Definitions

1. The following terms shall be interpreted in the Startup City Zabrze Privacy Policy and cookies in accordance with the meaning assigned to them in this section of the Policy:

1.1 Administrator – the administrator of personal data described in the document is the Mayor of the City of Zabrze, Powstańców Śląskich Street 5-7, 41-800 Zabrze.

1.2. GDPR – Regulation 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation);

1.3 Policy – Startup City Zabrze Privacy Policy and Cookies ;

1.4 Personal data – all information about an individual identified or identifiable by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity, including the IP of the device, location data, internet identifier and information collected through cookies and other similar technology;

1.5 Processing of personal data – All operations or sets of operations which are performed upon personal data or sets of personal data, whether or not by automatic means (in particular, collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction);

1.6 Website – the website maintained by the Administrator at https://www.startupzabrze.pl.

1.7 Website Service or Website Services – any Internet service run by the Administrator;

1.8 User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.

Rules on the handling of personal data

1. In connection with the use by the User of digitally provided services on the Website, which require processing of User’s personal data, the Administrator collects data only to the extent necessary for the proper provision of selected services. Moreover, it is also possible for the Administrator to collect additional information on User’s activity in the Website. Below are the rules of personal data processing, which the Administrator follows in order to process personal data safely and in accordance with the data processing law in the cases included in the Policy.

2. The Mayor of Zabrze respects the privacy of the individuals visiting the websites she administers and makes every effort to ensure that the processing of personal data and other information about the User’s activity is in accordance with the law, in particular with the requirements of the following legal acts:

1) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union .L 2016 No. 119, p. 1 as amended), hereinafter referred to as “GDPR”,

2) the Act of 10th May 2018 on personal data protection, i.e. Journal of Laws of 2019, item 1781,

3) the Act of 18th July 2002 on the provision of electronic services, i.e. Journal of Laws of 2020, item 344,

4) the Act of 16th July 2004. Telecommunication Law, i.e. Journal of Laws of 2019, item 2460 as amended.

3. The data Administrator shall apply appropriate technical and organizational measures to secure the processing of personal data, in particular to secure the use of the Website by means of a link encrypted with SSL protocol, but also to adequately secure the premises and places of data collection, the system of access control to the processing areas, as well as the use of dedicated procedures for handling data.

General information on the processing of personal data

1. The Mayor of the City of Zabrze provides information on the processing of personal data in the course of providing digital services, including in particular within the framework of contacts through a contact form, newsletter or processing of personal data within the use of the Website.

1.1 Who is the administrator of your personal data?
1.1.1. The Administrator of your personal data is the Mayor of the City of Zabrze, whose seat is located in the Municipal Office in Zabrze, 41-800, at Powstańców Śląskich Street No. 5-7.

1.2 How to contact with regard to personal data processing?

1.2.1. You may contact the Administrator in matters related to personal data protection in the following way:

at the e-mail address: umz@um.zabrze.pl,

at the phone number: 032 373 33 00,

in writing to the address: Municipal Office in Zabrze, 41-800, Powstańców Śląskich Street No. 5-7 with a note “Personal Data Protection”.

1.2.2. The Mayor of the City of Zabrze has appointed a Data Protection Inspector, with whom you may freely contact in connection with the processing of your personal data undertaken by the Administrator.

1.2.3 The contact with the Data Protection Inspector is possible via e-mail: iod@um.zabrze.pl.

1.3 Are you obliged to provide personal data?

1.3.1. Providing personal data is voluntary, however, it is necessary to use the website as well as to conduct correspondence. In case of refusal to provide it, the Administrator will not be able to perform the above mentioned activities.

1.4 To whom, as a rule, can we provide or give your personal data?
span style=”color: #00000a;”>1.4.1. If it is necessary, your data may be made available by the Administrator to processing entities providing certain services, such as hosting services, IT services or Stratup Officer.
1.4.2. In some cases, external entities providing services on behalf of the Administrator may act as independent administrators, e.g. telecommunication networks, Polish post or other postal operators, including courier companies.
1.4.3. Your personal data may also be made available to entities which will be entitled to receive them under the law – e.g. government services, public administration bodies, courts and prosecutors’ offices, court bailiffs, state and local government organisational units, proceeding parties and other entities – to the extent necessary for those entities to perform public tasks.
1.5 How long will we process your personal data?

1.5.1. Your personal data will be processed for the period necessary to achieve the purposes for which they were collected and taking into account the nature of the processing undertaken. In any case, personal data shall not be processed for less than 6 years from the end of the activity which was connected with the acquisition of personal data due to the need to defend against possible claims by the Administrator (term in accordance with art. 118 in connection with art. 120 § 1 of the Civil Code Act of 23 April 1964).

1.6 Do we process your personal data automatically (including through profiling) in a way that affects your rights?

1.6.1. Your personal data will not be processed automatically (including through profiling).

2. In connection with the processing of personal data, you also have a number of rights which have been described by the Administrator in a separate chapter of the Policy in order to ensure the greatest possible transparency and detail of their communication.

