Privacy policy

DATA PROTECTION / PRIVACY POLICY

In accordance with Article 13 and Article 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), we inform you that:

DATA CONTROLLER

The Data Controller of your data is the Institute for Sport Governance Foundation with its registered office at ul. Piękna 49, 00-672 Warsaw, entered in the register of associations, other social and professional organisations, foundations and independent public health care institutions kept by the District Court for the City of Warsaw, XIII Economic Division under the National Court Register with KRS number 0000821489, NIP: 5213886438, REGON: 385235331 (hereinafter referred to as the “Controller” or “ISG”).

DATA SUBJECTS

The Controller processes the personal data of visitors to the Controller’s website within the www.govsport.eu website, including the sub-sites accessible from the website (hereinafter collectively the “Website”), including the processing of data of those who use the contact forms on the Website, those who contact the Controller, applicants for jobs, co-ops, internships, apprenticeships and volunteering, as well as those who subscribe to the ISG newsletter (hereinafter the “Users”).

The personal data processed by the Controller includes:

1. Personal data of visitors to the Website: data derived from cookies, information on consent to communications, including logs.
2. Personal data of persons contacting the Controller via the selected contact form – depending on the subject matter and type of the contact form in question, this may include the following personal data: name and surname, e-mail address, telephone number, scientific and professional affiliation and other personal data contained in the body of the message within the form.
3. Personal data of persons contacting the Controller by e-mail: e-mail address, information contained in the correspondence, signature, data contained in the footer of the sender’s message.
4. Personal data of job, co-op, internship, apprenticeship and volunteer applicants – depending on the subject matter and type of the contact form in question, this may include the following personal data: name, e-mail address, telephone number, academic and professional affiliation and other personal data contained in the body of the message within the form and, in the case of e-mail contact, name, e-mail address, information contained in the correspondence, signature, data contained in the footer of the sender’s message.
5. those who have subscribed to the ISG newsletter – e-mail address,  name and surname.

PURPOSE OF PROCESSING

We process your personal data for the following purposes:

1. to pursue the Controller’s legitimate interest in analysing Users’ use of the website, in order to facilitate future use by better tailoring it to their needs, as well as to improve its IT security, and for marketing and statistical purposes, as well as for internal administrative purposes, i.e. on the basis of Article 6(1)(f) GDPR;
2. to analyse correspondence within the contact form, to carry out communication with persons who have used the contact form, on the basis of the Controller’s legitimate interests in handling correspondence, to obtain and maintain relations with senders, and for internal administrative purposes, i.e. on the basis of Article 6(1)(f) GDPR;
3. when contacting the Controller by email, personal data will be processed in order to process the message addressed to the Controller, based on the legitimate interest of interacting with Users, responding to requests or applications, i.e. Article 6(1)(f) GDPR;
4. in the case of signing up for the newsletter service: in order to provide the newsletter dispatch service – the legal basis for processing is the necessity of processing for the performance of the contract (Art. 6(1)(b) GDPR; in the case of directing marketing content to the user within the newsletter – the legal basis for processing, including profiling, is the legitimate interest of the Controller, i.e. Art. Article 6(1)(f) GDPR, consisting in the promotion of services and products, as well as the services and products of partners; for analytical and statistical purposes – the legal basis for processing is the Controller’s legitimate interest, i.e. Article 6(1)(f) GDPR, consisting in conducting analyses of users’ activity on the Website, in order to improve the applied functionalities;
5. In the case of correspondence within the form or by email of candidates for jobs, co-ops, internships, apprenticeships and volunteering, for the purposes of correspondence and the processing of applications submitted, on the basis of their consent, and in fulfilment of a legal obligation, i.e. Article 6(1)(c) GDPR, as well as when this is necessary for purposes arising from the Controller’s legitimate interests, i.e. Article 6(1)(f) GDPR;
6. To enable the Controller to establish, assert and defend against claims, on the basis of the Controller’s legitimate interests consisting of the need to exercise its rights, i.e. Article 6(1)(f) GDPR.

RETENTION PERIODS

Personal data will be stored for the following periods:

1. With regard to personal data processed as part of the contact forms or email correspondence available on the Website:
   a) In the case of contact between the Controller and the User, for the duration of the information exchange and thereafter for a maximum period of 1 year with effect at the end of the calendar year, counting from the date of the last interaction, with the proviso that if cooperation is established, e.g. in the case of correspondence with a job candidate, a further retention period will be indicated in a separate notice regarding the processing of personal data in connection with the conclusion and performance of a contract;
   b) If no contact is made, for a period of 3 months with effect at the end of the calendar month from the date of processing of the information within the contact form or email.
2. With regard to personal data processed as part of a newsletter – for the period of performance of the contract, until you unsubscribe from the newsletter.
3. With regard to data derived from cookies:
   a) Necessary – data are kept for a period of 365 days
   b) Other than necessary – data is stored until the User withdraws their consent to the use of cookies, whereby the withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

In the event of the need for the Controller to establish, assert and defend against claims, e.g. in the event of a claim by the User, the indicated periods for the storage and processing of personal data may be extended for the periods of the statute of limitations for claims or for the duration of the dispute, if this proves necessary.

