PRIVACY POLICY

1. Who we are

We are Worldee s.r.o., with its registered office at Pobrezni 667/78, Karlin, 186 00 Prague 8, Company ID: 08351864, registered in the Commercial Register maintained by the Municipal Court in Prague.

We operate the Worldee platform, available primarily at www.worldee.com, and the related mobile application (hereinafter collectively referred to as the "Platform").

This privacy policy (hereinafter referred to as the "Policy") explains how we process personal data:

  • when using the Platform,
  • when communicating with us,
  • when registering and using our services,
  • when purchasing paid services,
  • when sending newsletters and commercial communications,
  • in connection with a travel contract.

Where we use the terms "we", "us" or "our" in this Policy, we generally mean Worldee s.r.o., unless expressly stated otherwise.

2. Who is the controller of personal data

2.1 Worldee s.r.o.

The controller of personal data is in most cases:

Worldee s.r.o.
Pobrezni 667/78, Karlin, 186 00 Prague 8
e-mail: info@worldee.com

2.2 Worldee Bulgaria Ltd.

If you enter into a travel contract, the controller of personal data for the purposes of concluding and performing this contract is:

Worldee Bulgaria Ltd.
Sofia, 25 Vitosha Blvd., fl. 2, Bulgaria

UIC: 208655127
e-mail for data protection inquiries: info@worldee.com

In connection with the travel contract, Worldee s.r.o. may act as a processor for Worldee Bulgaria Ltd., in particular in the technical operation of the Platform, customer support and administrative support.

3. How to contact us

For data protection matters, you can contact us by e-mail at: info@worldee.com If we have appointed a data protection officer, we will publish their contact details on our website. If no data protection officer has been appointed, the above e-mail address serves as the main contact point for exercising rights and data protection inquiries.

4. What personal data we process

We may process in particular the following categories of personal data:

  • identification data - name, surname, date of birth,
  • contact data - e-mail, telephone, delivery address,
  • login and user data - account data, password in encrypted form, profile settings,
  • payment and billing data - billing details, payment information,
  • order and reservation data - data necessary for booking and arranging services,
  • data on Platform usage - technical logs, IP address, device information, cookies and similar technologies,
  • communication data - content of communications, inquiries, requests and feedback,
  • preference data - e.g. travel preferences, favourite destinations or behaviour on the Platform,
  • photographs, audio or video recordings - only in cases where we create or use them in accordance with this Policy and the applicable legal basis.

We do not necessarily process all of the above data in each specific case. The scope always depends on what service you use and in what capacity you interact with us.

5. From what sources we obtain data

We obtain personal data primarily:

  • directly from you,
  • when using the Platform,
  • when communicating with you,
  • when concluding and performing a contract,
  • from providers of payment, technical and travel services, if necessary for the performance of the contract,
  • from publicly available sources, where appropriate and lawful.

6. What rights you have

In relation to the processing of personal data, you have in particular the following rights:

  • the right of access to personal data,
  • the right to rectification of inaccurate or incomplete data,
  • the right to erasure,
  • the right to restriction of processing,
  • the right to object to processing,
  • the right to data portability,
  • the right to withdraw consent, if the processing is based on consent,
  • the right to lodge a complaint with a supervisory authority.

If you wish to exercise any of your rights, please write to us at info@worldee.com. We will respond to your request without undue delay, within 1 month at the latest, unless a longer period is permitted by law.

Supervisory authority

If you believe that we are processing personal data in violation of the law, you may lodge a complaint in particular with:

The Office for Personal Data Protection
Pplk. Sochora 27
170 00 Prague 7
www.uoou.gov.cz

If the processing concerns a travel contract concluded with Worldee Bulgaria Ltd., the Bulgarian supervisory authority may also be competent.

PART A - INFORMATION COMMON TO ALL

7. Recipients of personal data

We may transfer your personal data in particular to the following categories of recipients:

  • providers of IT, cloud and hosting services,
  • providers of analytical and marketing tools,
  • providers of customer support and communication tools,
  • providers of accounting, tax and legal services,
  • providers of payment services,
  • providers of travel services - e.g. carriers, accommodation facilities, local partners, guides and other service providers,
  • our collaborators and contractual partners, if necessary for the performance of their activities,
  • public authorities, if required by law or necessary for the protection of our rights.

We do not transfer personal data to third parties without reason. Each transfer has its legal basis and corresponds to a specific purpose.

