Regulations for the provision of services by electronic means

§1
Definitions

1. Service Provider – Fundacja InterMarium (the InterMarium Foundation) with its registered office in Kraków, (31-037) Kraków, ul. Starowiślna 54/14, entered in the Register of Associations, Other Social and Professional Organizations, Foundations and Independent Public Health Care Facilities, kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register (KRS), under the KRS Number: 0000738489, NIP (Tax Identification Number): 6762551641, REGON (National Business Registry Number): 380677001, e-mail: fundacja@intermarium.org.pl. 
2. Services provided by electronic means – services provided without the simultaneous physical presence of the parties (at a distance), consisting of the transmission of data at the individual request of the User, and making the following content/services available:
a. the content of the www.intermarium.org.pl website,
b. ‘USER FORUM’ services
c. ‘COMPETITION’ services
3. User – a natural person, legal person or an organizational unit without legal personality who uses the services provided by electronic means.
4. Regulations – these Regulations;
5. Electronic address: www.intermarium.org.pl.

§2
Services provided by electronic means

1. Providing access to the website.
The Service Provider provides services by electronic means consisting of enabling the display of the www.intermarium.org.pl website content and all of the subpages within this web address.
2. FORUM.
The FORUM functionality is available to registered Users by entering the username and password on the subpage at www.intermarium.org.pl/forum/. It makes it possible to read the content added by other registered Users and to post the User’s own content that other Users have access to. User registration is performed by completing the form on the subpage at: www.intermarium.org.pl/register/, for which it is necessary to provide the following data: email address, username, company/organization name.
3. Simulation Project of the Year COMPETITION
The COMPETITION service is available on the subpage at www.intermarium.org.pl/competition/. It allows to take part in the Simulation Project of the Year COMPETITION, organized by the Service Provider, and whose rules of participation are described in detail in the Regulations of the Simulation Project of the Year Competition, which can be found at www.intermarium.org.pl/regulations/. To use the Simulation Project of the Year COMPETITION service and participate in the COMPETITION, it is necessary to register the participant by providing the following data: name and surname, the “Username” (nickname) and the password.

§3
Terms of concluding and terminating agreements for the provision of services by electronic means

For the service:
1. Providing access to the website – the agreement is concluded when the content of the website is displayed, and it is terminated when the User stops displaying it.
2. FORUM – the agreement is concluded when all fields of the form are filled in and the User is registered, and in the case of a registered User, after providing the username and password and logging into the functionality. Registering/logging in requires acceptance of these Regulations. The agreement expires when the registered User’s account is deleted.
3. COMPETITION – the agreement is concluded when the participant registers to participate in the competition, which enables him/her to submit a competition entry in accordance with the rules set out in the Regulations of the Simulation Project of the Year Competition. Registering to the functionality requires acceptance of these Regulations and the Regulations of the Simulation Project of the Year Competition. The agreement expires after the Service Provider has removed the competition entry from the website, in accordance with the provisions of the Simulation Project of the Year Competition Regulations.

§4
Technical information and personal data protection

1. To use the services provided to the User by electronic means, it is necessary to be in possession of devices that allow access to the Internet, and an internet resource browser, enabling the display of websites.
2. It is possible for the User to use the services provided by electronic means if the following minimum technical requirements of the devices are met:
a. Specific software is available
• Edge with enabled ActiveX support, JavaScript and cookies, 
• Mozilla Firefox version 45 or newer with enabled Java applets, JavaScript and cookies,
• Chrome version 49 or newer with enabled Java applets, JavaScript and cookies,
b. For services explicitly mentioned, the User must have an active e-mail account.
3. The Service Provider makes every effort to protect Users’ personal data against their being obtained by third parties and their unauthorized modification. The connections during which the User’s personal data are sent are encrypted with the SSL protocol. The User’s personal data stored in the memory of the Service Provider’s servers are secured by introducing the following measures to ensure data integrity and confidentiality:
a. the data are stored on RAID (Redundant Array of Independent Disks), which is resistant to disk damage and ensures data integrity,
b. a UPS (Uninterruptible Power Supply) is used to support server operation in the event of a power failure
c. a limited number of individuals authorized by the Service Provider have access to the server and server room,
d. the latest antivirus software and software firewall are used and regularly updated
e. the database backup procedure is performed on the server.
4. Users’ personal data are processed in order to perform the Services provided by electronic means, to enable making the appointment with the Service Provider, or the contact between the Service Provider and the User via e-mail or telephone, and they are not disclosed to third parties.

§5
Terms of services provided by electronic means

1. Users are prohibited from providing the following content:
a. content that could lead to disruption of the Service Provider’s IT system,
b. content that is unlawful, incompatible with generally applicable provisions of law, including the content violating the personal rights of third parties, or violating generally accepted social norms and decency.
2. The Service Provider provides services in accordance with these Regulations.
3. The User is obliged to use the services in accordance with these Regulations and generally applicable laws.

