    • email address, phone number,
    • residential or registered address,
    • login credentials (username, password),
    • ID card or passport number, including for the purpose of crew list registration
    • date of birth, gender,
    • sailing license (if applicable),
    • payment details (bank account number, payment card details),
    • data provided in correspondence with the Administrator.
  2. Data collected automatically:
    • IP address,
    • browser type and operating system,
    • date and time of visit,
    • pages visited,
    • location data,
    • mobile device identifiers.

 

II. PURPOSES AND LEGAL BASIS FOR DATA PROCESSING

 

  1. Creation and management of the User’s account – Article 6(1)(b) of the GDPR (performance of a contract).
  2. Handling inquiries and requests – Article 6(1)(f) of the GDPR (legitimate interest).
  3. Payment processing, invoicing, and billing – Article 6(1)(b) and (c) of the GDPR.
  4. Conducting marketing activities (newsletter, advertisements, remarketing) – Article 6(1)(a) or (f) of the GDPR.
  5. Handling complaints and disputes – Article 6(1)(f) of the GDPR.
  6. Conducting analyses and statistics – Article 6(1)(f) of the GDPR.

 

Travelboatapp undertakes not to process sensitive personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, nor to process genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning a natural person’s health, sex life, or sexual orientation.
If, during the exchange of information with a customer/prospective customer or system user, such information is provided by one of the parties, it will not be recorded by Travelboatapp in its database.

 

III. DATA RECIPIENTS

 

Data may be disclosed to:

  • payment service providers (e.g., PayU, Stripe),
  • hosting and IT companies,
  • entities providing legal, accounting, and marketing services,
  • landlords—to the extent necessary to process reservations,
  • public authorities—only when required by law.

 

IV. DATA SHARING

 

Travelboatapp does not sell any of your personal data and shares it only as described in this privacy policy or as required by law. We do not rent, distribute, or sell personal data to third parties unless we have your express prior consent. We ensure that access to your data is limited to the authorized internal or external recipients listed above.

Personal data may be transferred outside the European Economic Area only to entities that provide an adequate level of protection (e.g., based on a decision by the European Commission or standard contractual clauses).

 

It may happen that Travelboatapp will need to transfer personal data outside the European Union. In the event of a transfer of personal data outside the European Union, Travelboatapp will apply the necessary legal provisions appropriate to the situation related to such a transfer, ensuring that:
personal data is transferred to a country that ensures an adequate level of protection, or that the standard contractual clauses (SCCs) proposed by the European Commission have been signed, or that any other guarantee deemed adequate within the meaning of Article 46 of the GDPR has been applied.

 

In light of the European Commission’s adequacy decision of July 10, 2023, which concluded that the United States ensures a level of protection for personal data that is essentially equivalent to that of the EU, entities subject to the GDPR are authorized to transfer personal data to certified entities.
In this context, the aforementioned entities are not required to implement a data transfer mechanism in accordance with Article 46 of the GDPR or to rely on the exception under Article 49 of the GDPR.
Travelboatapp may transfer your personal data to certified entities that have publicly committed to complying with personal data protection standards, in accordance with the list of entities available on the U.S. Department of Commerce website at the following link: https://www.dataprivacyframework.gov/s/participant-search
Travelboatapp will oversee any other transfer of data to the U.S. using the standard mechanisms listed above.

 

V. DATA RETENTION PERIOD

Personal data will be processed:

  • for the duration of the contract and up to 6 years after its termination—for accounting, tax, and settlement purposes,
  • until consent is withdrawn—in the case of processing based on consent,
  • for the period necessary to assert or defend claims.

 

VI. USER RIGHTS

The user has the right to:

  • access their data,
  • rectify data,
  • erase data (“right to be forgotten”). The user may do so by sending an email to customer service at info@travelboatapp.com. This information is available in the user panel under “account settings.”
  • restrict processing,
  • transfer data,
  • object to data processing,
  • withdraw consent at any time,
  • file a complaint with the President of the Personal Data Protection Office (UODO).

 

VII. COOKIES

The platform uses cookies for the following purposes:

  • to ensure proper functioning,
  • for statistical analysis,
  • and for marketing (including remarketing). Users can manage cookies in their browser settings.

 

VIII. DATA SECURITY

The controller implements technical and organizational measures in accordance with Article 32 of the GDPR, including encryption, restricted access to data, and regular security tests.

Travelboatapp undertakes, through a duty of care, to take all measures necessary to ensure the security of your personal data.
To this end, Travelboatapp’s obligations include the use of all technical and organizational measures within the meaning of Article 32 of the GDPR that ensure the confidentiality, integrity, and availability of personal data, and thus a sufficient level of protection. Travelboatapp and its employees have been trained and made aware of personal data protection, including the consideration and application of the aforementioned measures.

 

IX. CONTACT

For matters related to the processing of personal data, please contact the Data Controller:

  • email: daneos@travelboatapp.com,
  • address: 2/31 Grzybowska St., 00-131 Warsaw.

 

X. CHANGES TO THE PRIVACY POLICY

The Privacy Policy may be updated periodically. The new version will be published on the Platform’s website with sufficient advance notice.