Privacy policy

In connection with the entry into force of new regulations related to the processing of personal data – Regulation (UE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – (GDPR); please read the following privacy policy regarding personal data processing at www.intermarium.org.pl website.

  1. The Controller of Personal Data

The controller of personal data provided through our website is: Fundacja InterMarium (the InterMarium Foundation) with its registered office in Kraków, (31-037) Kraków, ul. Starowiślna 54/14, entered in the Register of Associations, Other Social and Professional Organizations, Foundations and Independent Public Health Care Facilities, kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register (KRS), under the KRS Number: 0000738489, NIP (Tax Identification Number): 6762551641, REGON (National Business Registry Number): 380677001, telephone number: + 48 796 662 770, e-mail: fundacja@intermarium.org.pl.

  1. Personal Data

According to the GDPR, personal data means any information relating to an identified or identifiable natural person. As part of the website, we collect such data in Cookies. The controller of personal data may also collect Users’ IP addresses.

As part of the FORUM functionality, we collect the following data: name, e-mail address, company/organization name.

As part of the Simulation Project of the Year COMPETITION service, we collect personal data in the following form(s): name, e-mail address, company/organization name, phone number.

Providing us with your personal data through the website is not a condition provided for in the GDPR and is completely voluntary. If you do not choose to share the information contained in Cookies, you will prevent us from generating the website traffic statistics. Moreover, if you do not provide an email address and company/organization name, you will not be able to use the FORUM functionality. Failure to provide the following information: name, e-mail address, company/organization name, phone number will prevent you from registering and participating in the Simulation Project of the Year COMPETITION service.

  1. Why and upon what legal basis your personal data is processed

First and foremost, we process your personal data for statistical purposes, using the Google Analytics tool, which helps us to understand how you use our website. Such statistics allow us to modernize the structure of the website and its content. In addition, the information contained in Cookies makes it possible to recognize the device you are using, so we know how many users return to our website.

We use the provided name, email address, company/organization name to register a new User and enable him/her to use the FORUM functionality.

Personal data provided by the User as part of the Simulation Project of the Year COMPETITION functionality is used to enable the User to participate in the competition, consider the competition entry sent by the User, contact the User, and award the User the prize indicated in the regulations of the COMPETITION.

We process your personal data only in compliance with the provisions indicated in the GDPR. The data processing that is performed as part of using our website is primarily based on two of them:

  1. If the processing is necessary for the purposes of the legitimate interests pursued by the controller [Article 6 (1)(f) of the GDPR]

Our content can only be well-received if it can be tailored to your individual interests and needs. This makes the website more attractive. To achieve this end, however, we must be able to process personal data for statistical purposes. The legal basis cited above gives us such opportunities.

  1. If the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject [Article 6 (1)(b) of the GDPR]

If you provide us with your name, e-mail address and telephone number as part of the Contact Form, then for the sake of its proper functioning, we save the data in our database – since, we must be able to send you an answer. If you make your personal data available as part of the Webinar functionality, we store the disclosed data in our database for the purpose of being able to give you software presentations during an appointed meeting. If you provide us with your personal data to download a free version of the software from the website, we process your data to make the software available to you.

  1. Who do we disclose your personal data to?

Your personal data may be disclosed to government authorities or other entities entitled by law, to entities servicing our IT systems, to entities providing us with legal, auditing, advisory, accounting, and hosting services, as well as to our co-workers and associates, entities cooperating with us, in particular InterMarium sp. z o.o. with a registered office in Kraków.

Personal data collected as part of our website are transferred to the Google Analytics tool operator – Google LLC, with the headquarters in Mountain View, the United States of America.

  1. Cookies

Cookies are nothing more than a small piece of text saved in files that are used by an internet browser and then saved on your devices. Inasmuch, Cookies contain unique device identification data and statistical data regarding your activities on our website.

Thanks to the information contained in Cookies, we can also generate and compile our website statistics, thus gaining information on the number of users visiting our website and establishing what products in the Online Store are the most popular. For statistical purposes (generating statistics), automated processing of personal data takes place as part of the Google Analytics tool. In terms of the automated processing of personal data, the controller does not make any decisions regarding a natural person.

The data contained in Cookies do not allow direct identification of a natural person. They only allow us to identify the device on which the data were saved.