8. Transfer of personal data outside the EU/EEA

In some cases, personal data may be transferred outside the European Union or the European Economic Area. Such a transfer takes place only if at least one of the following conditions is met:

  • the European Commission has decided that the country in question ensures an adequate level of protection,
  • we use appropriate safeguards under Article 46 GDPR, in particular standard contractual clauses,
  • in exceptional cases, the transfer is necessary for the performance of a contract concluded with you or for the implementation of pre-contractual measures taken at your request.

If we use standard contractual clauses or other appropriate safeguards during the transfer, you can request more information at info@worldee.com.

9. Retention period for personal data

We retain personal data only for the period necessary to fulfil the purpose of processing and to comply with our legal obligations. In general, the following applies:

  • data processed for the purposes of a contractual relationship are retained for the duration of the relationship and subsequently for the period necessary for the protection of our rights, generally no longer than 3 years after its termination, unless special circumstances require a longer period,
  • data necessary for the defence of legal claims may be retained for a period corresponding to the relevant limitation periods,
  • accounting and tax documents are retained for the period required by law,
  • data processed on the basis of consent are retained until the consent is withdrawn or until the purposes for which the consent was given cease to exist,
  • data processed for marketing purposes on the basis of legitimate interest are retained until an objection is raised or for a period appropriate to the given relationship.

The specific retention period may vary depending on the type of service and the purpose of processing.

10. Automated decision-making and profiling

When processing personal data, we generally do not make decisions based solely on automated processing that would have legal effects on you or similarly significantly affect you. If we use analytical or personalisation elements, they generally serve to improve services, content and user comfort, not for exclusively automated decision-making with legal effects.

11. Security of personal data

We have adopted appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, alteration or misuse. We regularly evaluate these measures and adapt them to the nature of the processing.

PART B - INFORMATION FOR SUPPLIERS AND BUSINESS PARTNERS

12. When you are our supplier or business partner

If you cooperate with us as a supplier, partner, freelancer, supplier representative or contact person of a business partner, we process your personal data for the purpose of:

  • concluding and performing a contract,
  • communication and organisation of cooperation,
  • keeping records of contracts and orders,
  • fulfilling accounting, tax and other legal obligations,
  • protection of our rights and legitimate interests.

Categories of data

This generally includes:

  • name, surname,
  • company name,
  • identification number, tax identification number,
  • contact data (e-mail, telephone),
  • billing data,
  • content of mutual communication.

Legal basis

We process data on the basis of: performance of a contract, compliance with legal obligations and our legitimate interest in the protection of rights and management of supplier relationships.

Retention period

For the duration of the contractual relationship and subsequently for the period necessary for the protection of rights and fulfilment of legal obligations.

PART C - INFORMATION FOR PLATFORM USERS

13. When you use the Platform

When you create an account and use the Platform, we process your personal data for the purpose of:

  • providing you with access to the Platform and its features,
  • managing your account,
  • personalising content and services,
  • communicating with you,
  • improving the Platform,
  • security and protection against misuse.

Categories of data

In particular: identification and contact data, login data, data on Platform usage, preference data, communication data.

Legal basis

Performance of a contract (provision of services), legitimate interest (improvement and security of the Platform), consent (where applicable, e.g. for optional features).

Retention period

For the duration of the account existence. After account deletion, we retain data for the period necessary for the protection of rights and fulfilment of legal obligations.

PART D - INFORMATION FOR CUSTOMERS OF PAID SERVICES

14. When you purchase paid services

When you purchase paid services, we additionally process data for the purpose of:

  • processing your order and payment,
  • issuing tax documents,
  • providing customer support,
  • fulfilment of legal obligations.

Categories of data

In addition to the data in Part C: payment and billing data, order data.

Legal basis

Performance of a contract, fulfilment of legal obligations.

Obligation to provide data

Providing the data is necessary for the conclusion and performance of the contract. Without providing the data, the service cannot be provided.

PART E - INFORMATION FOR TRAVELLERS

15. When you conclude a travel contract

If you conclude a travel contract, the controller of personal data for the purposes of concluding and performing this contract is Worldee Bulgaria Ltd. We process your data for the purpose of:

  • concluding and performing the travel contract,
  • arranging all services included in the tour,
  • communicating with you before, during and after the tour,
  • handling complaints and claims,
  • fulfilment of legal obligations, including insolvency protection.