PRINCIPLES FOR THE COLLECTION OF PERSONAL DATA

With regard to the personal data processed through contact forms and via email, providing personal data is voluntary but necessary for analyzing correspondence and establishing contact with the User, including considering their candidacy in the recruitment process.

Regarding personal data obtained from essential cookies, their collection is necessary for the proper functioning of the Website. Providing personal data from non-essential cookies is voluntary.

SOURCE OF PERSONAL DATA

The personal data on the Website is collected by the Controller in connection with the User’s visit to the Website, their consent to the installation of cookies, and their submission of a message via email or through a contact form.

DATA TRANSFER

We may transfer your personal data to service providers acting as processors on behalf of the Controller, including providers of IT systems, software, and IT services, marketing services, analytics providers, legal, tax, and financial advisers, auditors, and accounting service providers.

Users’ personal data may also be disclosed to public authorities, provided they are authorized to do so by applicable legislation and submit an appropriate request.

Access to personal data is granted only to individuals for whom there is a legitimate justification based on the tasks performed and services provided. All individuals authorized to process personal data are obligated to maintain the confidentiality of the data and protect it from disclosure to unauthorized persons.

HOW DO WE KEEP YOUR PERSONAL DATA SECURE?

The Controller shall take appropriate technical and organisational measures to protect Users’ personal data. Personal data are available only to persons who need them for the purposes and tasks described in this document. All these persons are obliged to treat personal data confidentially and only in accordance with the applicable data protection laws and regulations.

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES AND INTERNATIONAL ORGANISATIONS

The Controller shall store the personal data processed on the Website in IT infrastructure provided by third parties, including email boxes whose servers may be located outside the European Economic Area, and thus may transfer personal data to recipients located outside the European Economic Area.

COOKIES

The website uses cookies to track the use of the website. Cookies are small data files that a website leaves on your device when you visit a website. By using cookies, the website can remember certain input data and settings for a certain period of time and the user does not have to re-enter these parameters when visiting the website again.

“Service” cookies (essential)

The Controller uses so-called service cookies primarily to provide the User with services provided electronically, the proper functioning of the Website. These cookies contain data entered by the User for the duration of the session.

,,Analytical” cookies

The Controller uses so-called analytical cookies to improve the quality of services on the website. Accordingly, the Controller and other entities providing analytical and statistical services to the Controller use cookies to store information or access information already stored on the user’s telecommunications terminal equipment. Cookies used for this purpose include Google Analytics, Google Ads, Google Tag Manager cookies, which are used to analyse how the User uses the websites, to create statistics and reports on the functioning of the websites.

“Marketing” cookies

The Controller and its trusted partners also use cookies for marketing purposes, inter alia in connection with targeting Users with behavioural advertising. For this purpose, the Controller and its trusted partners store information or access information already stored in the User’s telecommunications terminal equipment.

Managing cookie settings

Service cookies, which are necessary for the use of the website, are automatically installed on the User’s device. Their use is necessary for the provision of the telecommunications service – the user does not have the option to opt out of these cookies if he wishes to use the websites.

Analytical and marketing cookies are not automatically installed by the Controller. The User may grant the Controller permission to install analytical cookies by giving his/her consent by clicking the “Accept all cookies” button on the banner appearing after entering the Website. The Controller will then be authorised to install analytical and marketing cookies according to the settings of the browser used by the User.

The User may consent to the installation of only selected analytical or marketing cookies To do so, simply click on the “Cookie Settings” button on the banner that appears when entering the website and select the cookies that the User wishes to consent to. The User can withdraw their consent at any time. To do so, the User should change his/her browser settings. Detailed information on this subject can be found at the following links:

Mozilla Firefox: https://support.mozilla.org/pl/kb/usuwanie-ciasteczek

Microsoft Edge: https://support.microsoft.com/pl-pl/microsoft-edge/usuwanie-plik%C3%B3w-cookiew-przegl%C4%85darce-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

Google Chrome: https://support.google.com/accounts/answer/61416?hl=pl

Safari: https://support.apple.com/pl-pl/HT201265

WHAT ARE YOUR RIGHTS IN RELATION TO THE PROCESSING OF YOUR PERSONAL DATA?

The data subject may exercise the following rights:

1. The right to request access to your personal data, as well as to receive a copy of it;
2. The right to withdraw consent to the processing of your personal data, where it may apply;
3. Rights to rectify your personal data;
4. Rights to erasure of your personal data;
5. Rights to restrict the processing of personal data;
6. The right to object to the processing of personal data – it is necessary to indicate the specific situation which, in your opinion, justifies the cessation of processing;
7. Data portability rights;
8. The right to lodge a complaint to a supervisory authority in relation to the processing of personal data by the Controller – the supervisory authority is the President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw.

CONTACT WITH THE CONTROLLER

You can contact the Controller on matters concerning the processing of your personal data by directing:

• Correspondence by post to the address of the Controller’s registered office indicated above or
• Via email address: info@govsport.eu

A person who has made a request or demand for the processing of his or her personal data, in the exercise of his or her rights, may be asked to answer questions to verify his or her identity.

CHANGES TO THE PRIVACY POLICY

The Privacy Policy does not limit any rights you may have under the law. We may amend and supplement the Privacy Policy as appropriate. We will notify you of any changes or additions by posting appropriate notices on the Site, and in the event of material changes, we may also send you separate notices to the email address you have provided.