Personal data processing
To whom it may concern:
On 25th May 2018 the Personal Data Protection Act from 10th May 2018 (Dz.U. 2018 poz. 1000) came into force. The act regulates the rules regarding the personal data protection according to the European Union Parliament and Council Directive from 27th April 2016 no 2016/679 (GDPR).
What does GDPR mean?
Who is the controller of Your personal data?
- Your personal data is now better protected.
- You gain a greater influence on how Your personal data is being processed.
Your personal data controller is INSTITUTE OF PLANT PROTECTION NATIONAL RESEARCH INSTITUTE, based in Poznań 60-318, ul. Władysława Węgorka 20, KRS 0000080209
How can You contact us regarding Your personal data?
You can contact the data controller via traditional post: INSTYTUT OCHRONY ROŚLIN PIB ul. Władysława Węgorka 20, 60-318 Poznań or via email: firstname.lastname@example.org
How do we protect Your data?
We take all the necessary measures, to keep all the assets whether physical or organisational safe from any kind of intentional or unintentional damage loss, change or unlawful disclosure, use or publication in accordance with all applicable regulations.
We have appointed a Data Protection Officer that can be contacted on: email@example.com
What are Your rights regarding the data that we process?
You are entitled to:
What is Your data legal status?
- demand the Controller to access to Your personal data and to obtain a portable copy of it
- demand the Controller to rectification (correction) of Your personal data
- demand the Controller to erase Your personal data in a situation where the processing does not take place in order to fulfill the obligation resulting from the provision of law,
- demand the Controller to limit the data processing
- object to the processing of Your personal data,
- transfer Your personal data,
- lodge a complaint with the President of the Office for the Protection of Personal Data if the GDPR irregularity (contact details are provided on the office's website www.uodo.gov.pl).
Your personal data is processed because at least one of the following conditions, according to art. 6.1 GDPR, was met:
What is the aim of Your personal data processing?
- You have expressed Your consent to the processing of Your personal data for at least one specific aim;
- the processing is necessary to fulfill contractual obligations or for tasks at Your request;
- the processing is necessary to comply with the data Controller's legal obligations;
- the processing is necessary to protect Your vital interests;
- the processing is necessary to perform a task carried out in the public interest or in the exercise of public authority entrusted to the Controller;
- the processing is necessary for purposes arising from legitimate interests pursued by the Controller or by a third party.
We process your personal data for:
Who may access Your personal data?
- making reservations for the 59th Scientific Session,
- registering participants and managing service requests related to the 59th Scientific Session,
- organizng and implementing the 59th Scientific Session,
- promoting implementation of the administrator's goals through the dissemination of photos and film materials on the administrator's website and on social media (with consent only),
- disseminating information about future conferences and training events (with consent only),
- handling potential claims.
Your personal data is only available to the units that need it to deliver You and guarantee the best quality services or products. The data is processed only based on the contract and is done on our request. We never give access to data to any external units for their own purposes- solely to perform services and to provide products. All the business partners that process data guarantee personal data protection and comply with the regulations.
What are the rules of transfering the data outside the European Economic Area?
Whenever there is a legitimate interest to do so, Your data may be transferred to a third-party units, i.e. outside European Economic Area or international organisations. We are allowed to transfer the data to the third-party areas as long as they guarantee the data protection at least on the same level as the Polish one.
How long is the personal data stored?
We have no intention to store Your personal data longer than it is necessary, that is, it is kept long as it is required to complete the agreed services. In case of a contract - it is as long as the tax expiration period. In case of a consent - as long as it is either withdrawn, limited or as long as it is required by the business.
Video surveillance (CCTV)
Your image may be recorded and stored. You are informed about the CCTV being used by the GDPR notices and the video camera pictograms. We also made a proper statement on www.ior.poznan.pl. CCTV .The materials processing is aimed at security and order as well as for crime prevention and as a proof of some unwelcome or prohibited activities having taken place within the Institute premisses based on art. 6. 1. e) GDPR . Some entities that provide the Administrator security services are legally authorized to obtain the data. The recorded material is stored no longer than 4 weeks. The data processing period may be prolonged in specific cases whenever it is required either for compensation claims on the side of the administrator or to defend against such claims.