PRIVACY POLICY AND COOKIE POLICY

Legal basis:

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016 (OJ EU L No. 119, p. 1), – Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018, item 1000, as amended),

– Telecommunications Law of 16 July 2004 (Journal of Laws No. 171, item 1800 (Journal of Laws of 2018, item 1000, as amended).

 

WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

The joint controllers of personal data are:

1. Andrzej Frycz Modrzewski University in Krakow, with its registered office in Krakow (30-705) at ul. Gustawa Herlinga-Grudzińskiego 1, e-mail address: iodo@uafm.edu.pl,

2. VIZJA University with its registered office in Warsaw (01-043) at ul. Okopowa 59, e-mail address: zgloszenia@vizja.pl,

3. VIZJA University Scientific Federation with its registered office in Warsaw (01 – 043) at ul. Okopowa 59, e-mail address: federacja@vizja.pl, which comprises the above-mentioned entities, hereinafter referred to as ‘Administrators’.

 

WHAT ARE THE PURPOSES, LEGAL BASIS AND TIME FRAME FOR PROCESSING YOUR PERSONAL DATA?

Provision of educational services and data archiving after the service has been provided

For the purposes of providing educational services, taking the necessary steps prior to concluding a contract, performing the contract and archiving data after the service has been provided, we will process your data on the basis of the concluded contract or the Act of 20 July 2018 on Higher Education and Science, for a period of:

– 50 years in accordance with paragraph 15(12)(4) of the Regulation of the Minister of Science and Higher Education of 27 September 2018 on studies,

– 25 years if the documentation concerns postgraduate studies,

– the period resulting from the applicable law in the case of other educational services (e.g. training),

– 6 months from the end of the recruitment process if you do not enrol in our studies.

Remote teaching, diploma examinations, credits, verification of learning outcomes carried out remotely

As a university, we can conduct classes using distance learning methods and techniques. The legal basis for processing your data is Article 12(1) of the Regulation of the Minister of Science and Higher Education of 27 September 2018 on studies. We may also organise the verification of learning outcomes specified in the study programme, in particular, conduct credits and final examinations for specific classes, outside the university or its branch, using electronic means of communication. In the case of diploma examinations conducted outside the university or its branch using electronic means of communication, these means must ensure, in particular, the real-time transmission of the diploma examination between its participants and real-time multilateral communication. The legal basis for the processing of your data is Article 76a(1) of the Act of 20 July 2018 on Higher Education and Science. Personal data processed during the transmission will be processed only for the duration of the task.

Library

If you use the library’s resources and the reading room, your personal data will be processed in order to enable you to use its collections, use the library’s IT system operating at the university, and in order for us to fulfil our obligations under the Act of 27 June 1997 on libraries and the Act of 20 July 2018 – Law on Higher Education and Science. The basis for the processing of your personal data is Article 6(1)(b) and (c) of the GDPR, Article 6(1)(a) of the GDPR if applicable.

Assistance for persons with disabilities

In connection with the implementation of processes aimed at providing assistance by the Office for Persons with Disabilities (hereinafter referred to as ‘BON’) and creating conditions for persons with disabilities to fully participate in the process of admission to the university for the purpose of education, training and scientific activity. The documentation you submit will be the basis for using all forms of support that BON offers to students with disabilities and health difficulties. If you use the support provided by the university, the processing of your personal data is necessary to fulfil the legal obligations (Article 6(1)(c) of the GDPR) incumbent on the university in connection with the performance of tasks specified, inter alia, in the Act of 20 July 2018 Law on Higher Education and Science and the executive acts issued on its basis.

Processing of personal data in the video surveillance system

As part of our tasks related to ensuring the safety of persons staying on the university premises and in order to secure property, as well as to establish, investigate or defend claims in court, administrative or other extrajudicial proceedings, we conduct video surveillance. The legal basis for the processing of data recorded as part of the monitoring is our legitimate interest (Article 6(1)(f) of the GDPR). CCTV recordings are stored for no longer than one month from the date of recording, unless the recording is necessary to establish or document events for the purposes for which the monitoring is carried out, in which case the processing period will be extended until these tasks are completed.