Detailed information on the processing of personal data

1. With regard to each of the services provided within the framework of Startup City Zabrze, some of the information provided by the Administrator in the scope of personal data processing may have different regulations (e.g. processing may take place on the basis of other legal grounds), therefore, the Administrator, in order to ensure the highest quality of the information provided on the processing of personal data, presented them taking into account the division of specific services.

Contact form

2. Detailed information on the processing of personal data in the service – contact forms:
2.1 On what basis and for what purpose do we process your personal data?

2.1.1. Art. 6(1)(a) of the GDPR, by providing us with your data in the contact form, we treat your behaviour as a clear action confirming that you consent to the processing of the data you have given us for the purposes necessary to deal with the matter with which you are addressing us and to undertake further possible cooperation.

2.1.2. At the same time we would like to inform you that as part of the implementation of the Startup City Zabrze program we expect to provide us with only the necessary data. Therefore, you should not provide information of a wider nature. In case the forms sent will contain information inadequate to the purpose, they will not be used.

2.2 As part of this service, do we store personal data for a predetermined period of time?

2.2.1. Your data will be stored until your consent to the processing is withdrawn or the purpose of the processing ceases.

2.3. Do we transfer your personal data to another entity as part of this service?

2.3.1. Your data may be made available to recipients who are processing entities, i.e. providing services on the order of the City of Zabrze, in particular with regard to IT services, which we include: Jaco.Pro in Katowice, Mom Studio Sp. z o.o. in Katowice, Freshmail Sp. z o.o. in Cracow, Nazwa.pl S.A.

in Kraków. The entity providing services within the OTAGO Integrated Municipal Management System, in which your personal data is processed, is Asseco Data Systems S.A. seated in Gdynia. If required, your data may be made available to the Startup Officer in Zabrze, members of the Startup Ecosystem Board at the Mayor of the City of Zabrze, partners of the Startup City Zabrze Program and Medtech Meetups, Municipal Organizational Units in Zabrze and commercial law companies with the participation of the City of Zabrze involved in the implementation of the Strategy, as well as stakeholders of the Startup City Zabrze development ecosystem.

2.4. Can your personal data be transferred to third countries?

2.4.1. Your data will not be transferred to third countries.

Newsletter

3. Detailed information on the processing of personal data in the service – newsletter:

3.1 On what basis and for what purpose do we process your personal data?

3.1.1. art. 6(1)(a) of the GDPR, i.e. the processing is carried out on the basis of the consent given by the User in order to receive from the Administrator the information, news and marketing of the tasks and services carried out within Startup City Zabrze.

3.2 As part of this service, do we store personal data for a predetermined time?

3.2.1. Your data will be stored until your consent to the processing is withdrawn or the purpose of the processing ceases.

3.3. Do we transfer your personal data to another entity as part of this service?

3.3.1. Your data may be made available to recipients who are processing entities, i.e. providing services on the order of the City of Zabrze, in particular in the field of IT and marketing services.

3.4. Can your personal data be transferred to third countries?

3.4.1. Your data will not be transferred to third countries.

3.5 Possibility of cancellation of the newsletter subscription:

3.5.1. You can cancel your subscription by clicking on the link available in the correspondence addressed to you as a part of the newsletter and confirming the cancellation of your subscription there.

3.5.2 You may also unsubscribe by notifying us in the correspondence addressed to us as set out on the website.

4. In connection with the processing of personal data, you also have a number of rights which have been described by the Administrator in a separate chapter of the Policy in order to ensure the greatest possible transparency and detail of their communication.

Rights of the data subjects

1. You have the following rights with regard to the processing of your personal data in relation to the application of the GDPR:

Right of access to data

2. It shall take into account the possibility for the data subject to obtain information from the Administrator as to whether and to what extent his or her personal data are processed. Additionally, a person requesting the exercise of this right may request the administrator to obtain access to the data and, if necessary, to obtain a copy. Such a copy should be issued free of charge. In case of further such requests, a reasonable fee may be charged to the applicant, resulting among others from administrative costs.

Right of rectification

3. If the personal data processed by the administrator are incorrect or incomplete, the data subject may ask the administrator to correct them.

Right to delete data

4. Often referred to as the ‘right to be forgotten’. Under the terms and in the cases provided for by law, where possible, the person whose data are being processed has the right to request their deletion. However, it should be remembered that this request may not always be fulfilled, e.g. when there is a legal obligation for the administrator to process the data for a certain period of time.

Right to limit the processing

5. The GDPR also provides for the possibility to request, in certain circumstances, a limitation of the processing carried out by the administrator, in particular in cases where the processing is unlawful, where the person contests the accuracy of the data, or where the purposes of the processing by the administrator are exhausted and the data subject still needs them (e.g. to defend claims).

Right to object the processing

6. The data subject shall have the right to object the processing of personal data in situations where the processing is carried out on the basis of the grounds of Article 6 (1) (e) and (f), respectively in connection with the performance of tasks in the exercise of official authority or public interest and in the exercise of the legal interest of the data administrator. This is an essential right of data subjects to object the processing in situations where there is an imbalance between the parties of the processing.