§6
Complaint procedure

1. Complaints should be submitted in the form of an e-mail to the Service Provider’s e-mail address, or in writing, to the following address: (31-037) Kraków, ul. Starowiślna 54/14.
2. The complaint should include a description of the problem justifying the complaint.
3. Complaints shall be considered within 14 days from the date of their receipt by the Service Provider.

§ 7
Amendments to the regulations for the provision of services by electronic means

The Service Provider may amend these Regulations for important reasons. By important reasons, the Service Provider understands the circumstances arising from the following changes:
a. in the website functionality of www.intermarium.org.pl,
b. in applicable laws,
c. in the Service Provider’s business profile,
d. in the services provided.

§8
Information regarding security threats related to the use of services provided by electronic means

There are no particular dangers associated with the use of the above services and the Service Provider ensures a proper level of security of its IT systems, adequate to current security threats. However, it should be borne in mind that, despite due diligence, using the Internet involves the risk of security threats to the service User.
The threats associated with the use of services provided by electronic means should be understood as the risks associated with:
1. receiving spam (in the sense of unsolicited email received) in the event of obtaining the User’s email address by unauthorized persons.
2. exposure to the presence and operation of malware, i.e. special software that is able to infect the User’s computer system after starting it, affecting its work in an undesirable and harmful way.
3. operation of Internet worms, i.e. malicious software capable of self-duplication, and of their specific types such as e-mail worms, which send uncontrolled e-mail messages to all addresses collected on a given computer or software.
4. infection with spyware, which consists in the ability to track user activities on a given computer or on the Internet.
5. cracking, i.e. criminal behavior of third parties consisting in breaking the security in order to obtain access to the User’s computer system, or software and services used by the User, and as a result of obtaining personal and confidential information (phishing) regarding the User’s person, the data used when logging in and other data relevant to the functioning of the User on the Internet.
6. sniffing, i.e. the unauthorized operation of third parties through the use of computer software, whose task is to capture and possibly analyze user data sent via the Internet, in particular to control the User’s correspondence, websites visited, services used, etc.
7. activities related to crypto analysis of the data sent through coded connections. Crypto analysis should be understood as actions that aim to break or bypass a cryptographic system to gain access to encrypted data.
8. operation of other unwanted software that performs activities without the User’s knowledge and control, e.g. wabbit (a program that performs one operation, e.g. duplication of the file, until the computer’s memory resources are exhausted), trojan (programs hidden under a different name or part of a file that do not perform the function that the User would expect from their description), backdoor (enabling taking the control over a computer without the knowledge and will of the User and performing administrative tasks within the computer system, including deleting and saving data), exploit (a code that exploits a vulnerability in the User’s computer software, thus making it possible to gain control over it), rootkit (a tool for masking certain running programs or system processes, for example, to enable the administration of a computer system), keylogger (key loggers enabling an unauthorized person to save and read all of the User’s key presses, which may lead to obtaining the data necessary to log into the User’s services and programs), dialer (programs connecting to the network via a different access number than the one selected by the User), ransomware (ransom phishing software, e.g. forcing the User to pay a fee in exchange for decrypting data previously encrypted against the User’s will and knowledge).
9. operation of software not mentioned above, which may potentially adversely affect the User’s computer system or electronic services used by the User.
It is not possible to completely eliminate the risks associated with the use of not only the electronic services provided by the Service Provider, but also the risks associated with the use of the Internet by the User due to the continuous evolution of the existing security threats and constant occurrence of the new ones that were previously unknown. It should be emphasized that by browsing the Service Provider’s website, the User is not exposed to harmful content. It may also happen that a third party will impersonate the Service Provider, installing a website deceptively similar to our company’s one, under a very similar www address, in order to phish the data (e.g. login details, company information, or security system information, etc.).
Such risks may be minimized by the User if the following steps are taken:
1. the latest, good-quality anti-virus software ensuring an adequate level of protection or Internet Security type software, providing comprehensive protection, is installed. The software must be enabled at the highest level of security.
2. the firewall is enabled.
3. attention is paid to whether the data relevant from the User’s security point of view (e.g. login details, passwords) are sent via an encrypted connection, as well as to the website of the entity to which the User provides the data.
4. the system software is updated.
5. e-mails of unknown origin are deleted without activating their content.
6. e-mail attachments of unknown origin are not saved and not even opened.
7. during the transmission of data of particular importance to the User, the addressee to which the data are sent is strictly controlled (e.g. the correctness of the entered e-mail address); it is also ensured that the data are sent using an encrypted connection.
8. the contents of notification windows and installation applications as well as the content of licenses and other documents to which the User agrees are always carefully read.
9. a web browser with built-in filters and security measures to protect against the use of unsafe websites is always used.
10. when activating links to pages outside the www.intermarium.org.pl address – their content is carefully analyzed and the User familiarizes himself/herself with the content of notification windows and other documents for which the User’s approval is required.
11. a secure password, i.e. a string of alphanumeric characters with uppercase and lowercase letters, is used.
12. login data and passwords are secured against access by third parties.