Image

We process your image on the basis of your consent (Article 6(1)(a) of the GDPR) for the purpose of promoting the activities carried out by the Controller. This data may be made available in the form of photographs posted on the university’s websites and on social media. Your data in the form of an image will be processed until you withdraw your consent.

Marketing purposes

For marketing purposes, we will process your data on the basis of your consent for 5 years from 1 January of the year following the date of consent. With your consent, we will be able to send you information about our offer, events organised by us and promotions we have prepared for you.

Newsletter

In the scope of the Newsletter service, your data is processed to the extent necessary for the proper performance of this service. The legal basis for the processing of your data is Article 6.1.b of the GDPR. Providing personal data is voluntary, but necessary to subscribe to and use the Newsletter service. Failure to provide data will result in the inability to use the service. Your data will be processed for the duration of the service until you unsubscribe, in accordance with the terms and conditions of the Newsletter service.

Social media

In terms of our activities on social media, we will process your data for the following purposes:
– maintaining our profile/channel on social media, under the terms and conditions specified by them, and informing you through them about our activities, events organised by us, and products and services offered;
– contacting you;
– analysing the functioning, popularity and use of our profile/channel;
– sending you commercial information, including invitations to events organised by us, via the profile/channel functionality.

The legal basis for processing your data for the above purposes is our legitimate interest, which consists in promoting our activities, expanding our group of supporters and responding to your questions. We process personal data for the duration of your activity related to the profile/channel, and then for a maximum period until your account is deleted or you are removed from the profile/channel.

Graduate tracking

For the purposes of graduate tracking, we will process your data on the basis of your consent for 5 years from 1 January of the year following the date of graduation. This consent allows us to find out whether you are satisfied with our studies and how completing them has affected your career. Based on this data, we can develop our offer and modernise our educational programmes.

Claims and defence against them

In addition, we will also process your data for the purpose of establishing claims, defending against them and pursuing them, which is our legitimate interest. We process this data until the expiry of any claims specified by law.

 

WHAT ARE YOUR RIGHTS IN RELATION TO THE PROCESSING OF
YOUR PERSONAL DATA BY THE VIZJA UNIVERSITY SCIENTIFIC FEDERATION?

You have the right to:

    1. access your data,
    2. rectify your data,
    3. erase your data if:
      • you withdraw your consent to the processing of your personal data,
      • your personal data is no longer necessary for the purposes for which it was collected or processed,
      • you object to the use of your data for marketing purposes,
      • your personal data is being processed unlawfully,
    4. to restrict the processing of your data,
    5. to object to the processing of your data,
    6. to transfer your data,
    7. to withdraw your consent at any time. Withdrawing your consent does not affect the processing of your data by us prior to its withdrawal.

You also have the right to lodge a complaint with the supervisory authority (PUODO) if you believe that the processing of your personal data violates applicable law.
Providing personal data for marketing purposes is voluntary.

 

WHO IS THE RECIPIENT OF YOUR PERSONAL DATA?

The recipients of your personal data are authorised employees and associates of the Data Controller.

 

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

As a university, we use the services of companies on a daily basis to provide you with the highest standard of service. Your personal data may be transferred to them for processing on our behalf. This is most often the case when working with a specific service provider (e.g. a data storage provider, a provider of tools used in remote teaching) or a subcontractor (e.g. a marketing agency). In such a situation, the transfer of data does not entitle other entities to process it at will, but only to use it for the purposes expressly indicated by us. In no case does the transfer of data release us, as the personal data controller, from our responsibility for its processing. Your data may also be transferred to public authorities, but only when authorised to do so by applicable law.

In connection with our use of social media, your personal data may be transferred to the owners of websites such as Facebook, YouTube, Instagram, as well as to marketing agencies that provide services to us.

Your data will be transferred for processing to data recipients, in particular to entities cooperating with the Personal Data Controller. By entities cooperating with the Personal Data Controller, we mean entities indirectly or directly related to the Personal Data Controller, in particular those with capital ties.

