Logo
  1. Home
  2. Privacy policy
Privacy Policy

I. INTRODUCTION

  1. The Controller of the personal data collected in particular through the service available at the domain resabee.ai (hereinafter: Service), i.e. the entity that decides how your personal data will be used, is Axabee Sp. z o.o. with its seat in Opole at ul. Reymonta 39, registered in the District Court in Opole, VIII Economic Department of the National Court Register under the KRS number 0000445964, NIP: 7543069399, REGON: 161505318 (hereinafter: Controller or Axabee). Contact with the Controller is possible via e-mail address: info@axabee.com. The Controller is responsible for the security of the personal data provided and for processing it in accordance with the law.
  2. The Controller has appointed a Data Protection Officer (hereinafter: DPO), who can be contacted on matters related to the processing of personal data and the exercise of your rights under data protection laws. Contact with the DPO is possible via e-mail address: info@axabee.com.
  3. Your personal data is processed following the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016, on the protection of natural persons concerning the processing of personal data connection with the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (hereinafter: GDPR), and other currently applicable data protection laws.
  4. During a visit to the Service, collection occurs through:
    1. personal data provided by the user of the Service,
    2. data acquired and recorded automatically.
  5. The purpose and scope of personal data used by the Controller are indicated in detail in the following section 'Privacy Policy'.

II. DATA COLLECTED - BASIC INFORMATION

  1. The following information applies to all of the Controller's uses of the personal data you provide, as indicated in Sections III and IV.
  2. Personal data will not be used by the Controller to make decisions based solely on automated processing of personal data, including profiling within the meaning of Article 22 of the GDPR.
  3. With all guarantees of data security, personal data processed through the Service may be transferred to other entities, including:
    1. to entities entitled to receive them under the law,
    2. entities that process them on behalf of the Controller, such as technical service providers, hosting providers, analytics providers, marketing agencies, and consulting service providers,
    3. to other data controllers to the extent necessary for the performance of the contract, performance of services and legal requirements (e.g., notary or legal offices, companies providing postal and courier services), and to the extent necessary to use the of the services available on the Website (e.g., providers of appointment services),
    4. contractors performing services for the Controller based on concluded contracts.
  4. The Controller, to the extent necessary for the proper performance of the contract, may transfer personal data to Axabee's recognized subcontractors or contractors processing personal data in countries outside the European Economic Area (hereinafter: EEA). Considering that the level of protection of personal data in these countries may differ from that provided by the GDPR within the European Union, the transfer of data is carried out with an appropriate degree of protection, primarily by:
    1. cooperation with processors of personal data in countries outside the EEA for which the European Commission has determined that they provide an adequate level of protection (this includes US companies certified under the approved EU-US Data Protection Framework, such as Microsoft), and in the absence of the aforementioned decision of the European Commission:
    2. the use of standard contractual clauses in contracts with such companies,
    3. application of binding corporate rules approved by the relevant supervisory authority,
    4. application of the conditions described in Article 49 of the GDPR.

    The Controller ensures that any transfer of personal data is carried out based on appropriate agreements, in a secure and controlled manner. In any of the cases described in paragraphs 2-4 above, you may request further information on the safeguards in place in this regard, obtain a copy of these safeguards and information on where they are available.

