General Data Protection Regulation (GDPR) information clause for the participants of the ENTIME Conference
Acording to Article 13(1) and (2) or Article 14(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”, we inform you about the manner and purpose for which we process your personal data, as well as your data protection rights, as follows:
- Personal data controller
The controller of your personal data is the Gdansk University of Technology. You can contact the controller of your personal data in the following way:
- by post, to the address: ul. Narutowicza 11/12, 80-233 Gdansk
- by ePuap: politechnikagdanska/SkrytkaESP
- Data protection officer
A data protection officer may be contacted by you on all matters concerning the processing of your personal data and the exercise of rights related to the processing of the data by email dpo@pg.edu.pl
- The purposes of data processing and the legal basis for the processing
The administrator processes your personal data for the purpose of:
- registration for the Conference and contact with participants as part of the organizational activities preceding the event and for providing selected materials after the event - the legal basis for the processing of personal data is the consent of the data subject (Article 6 (1) (a) of the GDPR);
The data subject has the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of the processing which was carried out on the basis of consent before its withdrawal. - maintaining security requirements during the Conference related to the list of participants - the legal basis for data processing is the necessity of processing to implement the legitimate interest of the Administrator. In this case, the Controller's legitimate interest is to ensure security during the Conference (Article 6 (1) (f) of the GDPR),
- making contact with the participants of the Conference - the legal basis for data processing is the necessity of processing for purposes arising from legitimate interests pursued by the Administrator. In this case, the Controller's legitimate interest is contact with Conference participants (Article 6 (1) (f) of the GDPR),
- keeping statistics and reports as well as archiving for the Administrator's internal needs related to the number of event participants - the legal basis for data processing is the necessity of processing for purposes resulting from legitimate interests pursued by the Administrator. The Controller's legitimate interest is to keep statistics and reports (Article 6 (1) (f) of the GDPR),
- possible agreement, investigation or defense against claims related to the organization of the Conference - the legal basis for data processing is the necessity of processing to implement the legitimate interest of the Administrator. The legitimate interest of the Administrator in this case is the possibility of establishing, investigating or defending against claims (Article 6 (1) (f) of the GDPR).
- Period of personal data storage
Personal data will be stored for 24 months from the end of the Conference or until you submit your request:
- for their removal, withdrawal of consent to the processing of personal data, processing
restrictions, objection to their processing or their transfer,
- in order to establish an investigation or defense against claims - until the claims are time-barred in accordance with generally applicable provisions of Polish law;
- until the legally justified interest of the Administrator is realized,
- until the obligation to store personal data resulting from the generally applicable provisions of Polish law expires.
- Data Recipients
We may share your data with entities rendering postal or courier services, public authorities or entities that are entitled to obtain personal data on the basis of applicable law as well as other entities cooperating with us, to the extent necessary and for the purpose compliant with the performance of the contract.
- Rights related to processing of personal data
You have the following rights related to the processing of your personal data:
- the right to access your personal data;
- the right to demand rectification of inaccurate personal data and supplementation of incomplete personal data;
- the right to demand deletion of your personal data. data; This right does not apply, in particular, if the processing of the data is necessary to fulfill a legal obligation requiring such processing under the applicable law or to perform a public task;
- the right to request limitation of your personal data processing;
- the right to object to the processing of your personal data, due to your specific situation, in cases when we process your data due to our legitimate interest, including direct marketing or performance of a public task. NOTE: as regards processing for direct marketing purposes, you may object at any time regardless of your specific situation;
- the right to transfer your personal data, i.e. the right to receive personal data from us, in a structured, commonly used, machine-readable format. You may transfer this data to another data controller or request that we transfer your data to another data controller. However, we will only do so if such transfer is technically possible. You have the right to transfer your personal data only in respect to the data which we process automatically, i.e. in electronic form, on the basis of an agreement with you or on the basis of your consent;
- the right to lodge a complaint to the supervisory authority dealing with personal data protection, i.e. the President of the Personal Data Protection Office [Prezes Urzędu Ochrony Danych Osobowych];
- Transfer of personal data outside the European Economic Area (EEA)
Your personal data will not be processed outside the EEA.
- Profiling and automatic processing
Your data will not be profiled.