Right to transfer personal data

7. It only applies where the processing is based on the consent of the data subject (Article 6(1)(a) of the GDPR) and at the same time the processing is automated. A person may then demand that the administrator provides him/her with a complete set of collected data about him/her in a structured, commonly used machine-readable format, and additionally that his/her personal data is sent by the administrator directly to another administrator, if technically possible.

Complaint to the supervisory authority

8. The data subject shall always have the right to lodge a complaint to the supervisory authority, i.e. to the President of the Personal Data Office, Stawki 2, 00-193 Warsaw.

Withdrawal of consent

9. Where processing is based on the data subject’s consent, the data subject has the right to withdraw that consent at any time. Importantly, withdrawal of consent will not affect the lawfulness of processing before withdrawal of consent.

Exercise of rights

10. Not all your demands will always be met. The extent of your rights depends primarily on the legal prerequisites for the processing of your data, e.g.: in some cases we will not be able to exercise the right to delete your data.

Information on the use of cookies

1. Cookies are small text files installed on the User’s device when browsing the Web Services.
2. Cookies are useful, and in some situations necessary, a tool for the Administrator in order to, among other things, ensure proper functioning of the website, proper configuration and security of the website, monitoring the status of the session or analysis, statistics, research and audit of the website display.
3. As a rule, the Administrator uses two types of cookies – “session” and “permanent”. First of them are temporary files, which remain on the User’s device until logging out of the website or turning off the software (web browser). “Permanent” files remain on the User’s device for the time specified in the parameters of cookie files or until they are manually deleted by the User.

4. More information about what are cookies can be found under the following links:

4.1 Polish language: http://wszystkoociasteczkach.pl/

4.2 English: https://www.aboutcookies.org/

5. Remember that you can manage your own cookies. It is possible, among others, by the Internet browsers you use. In the most popular browsers you have the possibility:

5.1. to accept cookies, which will allow you to fully use the options offered by the websites;

5.2. to manage cookie files at the level of single, chosen by you websites;

5.3. to define settings for different types of cookies, for example accepting permanent files as session ones, etc;

5.4. to block or delete cookies.

6. Remember that the management and deletion of cookies varies depending on the browser used. You can obtain precise information on how to manage cookies by using the “Help” function in your browser.

7. The effect of changing the settings of the browser, depending on the selected option, may be the loss of the possibility to use some of the website’s features.

8. Software for web browsing, i.e. web browser, usually by default allows storing cookies in the User’s end device. Users can change settings in this area. The web browser allows to delete cookies. It is also possible to automatically block cookies. Detailed information on this subject is contained in the help or documentation of the Internet browser used by the User.

9. Below are the links to information on the management of cookies and website data in selected web browsers:

9.1 Google Chrome:

https://support.google.com/chrome/answer/95647?hl=pl

9.2. Mozilla Firefox:

https://support.mozilla.org/pl/kb/ciasteczka

9.3. Safari:

https://help.opera.com/pl/latest/security-and-privacy/#deleteData

9.4. Opera:

https://help.opera.com/pl/latest/web-preferences/

9.5. Microsoft Edge:

https://support.microsoft.com/pl-pl/help/10607/microsoft-edge-view-delete-browser-history

9.6. Internet Explorer:

https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies

Marketing techniques

1. The Administrator also uses statistical analysis of the website’s traffic through Google Analytics (Google Inc. based in the USA). The Administrator does not pass on personal data to the operator of this service, but only anonymised information. The service is based on the use of cookies on your terminal device. In the scope of information about user preferences collected by the Google advertising network, the user can view and edit the information resulting from the cookies using the tool: https://www.google.com/ads/preferences/.
2. The Administrator uses remarketing techniques that allow matching advertising messages with the user’s behavior on the site, which may give the illusion that the user’s personal data are used to track the user, but in practice there is no transfer of any personal data from the Operator to the advertising operators. The technological condition for such actions is that cookies are enabled.
3. The Administrator uses the Facebook pixel. This technology causes Facebook (Facebook Inc. with its seat in the USA) to know that the person registered with it uses the Service. In this case, it is based on data for which it is the Administrator himself, the Administrator does not pass on any additional personal data from himself to Facebook. The Service is based on the use of cookies in the user’s terminal device.

System logs

1) Information about some of the user’s behavior is subject to logging into the server layer. This data is used solely for the purpose of administering the service and to ensure the most efficient service of hosting services provided to the Administrator.

2. The browsed resources are identified by URL addresses. In addition, the records may be saved:

2.1. time of inquiry;

2.2. time of response;

2.3. User station name – identification implemented by the HTTPS protocol;

2.4. information about errors that occurred during the execution of HTTPS transaction;

2.5. the URL of the page previously visited by the User (referer link) – if the access to the Service was made via a link;<

2.6. information about the User’s browser;

2.7 Information about the IP address;

3. The above data is not associated with specific persons browsing the Administrator’s websites.

4. The above data is used only for the purposes of administration of the server.