If you do not want any Cookies to be saved on your device, you can change it in your web browser settings. It is also possible to delete all data saved in the form of Cookies.

  1. The IP Address

The IP address is the number assigned to the computer of the visitor of the website by the Internet service provider. The IP number allows access to the Internet. In most cases, it is assigned to your computer dynamically, i.e. it changes every time you connect to the Internet. The IP address is used by the personal data controller for statistical purposes (to generate and analyze statistics e.g. determining from which regions of the world the most visits to the website are recorded), as information useful in administering and improving the website, as well as for security purposes and possible identification of server-consuming, unwanted automatic programs for browsing the website content.

  1. The Rights of the Data Subject

The GDPR also redefines your rights regarding the processing of personal data.

  1. Right of access by the data subject.

At your request, we will provide information as to whether we process your personal data. We are also obliged, on a separate request, to provide more detailed information regarding: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the period for which the personal data will be stored or the criteria used to determine that period, when the personal data are not collected from the data subject – any available information as to their source, the existence of automated decision-making as well as the significance and the envisaged consequences of such processing for the data subject. When your personal data are transferred to a third country, you shall be informed of the appropriate safeguards relating to the transfer.

  1. Right to request a copy of the processed personal data.

At your request, a copy of your personal data will be provided. It will be made available in the standard IT file format. The first copy will be provided free of charge. However, for each subsequent copy of your personal data we may charge a fee, which we will be determined based on the provisions of the GDPR.

  1. Right to rectification and erasure (‘right to be forgotten’) of the processed personal data.

In case of any inaccuracies in your personal data, we shall rectify them. We will do it on our own initiative – or, if you notify us – at your request. If you do not wish your personal data to be processed, we shall remove your data from our databases. However, please remember that erasing your personal data may result in the inability to provide services such as a Customer Account. Despite your request to erase data, we will still be able to process some of your personal data on the principles set out in the GDPR.

  1. Right to restriction of personal data processing.

In the cases provided for in the GDPR, we will restrict the processing of your personal data at your request. To put it simply, the restriction of personal data processing prevents their use, with the exception of storage. In such case, any other activities requiring the use of the personal data that are subject to processing restriction may only be carried out with your consent.

  1. Right to personal data portability.

Under the terms of the GDPR, you can request to receive your personal data, which you have provided to us, in a structured, commonly used machine-readable file format. If you wish to transmit your personal data to another controller, we shall undertake to send the file containing your personal data directly to that controller.

  1. Right to object to the processing of personal data.

In some cases, even if we process your personal data lawfully without your consent, you can request us to stop processing your personal data by raising an objection. However, you should be able to prove that our lawful and legitimate activities nevertheless violate the overriding interests, rights or freedoms of the data subject.

  1. Right to lodge a complaint with the relevant Data Protection Authority.

In connection with the entry into force of the GDPR and the adaptation of Polish law to the new legal reality, the President of the Personal Data Protection Office is the supervising body ensuring that your rights regarding personal data processing are respected. If you believe that as a result of our activities related to the processing of your personal data your rights have been infringed or the law has been violated, you can lodge a complaint with the President of the Personal Data Protection Office.

  1. The period for which the personal data will be stored.

The envisaged period of storage of personal data varies depending on the purpose for which the data is used.

If your personal data is processed:

  • To provide the following services: FORUM and Simulation Project of the Year COMPETITION – until the termination of the agreements binding us in this regard, i.e. after you cease to use the FORUM service, the COMPETITION is over (in accordance with the Competition Regulations). In some cases, however, your personal data may be processed for up to 10 years from the date of termination of the services – if it is justified to protect us against your claims. However, this period shall never exceed the time required for the limitation of claims.
  • Personal data processed for the purposes of the legitimate interests pursued by the controller shall be processed until a reasoned objection is submitted.
  1. Transfer of personal data to a third country.

In connection with the use of the Google Analytics statistical tool, we share the statistics on visits to our website with Google LLC, with the headquarters in Mountain View, California, USA. The exchange of personal data between the EU and the US takes place on the basis of the so-called Privacy Shield – that is, the agreement between the US and the European Commission, which states that the US ensures an adequate level of protection of personal data. Google LLC is on the list of entities in the US that process personal data in accordance with the requirements of the Privacy Shield, and thus the transmission of such data to this entity is secure.