TriPlaceTriPlace
How it worksWhy us?Let's startMarketplaceBecome a creator
Log in

PRIVACY POLICY OF THE TRIPLACE WEBSITE

(version effective as of 24 June 2026)

TABLE OF CONTENTS

  • § 1. General Provisions
  • § 2. Personal Data Controllers
  • § 3. Purposes, Legal Bases and Scope of Data Processing
  • § 4. Data Recipients and Transfer of Data to Third Countries
  • § 5. Data Retention Period
  • § 6. Rights of Data Subjects
  • § 7. Cookies and Tracking Technologies
  • § 8. Data Security
  • § 9. Final Provisions

§ 1. General Provisions

  1. This Privacy Policy sets out the principles for the processing and protection of the personal data of Users and Creators in connection with the use of the website http://www.triplace.pl (hereinafter: the “Service”).
  2. This document is intended to fulfil the information obligation referred to in Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: the “GDPR”).
  3. Terms used in this Privacy Policy and written with capital letters shall have the meaning assigned to them in the Terms and Conditions of the Service.

§ 2. Personal Data Controllers

  1. A distinction should be made between two personal data controllers:
    1. The Service Provider – TRIPLACE Spółka z Ograniczoną Odpowiedzialnością with its registered office in Tuszyn, address: ul. Karłowicza 3, 95-080 Tuszyn, entered in the Register of Entrepreneurs of the National Court Register by the District Court for Łódź-Śródmieście in Łódź, 20th Commercial Division of the National Court Register under KRS No.: 0001241968, NIP: 7282911324, REGON: 544800216, share capital: PLN 5,000, e-mail address: privacy@triplace.pl – is the controller of the personal data of all Users and Creators to the extent necessary for the functioning of the Service, i.e. account management, technical support, settlements and marketing.
    2. The Creator – is a separate controller of the personal data of the User with whom the Creator has concluded an Agreement. The Creator processes the User’s data for the purpose of proper performance of the Agreement, including preparation of the Travel Plan.
  2. In matters related to the protection of personal data processed by the Service Provider, contact may be made via e-mail at: privacy@triplace.pl.
  3. The Service Provider, with regard to data processed by the Creator for the purpose of performing the Agreement, acts as a processor, providing only the technical infrastructure of the Service.

§ 3. Purposes, Legal Bases and Scope of Data Processing

  1. For the purpose of creating and maintaining an account in the Service (provision of electronic services):
    1. Scope of data: first name, surname, e-mail address, password. In the case of Creators operating as entrepreneurs , additionally the company name and Tax Identification Number (NIP).
    2. Legal basis: Article 6(1)(b) GDPR – necessity for the performance of a contract for the provision of electronic services (accepted Terms and Conditions).
    3. Provision of data is voluntary, but necessary to create an account. Failure to provide such data will make it impossible to use the Service.
  2. For the purpose of concluding and performing the Agreement between the User and the Creator:
    1. Scope of data: identification data of the User and the Creator, order history, data necessary to prepare the Travel Plan, including in particular: intended destination and travel dates, transport and accommodation preferences, interests, budget and other information voluntarily provided by the User in the order form that is necessary for preparation of the Travel Plan.
    2. Legal basis: Article 6(1)(b) GDPR – necessity for the conclusion and performance of the Agreement.
    3. Provision of data is voluntary, but necessary for the conclusion and performance of the Agreement. Failure to provide such data will make it impossible to use the Service.
  3. For marketing purposes, sending newsletters or providing offers from partners:
    1. Scope of data: e-mail address.
    2. Legal basis: Article 6(1)(a) GDPR – voluntary consent, which may be withdrawn at any time.
  4. For the purpose of making the Creator’s telephone number available to Users who have placed an order (at the Creator’s request):
    1. Scope of data: Creator’s telephone number.
    2. Legal basis: Article 6(1)(a) GDPR – voluntary consent of the Creator.
  5. For the purpose of handling complaints and pursuing claims:
    1. Scope of data: identification data, order data, content of correspondence.
    2. Legal basis: Article 6(1)(f) GDPR – our legitimate interest consisting in the defence of our rights.