Controller

Worldee Bulgaria Ltd., Sofia, 25 Vitosha Blvd., fl. 2, Bulgaria, UIC: 208655127

Categories of data

Identification and contact data, data from travel documents, payment data, data necessary for arranging services, health data (only if you provide them yourself, e.g. dietary requirements or health restrictions), communication data.

Legal basis

Performance of a contract, fulfilment of legal obligations, your consent (for sensitive data, if applicable), legitimate interest (protection of rights).

Recipients of data

Providers of travel services (carriers, accommodation facilities, guides, local partners), insurance companies, public authorities.

Transfer outside EU/EEA

If the tour destination is outside the EU/EEA, it may be necessary to transfer data to providers in the given country. In such case, we ensure appropriate safeguards or rely on an exception under Article 49 GDPR.

Retention period

For the duration of the contractual relationship and subsequently for the period necessary for the protection of rights, handling complaints and fulfilment of legal obligations (typically 3 years, for tax documents up to 10 years).

PART F - INFORMATION FOR POTENTIAL CUSTOMERS

16. When you are a potential customer

If you visit the Platform, contact us on your own initiative or are in any other relationship with us, we may process your data for the purpose of:

  • responding to your inquiry,
  • presenting our services,
  • communicating,
  • legitimate interest in the development of business relationships.

Categories of data

Contact data, content of communication, data on Platform usage.

Legal basis

Legitimate interest, consent (if applicable).

PART G - NEWSLETTERS AND COMMERCIAL COMMUNICATIONS

17. Newsletters

We may send commercial communications (newsletters), either on the basis of your consent or, if you are our existing customer, on the basis of our legitimate interest. You can unsubscribe from the newsletter at any time by clicking the unsubscribe link in each message or by contacting us at info@worldee.com.

How to unsubscribe

Via the link in the newsletter or by contacting info@worldee.com.

What data we use for newsletters

For this purpose, we typically use:

  • e-mail address,
  • possibly name and surname,
  • data on whether you are a customer,
  • basic data on interaction with the sent communication, if used.

PART H - COOKIES AND SIMILAR TECHNOLOGIES

18. What are cookies

On the website and in the application, we may use cookies and similar technologies that serve for example to:

  • ensure basic functionality,
  • store your settings,
  • measure traffic,
  • analyse user behaviour,
  • personalise content,
  • marketing.

19. What types of cookies we use

19.1 Necessary cookies

These cookies are necessary for the functioning of the website or application. Consent is not required for their use if they serve exclusively for technical storage or access necessary for providing the service you have expressly requested.

19.2 Analytical cookies

These cookies help us understand how the website or application is used and improve our services.

19.3 Marketing cookies

These cookies enable the display of more relevant advertising and measurement of campaign effectiveness.

20. Legal basis for cookies

We use analytical and marketing cookies or similar technologies only on the basis of your prior consent, unless the law provides otherwise. You can change or withdraw your consent at any time through the cookie settings on our website.

21. Specific tools

Within analytics, measurement and service improvement, we may use third-party tools, for example tools for:

  • web analytics,
  • marketing measurement,
  • user testing,
  • mapping user behaviour,
  • customer communication.

We recommend providing a current overview of the tools used, cookie categories, providers and their storage periods in a separate cookie overview or cookie banner.

PART I - PHOTOGRAPHS, AUDIO AND VIDEO RECORDINGS

22. Photographs and video

Photographs, audio recordings and video recordings may constitute personal data if a person can be identified from them. If we use these materials for marketing or presentation purposes, we generally do so on the basis of:

  • your consent,
  • or another corresponding legal basis, if permitted by law.

At the same time, we also respect the rules on the protection of personality and likeness under civil law.

If you have given us consent to use a photograph or video, you may revoke it at any time, unless stated otherwise in the specific consent. Revocation of consent does not affect the use that took place before the revocation in accordance with the consent then granted.

PART J - CHILDREN

23. Protection of children's personal data

Our services are not primarily intended for children under the age of 15, unless we expressly state otherwise for a specific service. If we discover that we have processed personal data of a child under 15 without an appropriate legal basis in connection with an information society service, we will take reasonable remedial measures, including deletion of data where appropriate.

PART K - FINAL INFORMATION

24. Changes to this Policy

We may amend or supplement this Policy from time to time, in particular if there are changes in:

  • legislation,
  • the manner of personal data processing,
  • Platform features,
  • technologies used or the business model.

We will always publish the current version on our website.

25. Effectiveness

This Policy is effective as of: 9 April 2026

26. Contact details

For inquiries regarding the processing of personal data, please contact us at: info@worldee.com