PRIVACY POLICY

applicable from 24 May 2018.

Adam Mickiewicz University Foundation in Poznań (AMUF) attaches particular importance to the protection of the privacy of persons whose data it processes, also in relation to the functioning of its website and services as well as operations performed or initiated electronically. Adam Mickiewicz University Foundation based in Poznań uses the principles stipulated in applicable provisions of law, including the GDPR Regulation, in order to protect personal data .

The Privacy Policy sets out measures that we use to protect personal data and the rights of persons whose personal data we process.

1. Who is the controller of personal data and how can they be contacted?

Adam Mickiewicz University Foundation in Poznań (61-612) at ul. Rubież 46, entered in the register of entrepreneurs and in the register of associations, other social and trade organisations, foundations and public healthcare establishments of the National Court Register (KRS) under KRS number: 0000052045, whose registration files are kept by the District Court for Poznań – Nowe Miasto and Wilda, holding the Tax Identification Number (NIP) 7810002075, hereinafter referred to as AMUF, is the controller of your personal data.

Should you have any questions concerning personal data processing or the exercise of Your rights, feel free to contact the data Controller by sending an e-mail to the following address: iod@ppnt.poznan.pl.

2. Contact details of the Personal Data Protection Officer.

AMUF has a Personal Data Protection Officer, who can be contacted by e-mail sent to: iod@ppnt.poznan.pl.

3. What for and on what basis do we process Users’ Personal Data?

AMUF processes personal data for various purposes, which are listed below:

  1. Pursuant to Article 6(1)(a) of the GDPR, that is, on the basis of the consent of the data subject, AMUF processes personal data in order to:
    1. send a Newsletter;
    2. send commercial information;
    3. market products and its own services;
    4. initiate contact and handle notifications sent by means of contact forms;
    5. carry out registration for training courses, workshops, conferences or other events organised by AMUF or in cooperation with AMUF;
    6. recruit employees;
    7. carry out recruitment for the purposes of a scholarship programme or a support programme organised by AMUF or in cooperation with AMUF, as well as the implementation of a scholarship programme or a support programme;
    8. run websites available after user registration.Giving consent to the processing of personal data for each of the above purposes is voluntary, but necessary for the above-mentioned activities to be undertaken by AMUF.
  2. Pursuant to Article 6(1)(b) of the GDPR, that is, when it is necessary for the performance of an agreement to which the data subject is a party or to undertake actions at the request of the person whose data are processed, before the conclusion of the agreement, in order to:
    1. perform, conclude, prepare the content, amend or terminate agreements between AMUF and the data subject;
    2. undertake actions at the request of a person whose data are processed before the conclusion of the agreement.This point refers, in particular, to agreements concluded by e-mail or through the Internet, as well as actions undertaken before the conclusion of the agreement initiated by a party through the Internet or e-mail.
  3. Pursuant to Article 6(1)(c) of the GDPR, i.e. for the purposes of the fulfilment of AMUF’s legal obligation, in order to:
    1. perform agreements with third parties, in particular to organise study trips for the participants and provide insurance for the participants;
    2. prepare invoices and fulfil other obligations stipulated by the provisions of tax law.
  4. Pursuant to Article 6(1)(f) of the GDPR, that is, for the purposes resulting from legitimate interests of AMUF, in order to:
    1. statistical, information, archival, analytical ones – in this case, the legitimate interest involves the analysis of activities and services already performed by AMUF in order to adapt them to the needs of interested parties in the future and learn the customers’ activity;
    2. perform, conclude, prepare the content, amend or terminate agreements to which AMUF is a party, and to undertake actions before the conclusion of an agreement – if an agreement has been concluded with a person other than the contact person for matters related to the agreement (e.g. an employee, a partner of the party) – in this case, the legitimate interest of AMUF involves the performance of the agreement or the initiation of actions before the conclusion thereof;
    3. organise study trips and insure the participants – in this case, the legitimate interest of AMUF involves the accomplishment of statutory goals of AMUF;
    4. evaluate satisfaction with services offered by AMUF – in this case, the legitimate interest of AMUF is to learn customers’ opinions on the provided services, in order to adapt them to the needs and expectations of interested parties;
    5. establish, exercise or defend claims – in this case, the legitimate interest of AMUF involves the possession of personal data that will enable the establishment, exercise or defence of claims, including those of customers and third parties;
    6. administer AMUF’s websites – in this case, the legitimate interest of AMUF involves the necessity of running and administering websites;

DATABASE.