§ 4. Data Recipients and Transfer of Data to Third Countries

  1. Your personal data may be disclosed to the following categories of recipients:
    1. Creators – for the purpose of performing the Agreement concluded with the User;
    2. providers of technical services – e.g. hosting service providers, e-mail service providers, who process data on our behalf (processors);
    3. payment operators – for the purpose of handling financial transactions;
    4. authorised public authorities – upon their justified request.
  2. As a rule, we do not transfer your data outside the European Economic Area (EEA). However, if this proves necessary (e.g. in the case of using the services of providers established outside the EEA), we will ensure that the transfer takes place on the basis of appropriate legal mechanisms, such as standard contractual clauses approved by the European Commission.

§ 5. Data Retention Period

  1. The following data retention periods apply to data for which the Service Provider is the controller (the Service):
    1. Data related to the account in the Service: the Service Provider stores such data throughout the entire period of holding the account, and after its deletion – for the period necessary to secure or pursue any potential claims, as a rule for 3 years from the date of account deletion.
    2. Data related to transactions (within the scope of Service settlements): the Service Provider stores accounting documents and payment-related data (e.g. commissions) for a period of 5 years, counted from the end of the calendar year in which the transaction was completed. This period results from the legal obligation imposed on the Service Provider to retain accounting documentation for tax and accounting purposes.
  2. It should be remembered that the Creator, as a separate controller, stores the User’s data provided to the Creator for the purpose of performing the Agreement for the period necessary for its performance and for the period required by separate legal provisions applicable to the Creator (e.g. for the Creator’s own tax settlements). Detailed information in this respect should be provided directly to the User by the Creator as part of the fulfilment of the Creator’s information obligation.

§ 6. Rights of Data Subjects

  1. In connection with our processing of your personal data, you are entitled to the following rights:

    1. right of access to data (Article 15 GDPR) – the right to obtain information about the processing of data and to receive a copy of the data;
    2. right to rectification of data (Article 16 GDPR) – the right to request correction of inaccurate data;
    3. right to erasure of data (“right to be forgotten”) (Article 17 GDPR) – the right to request deletion of data when it is no longer necessary for the purposes for which it was collected;
    4. right to restriction of processing (Article 18 GDPR) – the right to request restriction of processing in specific cases;
    5. right to data portability (Article 20 GDPR) – the right to receive data in a structured format and to transmit it to another controller (if processing is based on consent or a contract);
    6. right to object (Article 21 GDPR) – the right to object to processing based on our legitimate interest;
    7. right to withdraw consent at any time – without affecting the lawfulness of processing carried out before its withdrawal;
    8. right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).
  2. To exercise the above rights, please contact us at the e-mail address indicated in § 2 section 2.

§ 7. Cookies and Tracking Technologies

  1. The Service uses cookies (small text files stored on the user’s device) and other similar technologies.
  2. We use the following types of cookies:
    1. Strictly Necessary Cookies: they are crucial for the proper functioning of the Service. They enable, among other things, session maintenance, login handling and payment processes. Their use does not require consent because they are necessary for the provision of electronic services;
  3. Consent management: You may change your cookie preferences or withdraw your consent at any time by deleting your account in the Service. It is not possible to use the Service without the use of essential cookies.

§ 8. Data Security

  1. We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or destruction.
  2. We use, among other things, connection encryption (SSL certificate), access control and regularly create backups.

§ 9. Final Provisions

  1. We reserve the right to make changes to this Privacy Policy.
  2. We will inform you of any changes through the Service or by e-mail. The current version of the Policy is always available on the Service website.
TriPlace logo.TriPlace
Terms of ServiceData Processing RulesCreator agreement

Karłowicza 3, 95-080 Tuszyn, Poland

contact@triplace.pl+48 798 335 377
© 2026 TriPlace sp. z o.o. All rights reserved.
InstagramTikTokFacebookLinkedIn