Privacy Policy

The following Privacy Policy sets out the rules for storing and accessing data on the devices of Users of the Website for the purposes of the Controller providing services electronically, as well as the rules for collecting and processing Users’ personal data which they have provided personally and voluntarily via the tools available on the Website.

The Privacy Policy set out below forms an integral part of the Rules and regulations, which set out the rules, rights and obligations of Users of the Website.

§1 Definitions

• Website – the “JuwenaliaŚląskie” website operating at juwenaliaslaskie.pl
• External website – websites of partners, service providers or service users cooperating with the Controller
• Website/Data Controller – The Website Controller and Data Controller (hereinafter the Controller) is the company “FundacjaInicjatywAkademickich PAIDEIA”, operating at: Bankowa 12A, 40-007 Katowice, Poland, with tax identification number (NIP): 9542812578, with KRS number: 0000828936, providing services electronically via the Website
• User – a natural person to whom the Controller provides services electronically via the Website.
• Device – an electronic device, including its software, through which the User accesses the Website
• Cookies – data collected in the form of text files stored on the User’s Device
• GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
• Personal data – means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
• Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
• Restriction of processing – means the marking of stored personal data with the aim of limiting their processing in the future
• Profiling – means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements
• Consent of the data subject – means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
• Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed
• Pseudonymisation – means the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the data cannot be attributed to an identified or identifiable natural person
• Anonymisation – means an irreversible data processing operation that destroys or overwrites ‘personal data’, thereby preventing the identification of, or the linking of a given record to, a specific user or natural person. 

§2 Data Protection Officer

Pursuant to Article 37 of the GDPR, the Controller has not appointed a Data Protection Officer.

For matters relating to data processing, including the processing of personal data, please contact the Controller directly.

§3 Types of Cookies

• Internal cookies – files placed on and read from the User’s Device by the Website’s IT system
• Third-party cookies – files placed on and read from the User’s Device by the IT systems of third-party websites. Third-party scripts that may place cookies on the User’s Device have been deliberately included on the Website by means of scripts and services made available and installed on the Website
• Session cookies – files placed on and read from the User’s Device by the Website during a single session on that Device. Once the session ends, the files are deleted from the User’s Device.
• Permanent cookies – files placed on and read from the User’s Device by the Website until they are manually deleted. The files are not automatically deleted at the end of the Device’s session unless the User’s Device is configured to delete cookies at the end of the Device’s session.

§4 Data storage security

• Mechanisms for storing and reading cookies – the mechanisms for storing, reading and exchanging data between cookies stored on the User’s Device and the Website are implemented via the built-in mechanisms of web browsers and do not allow the collection of other data from the User’s Device or data from other websites visited by the User, including personal data or confidential information. The transfer of viruses, Trojan horses and other malware to the User’s Device is also practically impossible.
• Internal cookies – the cookies used by the Controller are safe for Users’ devices and do not contain scripts, content or information that could compromise the security of personal data or the security of the device used by the User.
• Third-party cookies – the Controller takes all possible measures to verify and select website partners with regard to User security. The Controller selects well-known, large partners with global public trust for cooperation. However, the Controller does not have full control over the content of cookies originating from third-party partners. To the extent permitted by law, the Controllershall bear no liability for the security of cookies, their content, or their licence-compliant use by scripts installed on the website that originate from external websites. A list of partners is provided later in this Privacy Policy.

§5 Managing cookies

• Users may, at any time, change their settings regarding the storage, deletion and access to data stored in cookies by any website.
• Information on how to disable cookies in the most popular web browsers is available at: how to disable cookies or from one of the listed providers:
  • • Managing cookies in Chrome
    • Managing cookies in Opera
    • Managing cookies in Firefox
    • Managing cookies in Edge
    • Managing cookies in Safari
    • Managing cookies in Internet Explorer 11
  • The User may at any time delete any cookies stored up to that date using the tools on the User’s device through which the User accesses the Website’s services.
• Risks on the User’s part – the Controller employs all possible technical measures to ensure the security of data stored in cookies. However, it should be noted that ensuring the security of this data depends on both parties, including the User’s actions. The Controller shall not be liable for the interception of such data, impersonation of the User’s session, or the deletion of such data, resulting from the User’s deliberate or inadvertent actions, including viruses, Trojan horses, and other spyware with which the User’s Device may be or has been infected. To protect themselves against these threats, Users should adhere to the rules for using the Internet.
• Storage of personal data – the Controller ensures that all efforts are made to ensure that the personal data processed, which has been provided voluntarily by Users, is secure, that access to it is restricted, and that it is used in accordance with its intended purpose and the purposes of processing. The Controller also ensures that every effort is made to protect the data held against loss, through the use of appropriate physical and organisational safeguards.