  5. The Controller informs that in connection with the processing of personal data obtained through the Service, each data subject has the right to make a request regarding:
    1. access to data (including obtaining information on what data is processed by the Controller and to what extent, as well as obtaining a copy of the data - details: Article 15 GDPR),
    2. rectify the data (i.e., correct it if the data processed by the Controller is incorrect or incomplete - details: Article 16 of GDPR),
    3. deletion of data (if, for example, the data are no longer needed for the purposes for which they were collected or the Controller has no legal basis for processing the data - details: Article 17 of the GDPR),
    4. limitation of data processing (if, for example, you question the accuracy of the personal data used by the Controller, if the data is no longer needed by the Controller, but must be processed because you are pursuing a claim - details: Article 18 of the DPA),
    5. object to the processing of personal data, including profiling (if the personal data is processed based on the legitimate interest of the Controller, or is used for direct marketing purposes - details: Article 21 GDPR).
    6. transfer of data to another Controller (if the processing of data provided to the Controller is carried out by automated means, based on consent, or on the basis of a contract - details: Article 20 GDPR).
    7. if the processing is based on consent (e.g., consent to the use of data for marketing purposes), you have the right to withdraw consent at any time by any means (whereby withdrawal of consent does not affect processing that occurred before the submission of the statement of withdrawal of consent).
  6. Any person whose data is processed has the right to lodge a complaint with the President of the Office for Personal Data Protection (supervisory authority) if you believe that the processing of personal data violates the law (for more information: https://uodo.gov.pl/en/681/1404).
  7. The data was obtained by the Controller directly from you (users of the Website). The Controller may also process:
    1. data of other persons, provided by the user of the Website during their use of the the services described in this 'Privacy Policy',
    2. personal data obtained from entities with which the Controller cooperates based on concluded contracts (e.g., business data of employees designated for contact contract execution, data of persons who are participants in events organized by the Controller),
    3. personal data obtained from third parties cooperating with the Controller, whereby the data was made available to the Controller based on your consent,
    4. data obtained from publicly available sources, such as the National Court Register, the Central Register and Information on Business Activity, websites, and social networks.

III. PERSONAL DATA PROVIDED BY USER

III. A. E-MAIL OR TELEPHONE CONTACT

  1. The Controller processes personal data, in particular your name, e-mail address and other information provided by you, to the extent necessary to handle requests and fulfill your inquiry, including conducting communication and answering questions asked via the contact phone number and e-mail address provided on the Service (legal basis: Article 6(1)(f) GDPR - legitimate interest).
  2. The Controller has the right to process personal data for the period necessary to carry out the inquiry, including to respond to the correspondence sent or the application/question provided during the phone call.
  3. Provision of data is voluntary but necessary to respond to the submitted question or for proper handling of the application and execution of the inquiry. The consequence of failing to provide personal data may be the inability to answer or fulfill the inquiry.

III. B. FORMS (CONTACT, OFFER, AXABEE CHATBOT)

  1. The Controller may collect your personal data through the forms available on the Website, in particular:
    1. name,
    2. e-mail address,
    3. IP address,
    4. other information provided by you through the selected form (e.g. company name, telephone number).
  2. The Controller processes personal data only to the extent necessary:
    1. to receive and handle the request, including conducting communications and responding to requests and questions submitted via the form (legal basis: Article 6(1)(f) GDPR - legitimate interest),
    2. to establish contact (through the chosen communication channel) and to prepare and present an offer in response to the Service user's request transmitted through the form (legal basis: Article 6(1)(b) GDPR - taking action at the request of the data subject before entering into a contract).
  3. The Controller has the right to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
    1. The time required to process the request and respond to the inquiry sent by the user via the form,
    2. The time required to prepare and communicate a dedicated offer.
  4. Providing personal data indicated in the forms is voluntary, but necessary to respond to the submitted inquiry, properly handle the request, and prepare and present a dedicated offer. The consequence of failing to provide personal data may be the inability to respond, process the inquiry or present an offer.

III. C. USER ACCOUNT IN THE 'RESABEE AI HOTEL CONTENT BUILDER' APPLICATION

  1. The Controller processes your personal data for the following purposes:
    1. To conclude an agreement for the provision of electronic services in accordance with the Act of 18 July 2002 on the Provision of Electronic Services, Journal of Laws 2024, item 1513, consolidated text, including the registration and maintenance of a user account in the 'RESABEE AI HOTEL CONTENT BUILDER' application, which is available at https://hcb.resabee.ai/ (legal basis:Article 6(1)(f) of the GDPR – legitimate interest; and in the case of a user who is a natural person conducting business activity: Article 6(1)(b) of the GDPR – performance of a contract);
    2. To verify the quality of services provided under the agreement (legal basis: Article 6(1)(f) of the GDPR – legitimate interest;
    3. To pursue claims arising from the agreement (legal basis: Article 6(1)(f) of the GDPR – legitimate interest); the time limits for pursuing such claims are specified in detail in the Civil Code.
  2. The Controller may process personal data to the extent necessary for the performance of the agreement, including the registration and maintenance of user accounts in the Client Zone.
    1. first name,
    2. email address,
    3. IP address
    4. and any other data provided by the user while using the service (e.g. surname and billing details).
  3. Providing personal data such as your first name, surname and email address is voluntary, but necessary in order to conclude the agreement, register and maintain a user account in the application and use the functionalities available to registered users.
  4. The Controller is entitled to process personal data for the period necessary to achieve the above purposes. Depending on the legal basis, this shall be:
    1. the time required to perform the contract;
    2. the time required to fulfil legal obligations and the period during which the law requires data retention (e.g. tax regulations);
    3. the period until claims arising from the agreement become time-barred;
    4. the period until an objection is raised.
  5. The Terms and Conditions that specify the rules and conditions for using the 'RESABEE AI HOTEL CONTENT BUILDER' application and the services provided by the controller are available at https://hcb.resabee.ai/ .

