Privacy policy



  1. The administrator of your personal data is Fonia Telecom Sp. z o.o. with its registered office in Warsaw, at the address: Twarda 18 Street, 00-105, Warsaw, with the REGON number: 388645503, VAT: 1133031081, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the capital city of Warsaw in Warsaw, 14th Commercial Division of the National Court Register under the number 0000890861 (hereinafter referred to as as “Data Administrator”).
  2. The Data Administrator undertakes to maintain the security and confidentiality of the personal data obtained from you. All our employees have been properly trained in the processing of personal data, and as the Data Administrator, we have implemented appropriate security measures as well as technical and organizational measures to ensure the highest level of personal data protection. We have implemented procedures and policies for the protection of personal data, thanks to which we ensure compliance with the law and reliability of data processing processes, as well as the enforcement of all rights to which you are entitled as a data subject.
  3. This privacy policy sets out the rules for the collection, processing and use of personal data as well as the conditions for the use of devices and the use of other data from persons who have provided personal data for processing by the Data Administrator.
  4. The Data Administrator makes this privacy policy publicly available on its website: (hereinafter: the Website) and in the DiscountDubai Fonia mobile application (hereinafter: the Application).


I. What personal data do we process?

1. The Data Administrator processes the following personal data (of users) provided on the website in connection with the provision of services or in connection with the use of the Application:

a) name and surname – data is processed when you, as a user of our website, provide it in order to use the services we provide.

b) e-mail address – is processed when you voluntarily register a Cashback Account in the Application. The e-mail address may also be processed for marketing purposes, if you agree to receive commercial and marketing information.

c) bank account number – is processed in order to provide services under the Cashback Account;

d) IP address of the device or browser identifier – information resulting from the general rules of connections made on the Internet, such as the IP address (and other information contained in system logs), are used for technical and statistical purposes, in particular to collect general demographic information (e.g. about the region you are connecting from).

2. In connection with the provision of services under the Cashback account, we process data on the use of our Partners’ services in order to calculate the cashback you are entitled to. As part of the above, we only process information about the session and the fact of making a purchase for a certain amount. We do not transfer your personal data to our Partners, the data may be provided directly by you when making purchases in the Partner’s online store, in such a situation the Partner processes your personal data as an independent personal data administrator.

3. When you use the Application or services enabled by the Application, the Data Administrator or entities whose additional services you wish to use may come into possession of other data, including the use of the telecommunications network, services, website or application. Using the application, you can e.g. order additional services or goods or use new functionalities made available. In the event that this requires the use of personal data in a manner other than described in this document, we will complete the missing information and provide it, if possible, before obtaining the data. In the remaining scope, the information on data processing contained in this document will remain valid.


II. How do we obtain data?

1. The Data Administrator obtains information through:

a) entering data by you in the forms available on the Website or Application – in order to conclude a contract for the provision of services;

b) entering your data in the Application in order to purchase additional services, goods or take advantage of new functionalities;

c) entering data by you in the Application (including via chat) or providing them via e-mail correspondence in order to answer your question and consider the reported case;

d) saving cookie files in end devices (so-called “cookies”);

e) collecting logs of devices, web servers and other information arising in connection with or as a result of the functioning and use of the Application.

2. You are fully responsible for completing the data in the forms and orders referred to above correctly and in accordance with the legal and factual status.

3. Providing personal data is voluntary but necessary for the provision of our services.

4. The consequence of not providing your personal data will be the inability to provide our services.


III. For what purpose do we process your personal data? What is the legal basis for processing personal data?

1. Your personal data obtained via contact forms or when registering on the Website or in the Application:

a) sending commercial information by electronic means, as well as marketing services via end devices in connection with the performance of the concluded contract or if you have consented to it;

b) performance of contractual requirements, i.e. the processing of personal data is necessary to perform the contract concluded with the Data Administrator.

c) fulfilling the legal obligation imposed on the Data Administrator resulting from applicable regulations;

d) implementation of the legitimate interests of the Data Administrator – consisting in particular in: ensuring the safety and protection of property, detecting abuses and preventing them, protecting information, pursuing claims and compensation, if any, improving the quality of services, adjusting the quality of services, marketing of the Data Administrator’s own products, direct marketing, creating summaries, analyzes and statistics for the internal needs of the Data Administrator, service support.