§6 Purposes for which cookies are used

• To improve and facilitate access to the Website
• To personalise the Website for Users
• Marketing and remarketing on external websites
• Advertising services
• Affiliate services
• Compiling statistics (users, number of visits, device types, internet connection, etc.)
• Provision of multimedia services
• Provision of social media services

§7 Purposes of data processing

• Personal data voluntarily provided by Users is processed for one of the following purposes:
  • Provision of electronic services:
    • Services involving the sharing of information about content posted on the Website on social media platforms or other websites.
  • Communication between the Controller and Users regarding matters related to the Website and data protection
  • Safeguarding the Controller’s legitimate interests
• User data collected anonymously and automatically is processed for one of the following purposes:
  • Compiling statistics
  • Remarketing
  • Serving adverts tailored to Users’ preferences
  • Operating affiliate programmes
  • Safeguarding the Controller’s legitimate interests

§8 Third-party cookies

• The Controller of the Website uses JavaScript scripts and web components from partners who may place their own cookies on the User’s device. Please note that in your browser settings, you can decide for yourself which cookies are permitted to be used by individual websites. Below is a list of partners or their services implemented on the Website that may place cookies:
  • Multimedia services:
    • YouTube
  • Social media / integrated services:
    • (Registration, login, content sharing, communication, etc.)
    • Facebook
    • Instagram
  • Advertising services and affiliate networks:
    • Google AdSense
    • Meta Pixel
  • Statistics tracking:
    • Google Analytics
    • Facebook Analytics for Apps
    • Meta Pixel
• Services provided by third parties are beyond the Controller’s control. These third parties may at any time change their terms of service, privacy policies, the purposes for which they process data, and the ways in which they use cookies.

§9 Rodzaje gromadzonych danych

The Website collects data about Users. Some of this data is collected automatically and anonymously, whilst other data consists of personal data provided voluntarily by Users when signing up for specific services offered by the Website.

Anonymous data collected automatically:

• IP address
• Browser type
• Screen resolution
• Approximate location
• Web pages visited
• Time spent on each web page
• Operating system
• Address of the previous web page
• Referrer URL
• Browser language
• Internet connection speed
• Internet service provider
• Demographic data (age, gender)

Some data (excluding identifying information) may be stored in cookies. Some data (excluding identifying information) may be transferred to a statistics provider.

§10 Access to data by third parties

As a matter of principle, the Controller is the sole recipient of the personal data provided by Users. Data collected in connection with the services provided is not disclosed to or sold to third parties.

Access to data (usually on the basis of a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for the operation of the website, namely:

• Hosting companies providing hosting or related services to the Controller
• Outsourcing of personal data processing – Hosting, VPS or Dedicated Server services

To operate the website, the Controller uses the services of an external hosting provider, VPS or Dedicated Servers – home.pl S.A.. All data collected and processed on the website is stored and processed within the service provider’s infrastructure located within the European Union. Access to the data may occur as a result of maintenance work carried out by the service provider’s staff. Access to this data is governed by an agreement between the Controller and the Service Provider.

§11 Data processing methods

Personal data provided voluntarily by Users:

• Personal data will not be transferred outside the European Union, unless it has been published as a result of the User’s individual actions (e.g. posting a comment or entry), which will make the data accessible to anyone visiting the website.
• Personal data will not be used for automated decision-making (profiling).
• Personal data will not be sold to third parties.

Anonymous data (excluding personal data) collected automatically:

• Anonymous data (excluding personal data) will be transferred outside the European Union.
• Anonymous data (excluding personal data) may be used for automated decision-making (profiling).
• The profiling of anonymous data (without personal data) does not produce legal effects or similarly significantly affect the data subject to automated decision-making.
• Anonymous data (without personal data) will not be sold to third parties.

