Select Page

 

Data protection policy

I. Name and address of the person responsible

 

The person responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

Data administrator: Uniwersytet Warszawski, ul. Krakowskie Przedmieście 26/28, 00-927 Warszawa.

Contact:

by mail – Uniwersytet Warszawski, ul. Krakowskie Przedmieście 26/28, 00-927 Warszawa, Poland (add ‘Faculty of Sociology UW, project Action for Computational Thinking in Social Sciences’);

by phone: +48 22 55 20 000,

by e-mail: actiss[at]is.uw.edu.pl  (please include ‘Faculty of Sociology UW, project Action for Computational Thinking in Social Sciences’ to your e-mail topic) 

 

II. Name and address of the data protection officer

 

The data protection officer of the person responsible is:

Data administrator: Uniwersytet Warszawski, ul. Krakowskie Przedmieście 26/28, 00-927 Warszawa.

by e-mail: iod@adm.uw.edu.pl  (please include ‘Faculty of Sociology UW, project Action for Computational Thinking in Social Sciences’ to your e-mail topic)

III. General information on the processing of personal data

 

1. Scope of processing personal data

We only process personal data of users of our website if it is necessary to provide a functional website as well as our contents and offers. At actiss-edu.eu we collect the data in order to track the numlber of visits to the website. The processing of personal data of users of our website only takes place if the processing of the data is permitted by legal regulations. The processing of personal data is geared to the objective of protecting fundamental rights and freedoms (Article 1(2) GDPR).

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.

In the processing of personal data required for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of HIIG or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6(1)(f) GDPR serves as the legal basis for processing.

3. Data erasure and retention period

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject intended it. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

 

IV. Website provision and logging

1. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the client computer.
The following data is collected:

  • the IP address of the client computer
  • information about the browser type and version used (user agent)
  • the operating system of the client computer
  • date and time of access
  • websites from which the user’s system reaches our website (referrer)
  • websites accessed by the user’s system via our website
  • status codes
  • amount of data
  • used protocols

VI. Web analytics

1. Description and scope of data processing

We use the web analytics tool Matomo to improve the quality of our website and its content.

If you have activated ‘Do Not Track’ in your browser or set the following opt-out cookie, no personal data will be collected, stored or used for usage analysis.

Otherwise we collect, store and use the following data:

  • web analytics cookie with unique ID
  • the IP address of the client (anonymized to 2 bytes)
  • information about the browser type underlying engine, version used and existing plugins
  • the operating system of the client
  • the screen resolution of the client
  • the probable country from which the access is made
  • the language set in the browser
  • date and time of access
  • websites from which the user’s system reaches our website (referrer)
  • websites accessed by the user’s system via our website

The IP address is shortened to 2 bytes directly during the collection and thus anonymized.

2. Legal basis for data processing

The legal basis for the processing of personal data for usage analysis is Art. 6 para. 1 lit. f GDPR

3. Purpose of data processing

The analytical tool is used to improve the quality of our website and its content. This tells us how the website is used and enables us to continually optimise our offering.

4. Data retention period, possibility to object and to erase

The web analytics cookie with unique ID is valid until the end of the browser session. The IP address is shortened to 2 bytes directly during the survey and thus made anonymous. This means that at the latest after the end of your browser session the data is no longer personal.

You can activate ‘Do Not Track’ in your browser or set the following opt-out cookie to prevent the collection, storage and use of personal data for usage analysis. The opt-out cookie is valid for two years.

VIII. Rights of the data subjects

If personal data relating to you are processed, you are a data subject according to the GDPR, and you have the following rights vis-à-vis the HIIG:

1. Right of access

You have the right to request information from us as to whether we process the personal data relating to you. In the case that we are, this also includes information about the data relating to you, as well as the information specified in Art. 15 para. 1 lit. a to h GDPR.

2. Right to rectification

You have the right to request that we correct any information you believe is inaccurate. You also have the right to request we complete the information you believe is incomplete.

3. Right to restriction of processing

You have the right to request us to restrict the processing of data relating to you if this request is covered by one of the reasons in Art. 18 para. 1 lit. a to d GDPR.

4. Right to erasure

You have the right to request us to delete the data relating to you, provided that this request is covered by one of the reasons in Art. 17 para. 1 lit. a to f GDPR and none of the exceptions in Art. 17 para. 3 lit. a to e GDPR applies.

5. Right to be notified

You have the right to ask us to inform you of the parties to whom we have transmitted data relating to you, unless this involves disproportionate effort on our part.

6. Right to data portability

You have the right to data transferability if data processing is carried out using automated procedures and the legal basis is Article 6(1)(b) GDPR.

7. Right to object

You have the right to object to the processing insofar as the legal basis of the processing is Art. 6 para. 1 lit. e or f GDPR.

8. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with any supervisory authority if you believe that the processing of data relating to you is illegal.

The data protection supervisory authority responsible for the HIIG is:

President of the Personal Data Protection Office