The administrator of your personal data is the Kulski Foundation.
The Administrator entrusts personal data to the Operator for the purpose of providing services.
The Operator declares that prior to the start of data processing, it will take technical and organizational measures to secure the entrusted personal data, as required by law, including the requirements set forth in the Personal Data Protection Act of May 10, 2018 and the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016.
Your personal data is processed for:
provision of services in accordance with the Regulations,
enable you to receive information about new proceedings to the e-mail address you indicated when registering your account, in this case the legal basis for processing your personal data is your consent (Article 6(1)(a) RODO),
creation of compilations, analyses, statistics for the Operator’s internal needs, in this case the legal basis for the processing of personal data is the legitimate interest pursued by the Operator consisting in planning the development of services and business activities (Article 6(1)(f) RODO).
Your provision of personal data is voluntary, although necessary to provide services to you in accordance with the Terms and Conditions, and the consequence of failure to provide personal data will be the inability to use the services.
Principles of processing your personal data
In the processing of Users’ personal data, the Administrator attaches importance to ensuring that the data is processed in a safe, reliable, lawful and transparent manner for the User. Personal data is processed in accordance with the following principles:
Personal data are collected only to the minimum extent necessary to fulfill the purposes for which they are collected.
The purposes for which we collect personal data are clearly stated and comply with the law – we do not process data in a manner incompatible with these purposes
We keep an eye on the timeliness and correctness of personal data and respond promptly to any request to correct or update data.
We exercise Users’ right to access and correct their personal data.
We also exercise Users’ rights to erasure of personal data, withdrawal of consent, restriction of processing, data portability, the right to object to data processing, the right not to be subject to a decision based solely on automated data processing, including profiling.
We limit the storage of personal data in accordance with the law, only to the period necessary for the purposes for which they are collected, unless there are events that may extend the storage period.
Personal information is protected against loss, unauthorized access, accidental loss or alteration, and other unlawful forms of processing.
Sharing of personal data with other entities, is carried out in accordance with applicable laws and in a secure, contractually secured manner.
The personal data that the User has crawled is encrypted and protected by an SSL certificate.
Users’ rights in connection with the processing of personal data
In processing the Users’ personal data, the Administrator shall exercise the Users’ rights under the applicable legislation on personal data, in particular the RODO (Articles 16-21). According to the above, the User has the right to:
to request the rectification of personal data that is incorrect, as well as to request the completion of incomplete personal data,
demand from the controller the immediate deletion of personal data (right to be forgotten),
withdraw consent to the processing of personal data at any time,
Request for restriction of personal data processing,
The right to access your data, i.e. you have the right to receive confirmation from the Administrator as to whether your personal data is being processed by the Administrator and how,
The right to object to the processing of your personal data, if we process personal data based on our legitimate interest (e.g., analytical, evidential, archival purposes), then if you object, we will have to stop processing your data, unless we can demonstrate the existence of compelling legitimate grounds for the processing, which objectively should prevail over your inconvenience or consist in the defense of our claims (e.g., in legal proceedings). You also have the right to object if the processing concerns direct marketing, including profiling, based on our legitimate interests, e.g. in connection with cookie-based profiling. In this case, the processing of personal data for this purpose must be immediately discontinued.
The right to data portability: you have the right to receive a copy of the personal data you have provided to us if the processing is based on your consent or under contract, and by automated means.
The right to file a complaint with the supervisory authority – the Inspector General for Data Protection (later to the President of the Office for Personal Data Protection).
Each request will be fulfilled without undue delay, but no later than one month after receipt. This period may be extended due to the complexity of the request or the number of requests, for another two months, and such information will be promptly communicated to the User. Until the request is fulfilled, however, it may happen that the User will receive information from us, which he/she has given up by withdrawing consent.
Security of personal data
The Operator shall take technical and organizational measures to protect personal data from unlawful or unauthorized access or use, as well as from accidental destruction, loss or impairment of its integrity.
The security procedures implemented include, in particular: access security, backup system, monitoring, review and maintenance, security incident management, and undertakes to include:
confidentiality – protects data from accidental disclosure to third parties,
integrity – protects data from unauthorized modification,
availability – ensures that authorized persons have access to your data if the need arises.