§12 Legal basis for data processing

The Website collects and processes Users’ data on the basis of:

• Regulation (Eu) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC:
  • Article 6(1)(a)
    the data subject has given consent to the processing of his or her personal data for one or more specific purposes
  • Article 6(1)(b)
    processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • Article 6(1)(f)
    processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
• The Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000)
• The Act of 16 July 2004 – Telecommunications Law (Journal of Laws 2004, No. 171, item 1800)
• Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws 1994 No. 24, item 83)

§13 Duration of data processing

Personal data provided voluntarily by Users:

As a matter of principle, the above-mentioned personal data is stored solely for the duration of the provision of the Service by the Controller via the Website. It is deleted or anonymised within 30 days of the cessation of service provision.

An exception applies where there is a need to safeguard legitimate interests justifying the further processing of such data by the Controller. In such cases, the Controller will retain the specified data, from the time the User requests its deletion, for no longer than a period of 3 years in the event of a breach or suspected breach of the Website’s terms and conditions by the User

Anonymous data (without personal data) collected automatically:

Anonymous statistical data, which does not constitute personal data, is stored by the Controller for the purpose of compiling website statistics for an indefinite period.

§14 Users’ rights concerning data processing

Users of the Website have the following rights in regard to data processing:

• Right of access to personal data – users have the right to access their personal data, which may be exercised by submitting a request to the Controller
• Right to rectification of personal data – users have the right to request that the Controller immediately rectify personal data that is inaccurate and/or complete any incomplete personal data, upon request to the Controller
• Right to erasure of personal data – users have the right to request that the Controller immediately erase their personal data, which is carried out upon receipt of a request submitted to the Controller. In the case of user accounts, erasure involves anonymising data that enables the identification of the User. The Controller reserves the right to withhold compliance with a request for data erasure in order to protect the Controller’s legitimate interests (e.g. where the User has breached the Terms and Conditions or the data was obtained as a result of correspondence).In the case of the Newsletter service, the User has the option to delete their personal data themselves by using the link provided in every email sent.
• Right to restrict the processing of personal data – users have the right to restrict the processing of their personal data in the cases specified in Article 18 of the GDPR, including where they contest the accuracy of the personal data, upon request submitted to the Controller
• Right to data portability – users have the right to receive from the Controller personal data concerning the user in a structured, commonly used and machine-readable format, to be provided upon request submitted to the Controller
• Right to object to the processing of personal data – users have the right to object to the processing of their personal data in the cases specified in Article 21 of the GDPR, which may be exercised by submitting a request to the Controller
• Right to lodge a complaint – users have the right to lodge a complaint with the supervisory authority responsible for personal data protection.

§15 Contact details for the Controller

Contact with the Controller is possible by using one of the following methods

• Postaladdress – „Fundacja Inicjatyw Akademickich PAIDEIA”,
  Bankowa 12A, 40-007 Katowice, Poland
• Email address – biuro@fundacjapaideia.edu.pl

§16 Website Requirements

• Restricting the storage of and access to cookies on the User’s device may cause certain Website functions to malfunction.
• The Controller shall not be liable for any malfunctioning of the Website’s features should the User restrict, in any way, the ability to store and read cookies.

§17 External links

The Website – including articles, posts, entries or User comments – may contain links to external websites with which the Website Owner does not collaborate. These links, and the websites or files they point to, may be harmful to your Device or pose a threat to the security of your data.

The Controller shall not be liable for content located outside the Website.

§18 Changes to the Privacy Policy

• The Controller reserves the right to amend this Privacy Policy at any time without the need to notify Users regarding the use and processing of anonymous data or the use of cookies.
• The Controller reserves the right to amend this Privacy Policy at any time regarding the processing of Personal Data, and shall notify Users who hold user accounts or are subscribed to the newsletter service via email within 7 days of the amendments being made. Continued use of the services constitutes acknowledgement and acceptance of the changes made to the Privacy Policy. Should a User not agree with the changes made, they are obliged to delete their account from the Website or unsubscribe from the newsletter service.
• Any changes made to the Privacy Policy will be published on this subpage of the Website.
• The changes come into effect upon their publication.