AMUF informs that every personal data filing system is protected against unauthorised access in a manner consistent with the personal data processing purposes and risks. The IT system used to process personal data meets the requirements of the high quality of data protection. We do not make personal data available to third parties otherwise than upon the data subject’s explicit consent or at their request or under applicable legal provisions (also at the request of statutorily authorised public authorities for the purposes of proceedings or safety- or defence-related actions conducted by them, and for the purposes of legally required tasks performed in the public interest).

4. How do we use cookies?

AMUF uses cookies on websites in order to adapt provided services and contents published on websites to individual needs of their users. The user has a right to disable the functions of accepting cookies on their computer. However, they may, in such a case, be no longer able to use certain functionalities available on our website.

5. The requirement of providing personal data.

Providing any kind of personal data is voluntary and depends on You. However, in some cases, the provision of certain personal data is necessary for AMUF to undertake certain activities at Your request or perform certain services.

On AMUF’s websites, data that must be provided in order for a given activity mentioned in the form to be carried out are marked in individual contact forms. If the required data are not provided, the related activities will not be initiated.

6. Who do we make the received personal data available to?

We transfer Your personal data to the following categories of recipients:

  1. Processors.
    We cooperate with entities who process Your personal data exclusively at our request. If required, we transfer Your personal data to entities who provide financial and HR, legal, insurance and hosting services to us, provide on-line marketing systems to us, handle mailing, carry out website traffic analyses and marketing campaign effectiveness analyses.
  2. Public authorities.We provide Your personal data if it is required by authorised public authorities, in particular the organisational units of the prosecutor’s office, Police, The Inspector General for Personal Data Protection (from 25 May 2018 the President of the Office for Personal Data Protection), the President of the Office for Competition and Consumer Protection or the President of the Office of Electronic Communications. However, we ensure that we analyse every request to provide personal data very carefully and thoroughly, so that the information is not transferred to an unauthorised person.
  3. Third countries.Just as most other entrepreneurs, we use various popular services and technologies offered by entities such as Facebook, Microsoft, Google. These entities have joined the Privacy Shield programme based on the executive decision of the European Commission of 12 July 2016. Entities that joined the Privacy Shield programme guarantee that they will meet hight data protection standards applicable in the European Union, therefore the use of their services and offered technologies in the personal data processing process is lawful.

7. How long are Your personal data stored?

Individual personal data are stored for a period that is necessary for the purposes for which the data are processed, in particular, but not only, for the following periods:

  1. service performance;
  2. agreement performance, if it has been concluded;
  3. by the time the consent is withdrawn by an authorised person – with respect to data processed on the basis of the consent;
  4. in the case of data stored particularly for analytical, statistical, information purposes – by the time they become outdated or useless.

Apart from the above-mentioned periods, AMUF stores data for a period required for the completion of a complaint procedure, for a period required to secure or exercise legitimate claims, if any, as well as for the fulfilment of a legal obligation under, in particular, but not exclusively, tax or accounting regulations.

Once you decide not to receive commercial information, Your data will be anonymised.

8. What are your rights related to the processing of Your personal data?

Any correspondence related to the processing of Your personal data should be sent to: iod@ppnt.poznan.pl or by traditional mail: AMU Foundation, ul. Rubież 46, 61-612 Poznań with “Personal Data” note.