III. D. MARKETING COMMUNICATIONS

  1. The Controller processes your personal data for the purpose of:
    1. conducting marketing communications through electronic communication (in particular, e-mail, telephone calls, SMS messages) based on a separate consent to process data for this purpose (legal basis: Article 6(1)(a) GDPR - consent),
    2. execution of direct marketing, including sending information about Axabee's offer and information on products and services of third parties cooperating with the Controller with the Controller (e.g. business partners), including personalization of marketing content, i.e. preparation and presentation of an offer tailored to your preferences (legal basis: Article 6(1)(f) GDPR - legitimate interest), - taking into account the provisions of the Law on Electronic Communication.
  2. Providing data to receive marketing communications through the chosen communication channel (i.e. e-mail address, telephone number) is voluntary, but necessary to receive commercial information. The consequence of not providing personal data will be the inability to receive marketing content.
  3. The Controller has the right to process personal data for the period necessary for the purposes indicated above. Depending on the legal basis, this will be respectively:
    1. time until you withdraw your consent to communicate through the chosen communication channel (e-mail address, phone number),
    2. time until an objection is expressed.
  4. The recipient of marketing communications may opt out of receiving them at any time, in particular by contacting the Controller or the DPO (via the contact information indicated above). The withdrawal of consent does not affect the legality of the use of data during the period when such consent was in effect.
  5. The Controller may also share your personal data with third parties (e.g. business partners) for these entities to carry out their own marketing activities. Sharing your personal data will be possible only on the basis of your separate consent to process your data for such a purpose. The entity indicated in the content of the consent will then become an independent Controller of the personal data provided on this basis.

IV. DATA COLLECTED AUTOMATICALLY

  1. Using the service available at https://resabee.ai involves sending requests to the server, which are automatically recorded in event logs.
  2. Event logs record data on user sessions. In particular, these are: the IP address, type and name of the device, information about the web browser and operating system, and the date and time of visiting the Site.
  3. Data recorded in event logs are not associated with specific individuals.
  4. Access to the contents of event logs is granted to persons authorized by the Controller to administer the Service.
  5. The chronological record of event information is only auxiliary material, used for administrative purposes. The analysis of event logs makes it possible, in particular, to detect threats, ensure adequate security of the Service and create statistics to learn about the use of the Service by its users.
  6. User session data is used by the Controller to diagnose problems with the functioning of the Service and to analyze possible security violations, manage the Service and produce statistics (legal basis: Article 6.1.f GDPR - legitimate interest).
  7. We use cookies on the Website. For more information, please refer to the 'Cookie Policy' available below.

V. FINAL PROVISIONS

  1. This 'Privacy Policy' is for informational purposes and applies specifically to the Controller's website operating at https:// resabee.ai.
  2. The Website may contain links to other websites, e.g. social networks (e.g. Facebook, Instagram, LinkedIn, YouTube), to other websites operated by the Controller (e.g. resabee.com), as well as to websites of Axabee's service providers and partners. The Controller recommends that each user when navigating to third-party sites, reads the privacy policies in effect there.
  3. The Controller reserves the right to make changes to the current 'Privacy Policy', in particular in cases of:
    1. technology development,
    2. changes in generally applicable laws, including in the area of personal data protection or information security,
    3. Development of the Service, including implementation of new services and functionalities.
  4. The Controller will notify users about relevant changes in the content of the 'Privacy Policy' in particular by posting a notice on the Website.
  5. This version of the 'Privacy Policy' is applicable as of 03.07.2025