Privacy Policy

This Privacy Policy defines the rules for processing and protecting personal data provided by Users in connection with the use of the eskapizm.com website and related services. This document explains how we care for your privacy, what data we collect, and what rights you have.

§ 1. Data Controller

The data controller is Eskapizm sp. z o.o. based in Wrocław (50-125), ul. Św. Mikołaja 8/11 lok. 208, registered in the National Court Register under number KRS: 0001197888, Tax ID (NIP): 8971960652, REGON: 542917530 (hereinafter: "Controller").

For matters related to personal data protection and exercising your rights, you can contact us:

  • By email: justyna@eskapizm.com
  • By mail: at the registered office address above.

§ 2. Purposes and legal bases for processing

We process your personal data for specific purposes and based on GDPR provisions (General Data Protection Regulation):

Service and order fulfillment (Travel Plan)

Preparing individual travel plan, order and payment handling.

Art. 6(1)(b) GDPR (necessity for contract performance).

Ongoing communication

Responding to inquiries sent via email, WhatsApp, Instagram, or contact forms.

Art. 6(1)(f) GDPR (legitimate interest of the Controller – building relationships and responding).

Newsletter

Sending information about news, promotions, and travel offers.

Art. 6(1)(a) GDPR (your voluntary consent).

Publishing reviews and comments

Displaying your review on the website.

Art. 6(1)(a) GDPR (your consent expressed by submitting a review).

Accounting and taxes

Issuing invoices and maintaining accounting documentation.

Art. 6(1)(c) GDPR (legal obligation of the Controller).

Analytics and statistics (including heat maps)

Analyzing website usage, creating statistics, improving service usability (using tools such as Google Analytics 4, Microsoft Clarity).

Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR (consent for analytical cookies).

Marketing and advertising (including remarketing)

Displaying tailored ads on external services (Google, Facebook/Instagram).

Art. 6(1)(a) GDPR (consent for marketing cookies).

Pursuing claims and defense of rights

Debt collection, legal proceedings, defense against claims.

Art. 6(1)(f) GDPR (legitimate interest of the Controller).

Special category data (Health)

Including information about disabilities (e.g., wheelchair use) or allergies/diets in the travel plan.

Art. 9(2)(a) GDPR (explicit User consent).

§ 3. Scope of processed data

The scope of data depends on the purpose for which you contact us:

  • Travel plan order: First name, last name, email address, phone number (optional), invoice data (company/address), travel destination, preferred dates, budget, lifestyle, and travel preferences.
  • Children's data: We only process information about children's age (without exact birth dates) to estimate costs and select attractions.
  • Newsletter: First name, email address.
  • Reviews: First name, photo/avatar (if you share), social media profile link, review content.
  • Automatically collected data (Microsoft Clarity / GA4): Data about website behavior (mouse movements, clicks, scrolling). Important: Microsoft Clarity automatically masks form fields, so we do not record the personal data you enter.

§ 4. Data recipients

We care about the confidentiality of your data. We only transfer it to entities necessary for providing our services and operating the website:

    § 5. Data transfers outside the EEA

    legal.privacy.section5.description

    • European Commission adequacy decisions (under the so-called Data Privacy Framework, which the above companies have joined).
    • Standard Contractual Clauses (SCC) approved by the European Commission, in cases where the entity does not participate in the DPF program.

    § 6. Social Media and Joint Controllership

    § 7. Data retention period

    We retain your data only as long as necessary:

    • Accounting documents (invoices): 5 years from the end of the calendar year.
    • Contract performance: For the duration of the contract and the limitation period for potential claims (maximum 6 years).
    • Newsletter: Until consent is withdrawn (unsubscribed).
    • Ongoing communication (email/messengers): For 2 years from the last contact, to maintain correspondence continuity.
    • Health data (special categories): Deleted immediately after service completion (end of planning/travel), unless needed for complaint processing.

    § 8. User rights

    Under GDPR, you have the right to:

    • Access your data and receive a copy.
    • Rectification (correction) of data if incorrect.
    • Erasure of data ("right to be forgotten") – in cases provided by law.
    • Restriction of data processing.
    • Data portability to another controller.
    • Object to processing (especially for marketing purposes).
    • Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).

    To exercise these rights, write to us: justyna@eskapizm.com

    § 9. Cookie Policy

    The eskapizm.com website uses cookies to ensure proper operation, traffic analysis, and marketing purposes.

    1. Types of cookies

    In our cookie banner, you can manage consents for the following categories:

    • Technical (Necessary): Enable basic website functions (navigation, access to secure areas). The website cannot function properly without these files.
    • Functional: Allow remembering user choices (e.g., language, region) and personalizing the service.
    • Analytical: Help us understand how visitors use the website (e.g., Google Analytics 4, Microsoft Clarity). About Microsoft Clarity: We use this tool to create heat maps and session recordings. Data is anonymized and form fields are masked.
    • Marketing: Used to track visitors across websites to display ads tailored to their interests (e.g., Meta Pixel, Google Ads).

    2. Cookie management

    On your first visit to the website, we display a banner that allows you to:

    • Accept all cookies.
    • Choose only necessary cookies.
    • Customize consents for individual categories.

    You can change your settings at any time by clicking the "Cookie settings" link in the website footer or by deleting cookies from your browser settings.

    § 10. Final provisions

    The Controller reserves the right to make changes to this Privacy Policy. Changes may result from technology development, changes in legal regulations, or service development.

    The current content of the Policy is always available at eskapizm.com/privacy-policy.

    In matters not regulated, GDPR and Polish law provisions apply.