2. Your data is processed for the time necessary to achieve the purposes indicated above. The data is processed for the duration of the Agreement, unless the need for longer processing results from obligations imposed by law. In the case of data processing for the purposes of defending against claims or pursuing claims, the data will be processed until their limitation period or until the completion of relevant proceedings, if they were initiated during this period. Data processed on the basis of consent are processed until its withdrawal.


IV. What are the rules for collecting personal data?

1. Your data may be transferred outside the EEA (which includes the EU, Norway, Liechtenstein and Iceland) in the manner specified in applicable regulations, i.e.:

a) on the basis of a decision of the European Commission stating an adequate level of protection, e.g. in a third country to which we transfer data, or

b) provided that appropriate safeguards are provided, such as:

– binding corporate rules (referred to in Article 47 of the GDPR);

– standard data protection clauses adopted by the European Commission or the competent supervisory authority in the field of personal data (Article 46(2)(c) or (d) of the GDPR);

– approved code of good practice (Article 46(2)(e) of the GDPR);

– approved certification mechanism (Article 46(2)(f) of the GDPR);

– contractual clauses approved by the supervisory authority (Article 46(3) of the GDPR);

– as well as in cases necessary due to the legitimate interests of the Data Administrator (provided that the requirements of Article 49(1) second subparagraph of the GDPR are met).

2. The data obtained is not made available to third parties, except in certain situations when:

a) the recipients of this data are:

– entities enabling data verification;

– entities operating ICT systems or providing us with ICT tools;

– advertising agencies and other intermediaries in the sale of our services or the organization of marketing campaigns cooperating with the Data Administrator;

– subcontractors of the Data Administrator who support us or will support us, e.g. in the performance of telecommunications or other services by your customers, handling correspondence or in the customer service process;

– entities operating and maintaining our telecommunications network;

– entities providing us with advisory, consulting, auditing services, legal, tax and accounting assistance, research agencies acting on our behalf;

– payment institutions handling payments in the Application;

– suppliers of goods and services available in the Application;

b) you consent to it;

c) it will be necessary in order to fulfill the obligations arising from applicable law.


V. Are we automating?

  1. We do not automate decision-making when providing services, sending commercial information or processing personal data for marketing purposes.


VI. What rights do you have in connection with the processing of your personal data?

1. Each person whose personal data we process as the Data Administrator has the right to:

a) being informed about the processing of personal data;

b) access to your personal data;

c) correct, supplement, update, rectify personal data;

d) deletion of data;

e) processing restrictions;

f) data portability;

g) object to the processing of personal data, including objection to data profiling;

h) the right to withdraw consent to the processing of personal data;

i) not to be subject to profiling;

j) lodging a complaint with the supervisory authority.

In any case, you can contact the Data Administrator with a query and a request for clarification. Contact addresses are provided below.


VII. Information obtained from your device and how it is processed

1. Our Application gains access, among others, to the following functionalities / Applications of your device:

a) connections and their management,

b) contacts,

c) notifications.

2. The application uses tools from third parties. Therefore, cookies, tokens or elements from cooperating tools or applications may be placed on your device. In addition, the providers listed below may access the information stored on your device of the Google Analytics or Firebase statistical tool (provided by Google Ireland Limited), through which the unique identifier of the application and general information about the use of the application will be collected for the purpose of improving its functionality;

3. Information on the terms on which the Google Analytics service collects and processes the data. This page also indicates how you can control the information collected by Google in connection with the use of the application.

4. You can withdraw your consent to the use of the above-mentioned tools at any time. suppliers by changing the settings in the operating system of your device and using solutions that block these tools provided by suppliers or by uninstalling the application from your device.


VIII. Final Provisions

1. We process your personal data only for a period not longer than it is necessary to achieve the purposes of processing and permitted by law. After the purpose of processing has been achieved, your personal data will be deleted, provided that it is allowed by law. Depending on the legal basis for the processing of your personal data, there may be different retention periods.

2. Your personal data will be stored until the claims expire or until the obligation to store data under the law expires.

3. In all matters, including matters relating to personal data, you can contact us electronically via the following e-mail address:[email protected] or using the contact form available on our Website or Application.

4. Contact details of the Personal Data Inspector:[email protected].