Skip to content Search engine contact

Privacy policy of the website https://niw.nfinity.pl

1. Introduction

  1. This Privacy Policy contains information on the principles of data processing and sharing, including personal data of natural persons (hereinafter: “Users”) using the website of the National Freedom Institute – Centre for Civil Society Development, operating at https://niw.gov. pl (hereinafter: “Website”).
  2. The administrator of Users’ personal data is the National Freedom Institute – Centre for Civil Society Development, al. Jana Pawła II 12, 00-124 Warsaw, NIP number 7010780575 and REGON number 368854582 (hereinafter the “Administrator”).
  3. The Administrator takes all actions and applies all available technical solutions aimed at the protection of Users’ personal data, in particular the protection required by the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing  Directive 95/46 / EC (General Data Protection Regulation), hereinafter: “Regulation” and other applicable legal provisions, including actions such as: applying procedures for securing personal data against unauthorized loss, misuse, alteration or destruction.
  4. The administrator has also appointed a Data Protection Officer with whom Users may contact in matters related to the protection of their privacy. The suggested contact channel for Data Protection Officer “DPO” is an electronic email to the address of iod@niw.gov.pl.
  5. Personal data is any information relating to an identified or identifiable natural person. An identifiable person is a person who can be identified from this data (directly or indirectly). Information is not considered to enable the identification of a person if it would require excessive costs, time or activities.
  6. The administrator does not intentionally process the so-called “Special categories of personal data” referred to in Art. 9 of the Regulation (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and genetic data, biometric data, data concerning health, sexuality or sexual orientation of a person). The administrator asks Users not to provide information containing such data.
  7. If there is a justified need to provide specific category data, please contact the DPO for this purpose.

2 Legal basis and scope of data processing

  1. Depending on the intended purpose of processing Users’ personal data, it may be processed on the basis of various so-called legal grounds for processing, i.e. the circumstances justifying their use:
    1. in order to fulfill the legal obligation incumbent on the Administrator (eg: providing the User with information, fulfilling the Administrator’s obligations provided for in the Act of 15 September 2017 on the National Freedom Institute – Centre for Civil Society Development; hereinafter: “Act on NFI”) – art. 6 sec. 1 c) of the Regulation;
    2. on the basis of consent granted by the User (e.g. in order to enable the User to receive notifications about events related to the third sector and NIW activities in the form of a newsletter) – art. 6 sec. 1 a) of the Regulation;
    3. when processing is necessary to perform a task carried out in the public interest or as part of the exercise of public authority entrusted to the Administrator (e.g. publication of materials containing personal data and used to perform the Administrator’s tasks specified in the NFI Act; administrative service of the website, including activity analytics on the website) – art. 6 sec. 1 e) of the Regulation;
    4. when processing is necessary to take action before the conclusion of the contract, in order to enable its conclusion (e.g. handling inquiries sent via the contact form) – art. 6 sec. 1 b) of the Regulation;
    5. potentially, in the event that the Administrator finds that actions that violate the law or interest of the Administrator has been taken, in connection with the necessity to establish, investigate or defend claims (e.g. keeping website logs, collecting information about activities aimed at unauthorized changes to the functionality of the website or preventing the proper functioning of the website) – Art. 9 sec. 2 f) of the Regulations.
  2. The Administrator processes Users’ data to the extent necessary to ensure the full use of individual functions.
  3. In the case of processing personal data on the basis of the consent given by the User, as well as in connection with sending inquiries, providing personal data by the User is voluntary, but failure to provide specific data or failure to consent to their processing may prevent the use of certain functions of the Website or prevent the Administrator from taking actions to handle the inquiry.

