1. The Polish Association for Security pays special attention to respecting the privacy of the users contacting the company, especially focusing on ensuring the protection of their personal data, and uses appropriate organizational and technical solutions to protect Internet users from the actions of third parties. All actions we take to ensure that the user has a sense of complete security is in accordance with applicable law.
3. We respect your right to privacy and take care of data security. For this purpose, among other things, a secure communication encryption protocol (SSL) is used.
PERSONAL DATA ADMINISTRATOR
1. The administrator of your personal data is the Polish Association for Security (hereinafter: “Association” or “Administrator”) based at St. Dąbrowszczaków 8/9B/1, 10-539 Olsztyn, e-mail address: firstname.lastname@example.org, NIP number 7393251003, REGON number 511405804.
2. This Policy is a set of information about the rights of data subjects in relation to the acquisition of personal data and its processing by the Administrator, the rules applied by the Association in the field of personal data protection, including those collected through online forms located on the website: www.bezpiecznie.expert, as well as through the recording of cookies in terminal devices.
LEGAL BASIS FOR PROCESSING PERSONAL DATA
When collecting your personal data, we inform you of the legal basis for its processing. It stems from the provisions of GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data on the free movement of such data and the repeal of Directive 95/46/EC – the General Data Protection Regulation). When we inform you about:
- 6(1)(a) GDPR – we process personal data on the basis of consent received from you,
- 6(1)(b) GDPR – we process personal data because it is necessary for the performance of a contract or to take action at the request of the data subject prior to entering into a contract,
- 6(1)(c) GDPR – we process personal data in order to fulfill a legal obligation,
- 6(1)(f) GDPR – we process personal data in order to carry out legitimate interests.
PURPOSE AND SCOPE OF DATA COLLECTION
1. The Association limits the collection and processing of personal data to the necessary minimum required to provide the services provided. The Association collects data in connection with:
- filling out an online form
- conclusion and performance of the contract (including the contract for training on the educational platform www.lms.bezpiecznie.expert)
- giving consent to receive commercial information regarding the Administrator’s services or products
- when contacting the Administrator using the tools available on the website www.bezpiecznie.expert
- automatically through cookies
2. The collection of personal data is done in order to:
- handling a request made through the contact form available on the website www.bezpiecznie.expert
- concluding and executing a training contract
- carry out other instructions of the data subject
- sending commercial information after obtaining prior consent
- adapting the content of the www.bezpiecznie.expert website to the visitor’s preferences, as well as optimizing the use of the website
- to evaluate the quality of products and services offered by the Association
- to fulfill legal obligations incumbent on the Administrator
3. The Administrator, due to the subject of the contract and other elements of the contract, may process the following personal data:
- name and surname
- address of residence/business/site (street, house number, apartment number, postal code, city, country)
- PESEL number
- date of birth
- e-mail address
- contact phone number
- employer data
- data related to the course of study
- company name and tax identification number (NIP)
Each time the scope of personal data required to conclude a contract is indicated on the relevant web form, or in the body of the contract.
4. In order to confirm the identity of the Client, the Administrator shall be entitled to verify the Client’s personal data, including identity document.
1. Use of the Web site involves sending requests to the server on which the site is stored. The resources viewed are identified by URLs. Each query directed to the server is recorded in the web server logs. The record may include:
- the public IP address of the computer from which the query came,
- the time of arrival of the query,
- URL address of the page previously visited by the user – in case the page was accessed via a link,
- information about the user’s web browser and operating system,
- information about errors that occurred during the HTTP transaction.
2. The above-mentioned data are used as auxiliary material for the administration of the site and to ensure the efficient operation of the provided hosting services.
3. The data are not associated with specific persons browsing the site.
4. The data are not disclosed to anyone except those authorized to administer the server.
1. Personal data shall be retained for no longer than necessary to fulfill the purposes for which they were collected and for the period necessary to fulfill the Administrator’s legal obligations. Thus, personal data are kept until:
- it is necessary for the performance of a contract, i.e. the delivery of a product or service,
- applicable laws require the storage of personal data by the Administrator,
- personal data is required to protect and defend the rights or property of the Administrator (this will be the length of the statute of limitations for claims).
Within the limits of the provisions of the GDPR, you have the right to:
- access to your data,
- rectification (correction) of your data,
- deletion of data,
- limitation of data processing,
- object to the processing of your data,
- transfer of your data,
- lodge a complaint to the President of the Office for Personal Data Protection or other competent supervisory authority, in case you consider that the processing of your data violates applicable regulations,
- revoke your consent to the processing of your personal data.
SHARING OF PERSONAL DATA
1. In connection with the conduct of activities that require the processing of personal data, personal data may be disclosed to external entities, i.e. suppliers operating IT systems, entities offering accounting services, postal operators, and couriers.
2. The Administrator may disclose selected information having to do with the User to competent authorities or third parties who make a request for such information, relying on an appropriate legal basis and in accordance with the provisions of applicable law.
CHANGES TO THE DATA PROCESSING POLICY