The Controller’s suppliers are mainly based in Poland and other countries of the European Economic Area (EEA). Some of the suppliers are based outside the EEA. In connection with the transfer of user data outside the EEA, the Data Controller has ensured that the suppliers guarantee a high level of personal data protection. Due to our use of Microsoft Office 365 tools, your personal data may be transferred outside the EEA, including to the USA.

 

COOKIE POLICY

The following Policy applies to cookies and refers to websites operated by VIZJA University Scientific Federation with its registered office in Warsaw (01-043) at ul. Okopowa 59, e-mail address: federacja@vizja.pl (hereinafter referred to as the ‘Federation’).

What are cookies?

Cookies are IT data, in particular text files, stored on users’ end devices, intended for use on websites. These files allow the user’s device to be recognised and the website to be displayed accordingly, tailored to their individual preferences. Cookies usually contain the name of the website they come from, the time they are stored on the end device and a unique number.

What do we use cookies for?

We use cookies to:

– adapt the content of the Website to the user’s preferences and optimise the use of websites; in particular, these files allow us to recognise the Website user’s device and display the website accordingly, tailored to their individual needs

– create statistics that help us understand how Website users use the websites, which allows us to improve their structure and content – maintain the Website user’s session (after logging in), thanks to which the user does not have to re-enter their login and password on every subpage of the Website.

What cookies do we use?

Two basic types of cookies are used on websites: session cookies and persistent cookies. Session cookies are temporary files that are stored on the user’s end device until they log out, leave the website or close the software (web browser). Persistent cookies are stored on the user’s end device for the time specified in the cookie parameters or until they are deleted by the user.

The following types of cookies are used on websites:

– ‘necessary’ cookies, enabling the use of services available on websites, e.g. authentication cookies used for services that require authentication on websites,

– cookies used to ensure security, e.g. used to detect authentication abuse on the websites,

– ‘performance’ cookies, enabling the collection of information on how the websites are used,

– ‘functional’ cookies, enabling the ‘remembering’ of settings selected by the user and personalisation of the user interface, e.g. in terms of the selected language or region from which the user comes, font size, website appearance, etc. – ‘advertising’ cookies, which enable the delivery of advertising content to users that is more tailored to their interests,

– ‘analytical’ web analytics cookies enable us to better understand how users interact with website content in order to better organise the layout of our website. They collect information about how visitors use our website, the type of website from which users were redirected, and the number of visits and time spent by users on this website. This information does not record specific personal data about the user, but is used to compile statistics on website usage in aggregate form. For this purpose, we use Google Analytics.

Cookies from independent companies located on the Operator’s websites:

Google Analytics – website analysis cookies collect information about how visitors use our website, the type of website from which users were redirected, and the number of visits and time spent on this website. This information does not record specific personal data of the user, but is used to compile statistics on the use of the website in an aggregated form.

YouTube – videos and links to videos from YouTube have been posted on the websites operated by the Operator. As a result, when viewing a page with embedded content from YouTube or provided under links, the user may encounter cookies from these services. More information: youtube.com

Adobe Flash Player – the website uses Flash animations. Flash Player software uses local shared objects or Flash cookies to enable the user to use features such as automatic restoration or saving user preferences. Flash cookies are stored on the user’s device in the same way as regular cookies, but are managed differently from within the browser. More information: www.adobe.com

Do cookies contain personal data?

Personal data collected using cookies may only be collected for the purpose of performing specific functions for the user. Such data is encrypted in a way that prevents unauthorised access.

Deleting cookies

By default, web browsing software allows cookies to be placed on the end device. These settings can be changed to block the automatic handling of cookies in the web browser settings or to inform the user each time they are sent to the user’s device. Detailed information about the possibilities and methods of handling cookies is available in the software (web browser) settings.
Internet Explorer
FireFox
Opera
Chrome
Restricting the use of cookies may affect some of the functionalities available on the website.

What security measures does the VIZJA University Scientific Federation use?

Our websites are equipped with security measures designed to protect the data under our control from loss, misuse or modification. We are committed to protecting all information disclosed to us by our customers in accordance with security and confidentiality standards.

The VIZJA University Scientific Federation offers users the option to opt out of receiving advertising materials and newsletters, provides users with the option to remove their information from databases, and allows them to stop receiving information sent by e-mail.