3 Tools used by the Administrator for the automatic processing of information

  1. In some cases, the Administrator uses cookies, navigation tags and other technologies to automatically collect information of a specific type during Users’ visits to the Website or via e-mail addresses. Thanks to this information, the Administrator can improve the operation, functionality and performance of the Website.
  2. Cookies are used to obtain information about the way Users use the Website, as well as about problems that arise when using the Website. Cookies are necessary for statistical and information purposes, as well as to improve the functioning of the Website, to quickly remove faults in its functioning and to adapt the Website to the User’s needs.
  3. Cookies do not change the computer configuration, are not used to install or uninstall any computer programs, do not interfere with the integrity of the IT system or User’s data, are not processed by other websites and can be deleted by the User at any time.
  4. Using the Administrator’s websites without changing the cookie settings means that they will be stored in the User’s device memory.
  5. Cookies may be deleted by the User or the User may make appropriate changes to the system software settings of the device (browser) he uses in order to delete or block the saving of cookies. In order to delete cookies or not to save them on the User’s device, you must make an appropriate selection in the web browser settings, however, changing the browser settings, leading to limiting the saving of cookies may result in the inability to use some of the Website’s functions or limitation of use, because some Website functions will not work or their operation will be limited.
  6. The rights to delete data provided for in the Regulation (the right to be forgotten, Article 17 of the Regulation) and the right not to be subject to automated processing (Article 22 (1) of the Regulation) are implemented by the User by changing the settings in the browser or deleting cookies.
  7. Data on Users’ activity, which is sent to a leading provider of analytical technologies, are subjected to “on-the-fly” operations to ensure their anonymity, such as masking IP addresses and automated introduction of “noise” (changes to prevent users from being under surveillance while at the same time not significantly affecting the value of statistical data).
  8. Navigation tags are small picture files placed on a website, enabling the collection of specific information sent by the User’s computer, such as IP address, time of visiting the website, browser type or cookies installed during previous visits by the same server. The use of navigation markers by the Administrator takes place in accordance with applicable law. Disabling navigation tags is possible by rejecting certain cookies responsible for the appearance of a given tag.
  9. Widgets are functions that allow content to be shared using third party social networking applications, such as Facebook or Twitter. Users’ personal data provided in connection with the use of social media applications may be collected and used by other users of the same applications, and data processing in connection with the use of these applications is carried out in accordance with the privacy policy of the providers of these applications. Therefore, the Administrator is not responsible for the use of Users’ data by the above-mentioned entities.

4 Period of personal data storage

  1. Personal data in the website logs are stored for a period of two years.
  2. Personal data processed for statistical purposes are subject to immediate anonymization, and the cookie used to identify the User is stored for a period of two years from the date of the last visit.
  3. The data processed on the basis of consent are processed until the consent is withdrawn, but not longer than for two years from the date of the last receipt of confirmation that the consent is valid, e.g. in the form of reading the newsletter or making contact.
  4. Data processed in connection with the implementation of the Administrator’s statutory goals will be anonymized no later than after three years.
  5. Data used to establish, assert or defend claims will be processed adequately.

5 Recipients of data

  1. Administrator does not disclose User’s data to other entities without the consent of the User. The disclosure of personal data without the consent of the data subject may take place only on the basis of legal provisions, in accordance with the principles set out in these provisions and for the purposes specified therein.
  2. The Administrator may entrust the processing of Users’ personal data on behalf of the Administrator to another entity on the terms set out in art. 28 of the Regulation.
    1. it means that all entities to which the Administrator entrusts the Users’ data are contractually related to the Administrator and act only at his request and under his supervision;
    2. all matters related to the protection of privacy, and concerning the actions or omissions of entities to which the Administrator entrusted the data, should be directed to the Administrator’s DPO;
    3. processing entities entrusted with the processing by the Administrator belong to the following categories: entities providing the mass mailing service of newsletters; hosting; entities providing IT support services.
  3. The links on the Website may redirect the User to other websites that have their own privacy policies. Users should read the privacy policy of each website they visit before providing their personal information.

6 The rights of persons whose personal data are processed

  1. The User has the right to obtain information from the Administrator regarding the processing of his personal data, as well as to influence the manner, scope and time of their processing, including the right to:
    1. obtaining access to your own personal data (including obtaining confirmation whether they are processed and obtaining information, e.g. about the purposes, sources, categories of data processed or the period of their storage), which also includes the right to receive a copy of your own data free of charge (for any subsequent copies requested by the User, the Administrator may charge a reasonable fee resulting from administrative costs),
    2. obtaining information on the method of sharing data, in particular information about the recipients or categories of recipients to whom the data is made available,
    3. the right to withdraw the consent to the processing of User’s personal data,
    4. requests for supplementing, updating, rectifying personal data, if they are incomplete, out of date or untrue, as well as restrictions on data processing,
    5. requesting deletion of data (the right to “be forgotten”), incl. when they are not necessary to achieve the purposes for which they were collected, consent to their processing has been withdrawn or there are no other legal grounds for their processing,
    6. transferring data, including obtaining from the Administrator the personal data provided by the User in a structured, commonly used machine-readable format,
    7. object to data processing.
  2. In the event that the User considers the above rules insufficient, he may at any time write to the Administrator’s DPO at the address indicated above or to the Administrator himself, electronically to the address media@niw.gov.pl or in writing to the address of the Communication and Promotion Office of the Administrator, in order to obtain explanations, information or to exercise his right.
  3. If the User considers that the processing of his personal data by the Administrator violates the provisions of the Regulation, he has the right to lodge a complaint with the President of the Office for Personal Data Protection.

7 Change of the privacy policy

The administrator may make changes to this Privacy Policy. In this case, it will include information on the last update date on the first page of the Privacy Policy.

Newletter

Newsletter

Sign up for our newsletter

  
I confirm that I have read, understood and accept Privacy Policy and I express my consent to processing my personal data for the purpose of newsletter subsribtion.

Copyright ©2021 All rights reserved | Created by nFinity

Widget not in any sidebars

Tell a friend!



Email a friend about this news!
Share via:


MessengerFacebookEmailShare