  1. The right to withdraw Your consent (Article 7(3) of the GDPR).Every person whose personal data are processed has a right to withdraw the consent granted to AMUF during the provision of personal data. Consent withdrawal does not affect the lawfulness of the personal data processing carried out on the basis of your consent before the consent withdrawal. Consent withdrawal does not have any negative consequences. However, it will prevent Your further use of AMUF’s services, which, according to applicable regulations, can be provided exclusively upon Your consent.
  2. Right of data access (Article 15 of GDPR).Everyone has a right to obtain from AMUF a confirmation whether we process their personal data and, if so, the data subject is entitled to:
    1. obtain information about the purposes of processing, categories of processed personal data, the recipients and the categories of the recipients of these data, about the planned data storage period or the criteria for setting this period, about Your rights under the GDPR and about the right to submit a complaint to a supervisory authority, about the source of these data, about automated decision-making, including profiling, and about security measures used in relation to the provision of these data outside the European Union;
    2. obtain a copy of their personal data.
  3. Right to data rectification (Article 16 of GDPR).Everyone has a right to rectify or supplement the provided personal data if they are incorrect.
  4. Right to data erasure „Right to being forgotten“ (Article 17 of GDPR).Each of You has a right to request that all or some of Your personal data processed by UAMF are erased. This right will be respected by AMUF without unnecessary delay if:
    1. the personal data are no longer required for the purposes for which they have been collected or otherwise processed;
    2. a particular consent has been withdrawn to the extent to which the personal data were processed and there are no other grounds for the processing;
    3. You objected the use of Your personal data for e.g. marketing or satisfaction survey purposes, and the objection was found legitimate;
    4. personal data are processed unlawfully.Due to the objection or consent withdrawal, AMUF may retain certain personal data to the extent that is necessary for the establishment, exercise or defence of claims. It applies, in particular, to personal data such as names and surname, e-mail address and application history, which are retained for the purposes of handling complaints and claims related to the use of our services.
  5. Right to restriction of processing (Article 18 of GDPR).Everyone has a right to request that the processing of their personal data is limited in the following cases:
    1. the correctness of Your personal data is questioned – then their use is limited to the time that we require to check the correctness of Your personal data, however, for no longer than 30 days;
    2. data processing is unlawful and the request is related to restriction of data processing rather than their removal;
    3. personal data are no longer necessary for AMUF for the purposes for which they have been collected or used, but You need them to establish, exercise or defend claims;
    4. you objected the use of Your data – in such a case the restriction is effected for a period required to establish whether AMUF’s legitimate grounds prevail the grounds for the data subject’s restriction.
  6. Right to data portability (Article 20 of GDPR).Everyone has a right to receive their personal data that have been provided to UAMF and then to send them to another, selected personal data controller. You also have a right to request that Your personal data are sent by AMUF directly to such another controller if it is technically possible.
  7. Right to object data processing (Article 21 of GDPR).You can object to processing of Your personal data by AMUF at any time when Your personal data are processed based on AMUF’s legitimate interest, e.g. in relation to the use of services marketing or a satisfaction survey.If your objection is found legitimate and we will have no other legal grounds for the processing of Your personal data, we will remove Your personal data in accordance with the submitted objection.
  8. In what time do we fulfil your requests?
    If, exercising the above-mentioned rights, You submit a request to AMUF, the request is either fulfilled or we refuse to fulfil it immediately, not later than within 1 (say: one) month from the receipt thereof.

It turns out that, due to the complex nature of a request or the number of requests, AMUF will not be able to fulfil the requirement within 1 (say: one) month, it will be fulfilled within the subsequent 2 (say: two) months, informing You in advance about the extension of the deadline.

  • Submitting complaints, inquiries and applications.Complaints, inquiries and applications concerning the processing of Your personal data can be submitted each time to AMUF.If, for any reason, You believe that the personal data protection right or other rights granted to You under the GDPR have been violated, You have a right to submit a complaint to the Inspector General for Personal Data Protection (from 25 May 2018 – President of the Office for Personal Data Protection).

 

9. Automated decision-making and profiling.

AMUF does not perform any automated decision-making, including based on profiling. The content of an inquiry sent by means of contact forms is not assessed by an IT system.

10. Changes in the privacy policy.

Every person using our website in any way is obliged to obey the Privacy Policy applicable at the time of their use. Legislative changes concerning personal data protection as well as other factors may influence changes in the privacy protection policy. AMUF undertakes to obey the principles included in this Privacy Policy, however, it reserves the right to change the Privacy Policy.