Privacy policy

Legal Basis for Processing Personal Data

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as "GDPR".
  2. Act of 10 May 2018 (Journal of Laws 2018, item 1000).

Provisions

I. The administrator of your personal data is Społeczna Akademia Nauk with its registered office in Łódź, ul. Sienkiewicza 9, 90-113 Łódź.

II. The Data Protection Officer (DPO) appointed by the Administrator supervises the correctness of personal data processing. You can contact the Data Protection Officer via email at: iod@san.edu.pl

III. Personal data processing is carried out in compliance with the law and based on specific legal regulations, which include:

1/ Article 6(1)(b) GDPR – personal data is processed based on a contract concluded with Społeczna Akademia Nauk in Łódź (necessity of processing for the performance of a contract to which you are a party, including the provision of free services by electronic means, such as sending mail, surveys, inquiries, etc.).
2/ Article 6(1)(c) GDPR – necessity to comply with a legal obligation to which the Administrator is subject (e.g., storing VAT invoices to fulfill tax obligations).
3/ Article 6(1)(f) GDPR – necessity of processing for the purposes of legitimate interests pursued by the Administrator or by a third party, particularly marketing and promotion.
4/ Article 6(1)(a) GDPR – your consent to the processing of personal data.

IV. Your data is processed by the Administrator for one or more of the following purposes:
1/ fulfilling the terms of a contract concluded with Społeczna Akademia Nauk in Łódź (Article 6(1)(b) GDPR),
2/ fulfilling fiscal and accounting obligations (Article 6(1)(c) GDPR),
3/ providing free email services if you have consented to receive commercial information (Article 6(1)(b) GDPR),
4/ establishing, asserting, and defending mutual claims (Article 6(1)(f) GDPR),
5/ marketing purposes (Article 6(1)(f) GDPR),
6/ analytical purposes (Article 6(1)(f) GDPR),
7/ statistical purposes (Article 6(1)(f) GDPR),
8/ archival purposes (Article 6(1)(f) GDPR).

V. The recipients of your personal data are entities to which the Administrator outsources activities that involve the need to process data (processing entities): IT system operators, payment system operators, SMS system operators, email marketing, promotion, recruitment operators, law firms, accounting and auditing companies.

VI. Your personal data is not transferred to third countries, i.e., outside the European Economic Area, nor to international organizations.

VII. Personal data will be processed for the time necessary to achieve the purposes mentioned in point IV, until the completion of educational services, and afterward until the expiry of potential claims or the lapse of obligations to retain data arising from legal provisions.

VIII. In connection with the processing of personal data by the Administrator (ADO), you have the following rights:
1. the right to request access to your personal data, its rectification, erasure, or restriction of processing,
2. the right to object to processing,
3. the right to data portability,
4. the right to withdraw consent for the processing of personal data for a specific purpose if you have given such consent,
5. the right to lodge a complaint with a supervisory authority regarding the processing of your personal data by the ADO.

You can exercise the above rights in accordance with the principles described in Articles 16–21 of the GDPR by contacting the Administrator (ADO) via the Data Protection Officer at the following address: iod@san.edu.pl

IX. Providing personal data is always voluntary but necessary to use the website's functions.

X. The Administrator guarantees the confidentiality of all personal data provided and ensures all necessary measures of security and protection of personal data required by data protection regulations. Personal data is collected with due care and properly protected against access by unauthorized persons. Personal data is processed only within the European Union.

XI. The Administrator does not transfer or trade user personal data. Your personal data is not disclosed to other individuals or institutions without your consent. Personal data processed by the ADO may be shared with authorized state authorities upon their request based solely on relevant legal provisions.

XII. To use the University website's features, you must provide personal data, such as your email address, by filling out a contact/registration form. The legal basis for processing your personal data provided in the contact/registration form is your consent. The data provided in the form will be recorded in the Administrator's database.

XIII. By contacting the University via email, you provide your email address as the sender's address. Additionally, other personal data may be included in the message content. The legal basis for processing personal data in such cases is consent resulting from initiating contact. The personal data you provide in email correspondence is processed solely to handle your inquiry. The content of correspondence may be archived.

XIV. The website uses cookies. Cookies are small text files stored on your device (e.g., computer, tablet, smartphone) that can be read by the Administrator's IT system.

XV. Cookies allow:
1. the proper functioning of the website as expected,
2. improved speed and security of using the website,
3. enhancement of the website's features available to you,
4. the use of analytical tools,
5. the use of marketing tools,
6. providing social media functions.

XVI. During the first visit to the website, information about the use of cookies by the ADO is displayed. Accepting and closing this information means that you consent to the use of cookies in accordance with this privacy policy. You can always withdraw your consent by deleting cookies and changing cookie settings in your browser.
Own cookies. Cookies can be divided into own and third-party cookies. Regarding own cookies, the ADO uses them to ensure the website functions correctly.

XVII. The Administrator uses cookies to track website statistics, such as the number of visitors, types of operating systems, and web browsers used to view the website, time spent on the site, visited subpages, etc. ADO uses Google Analytics for this purpose. The information collected in this scope is entirely anonymous and does not allow for user identification. To this end, Google LLC cookies related to the Google Analytics service are used. The use of Google Analytics involves implementing a tracking code provided by Google in the website's code. This code is based on cookies but may also use other tracking technologies.

XVIII. ADO uses Facebook's marketing tools to target ads to you on that platform. For this purpose, a Pixel tool provided by Facebook has been implemented in the website's code, which remembers your visits to the website. Facebook cookies are used for this purpose.
XIX. Using the website involves sending queries to the server hosting the website. Each server query is logged in server logs. Logs include, among others, IP address, server date and time, information about the browser and operating system used by the user. Logs are stored and saved on the server. Data in server logs is not associated with specific users and is not used by the Administrator to identify users. Server logs are auxiliary material used for website administration and are not disclosed to anyone except those authorized to administer the server.

XX. Questions and concerns regarding the privacy policy can be addressed via email to: iod@san.edu.pl

XXI. The Administrator makes every effort to provide all physical, technical, and organizational measures to protect personal data against accidental or intentional destruction, loss, alteration, unauthorized disclosure, use, or access in accordance with all applicable regulations.