PRIVACY POLICY

§ 1

[Introductory information]

This document, the Privacy Policy, contains information on the processing of personal data and other information regarding the users of the www.cfasofficial.com website. In this privacy policy, the administrator has included all the information that data subjects should receive in accordance with the GDPR.

 

§ 2

[Glossary of terms]

  1. Personal Data Administrator [PDA] – the entity that decides on the purposes and means of the processing of personal data.
  2. Data Protection Coordinator [DPC] – an individual who assists the PDA in carrying out his or her responsibilities regarding the protection of personal data.
  3. Cooperating Entities – entities that offer to sell their services or products on the www.cfasofficial.com website:

− Center For American & European Studies Foundation, TIN: 7812019909, REGON: 38871141800000, KRS: 0000895006;

− Center For American Studies Association, TIN: 7811990247, REGON: 38256651800000, KRS 0000771445,

− Łukasz Bartosik Center For American, European & Global Studies, TIN: 7812015745, REGON: 387711534

  1. Website (Site) – the www.cfasofficial.com website offering the Services of Cooperating Entities.
  2. User – a person/entity using the Site.
  3. Registered user – a person/entity having a user account on the Website.
  4. User account – a set of resources maintained by PDA for a user under a unique name (login) and protected with a password, in which the user's data are stored.
  5. Facebook – the company Facebook Ireland Ltd. operating the social networking site Facebook with headquarters in 4 Grand Canal Square Grand Canal Harbour Dublin 2, Ireland.
  6. Google – Google LLC, a company operating Google's website with registered office at 1600 Amphitheatre Parkway, Mountain View, California, U.S.
  7. Newsletter – personalized information sent periodically to Subscribers containing information about the activities of the Cooperating Entities.
  8. Subscriber – a user who subscribed (signed up for) to the newsletter.
  9. Personal data – any information about an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly.
  10. Cookies are small pieces of information sent by the Website and stored on user’s end device (computer, laptop, smartphone).
  11. Processing of personal data – an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. 
  12. Profiling – any form of automated processing of personal data which involves the use of personal data to evaluate certain personal factors of an individual, in particular to analyze or predict aspects relating to that individual's performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movement.
  13. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.


§ 3

[Personal Data Administrator, Data Protection Coordinator, Cooperating Entities]

 

1. The administrators of the personal data processed on the Site are the Cooperating Entities,

acting as joint administrators of the personal data.

2. PDA has appointed a Data Protection Coordinator who is responsible for proper protection of personal data. Contact with the DPC is possible:

a) By post, to the address Stobnicka 5B, 60-480 Poznan, Poland;

b) By email, to: [email protected].

3. PDA processes personal data within the scope and for the purposes described in this

Privacy Policy.

 

§ 4

[Types, purposes and basis of data processing]

 

1. The following data may be processed on the Site:

  1. cookies – for the purposes described in §7 and based on the user's consent;
  2. information about your computer, including IP address, geographical location, browser type and version and operating system, information about visits to and use of the Site, including referrer source, length of visit, page views and navigation paths on the site – to enable the proper functioning of the Site on your end device, analysis of traffic on the Site, pursuant to Article 6(1)(a) and (f) of the GDPR, i.e. the consent expressed by the user, and when processing is necessary in order to carry out purposes mandated by law by a PDA or third parties. 

c) information entered when you create a registered user account on the Site:

i. first name,

ii. last name,

iii. sex/gender,

iv. mailing address,

− country,

− city,

− the street including the building and apartment number

− zip code,

v. phone,

vi. date of birth,

vii. e-mail,

viii. password,

in order to enable the sales process of the products and services by the Cooperating Entities, as well as to receive personalized messages to the e-mail address or by post as

part of the newsletter service on the basis of Article 6(1)(a) of the GDPR, i.e. the

consent expressed by the user, and after cancellation of the service on the basis of Article 6(1)(c) and (f) of the GDPR for a period of protection against eventual claims and obligations;

 

d) information contained in any correspondence sent to the PDA by email or via the

Site, including communication content and metadata, pursuant to Article 6(1)(b)

of the GDPR, i.e. at the request of the data subject;

e) any other personal data that is entered on the Website (and image – in the case of participation with the camera on in recorded events, such as training courses and conferences) on the basis of Article 6(1)(a),(b) and (f) of the GDPR, i.e. consent expressed by the user, when the processing is necessary for the performance of a contract to which the data subject is a party, or to take action at the request of the data subject prior to entering into a contract, and when the processing is necessary for the purposes of the legitimate interests pursued by the PDA.

 


§ 5

[Co-administration via Facebook]

1. In the case of integration of the user's Facebook account with the user's account on the

Site, PDA may process the personal data contained in the Facebook profile in

accordance with the privacy settings established by the user. In particular, this may

include the following personal data:

a) first name,

b) last name,

c) sex/gender,

d) e-mail,

e) phone,

f) location data,

g) image,

h) profile picture.

2. The purposes and processing of personal data decided by Facebook, the legal basis

and other information required by law are described at:

https://www.facebook.com/privacy/explanation.

3. PDA uses the Facebook Pixel tool. This is a short code placed on the Site that allows

you to measure the effectiveness of your ads based on an analysis of the actions taken

by users on the Site. Information about the Facebook Pixel tool can be found at:

https://www.facebook.com/business/help/742478679120153 

 

§ 6

[Co-administration by Google]

1. In the case of integration of the user's Google account with the user's account on the

Site, PDA may process the personal data contained in the profile on the Google social

network in accordance with the privacy settings established by the user. In particular,

this may include the following personal data:

a) first name,

b) last name,

c) sex/gender,

d) e-mail,

e) phone,

f) location data,

g) image,

h) profile picture.

2. The purposes and processing of personal data decided by Google, the legal basis and

other information required by law are described at:

https://policies.google.com/privacy.

3. PDA uses the Google Analytics tool to analyse the anonymous data collected on the

website traffic, e.g. number of visits, country, browser, time of visit, etc. The tool uses

cookies and does not provide personally identifiable information. Information about

the Google Analytics tool can be found at: https://support.google.com/analytics/.

 

§ 7

[Profiling]

PDA does not use profiling on the Site.

 

§ 8

[Cookie Policy]

1. The Site uses cookies to provide the highest level of service, including in a manner

tailored to individual needs. Using the site without changing the settings for cookies

means that they will be placed on your terminal device.

2. The entity placing cookies on the user's terminal equipment and accessing them is

PDA.

3. PDA processes cookies in order to:

1) proper functioning of the Site, in particular maintaining the session of the user

after logging in, thanks to which the user does not have to enter his/her login and

password again on each subpage of the Site;

2) display personalized advertising to users of the Site,

3) Analyze Site traffic and compile statistics to help us modernize the Sites in the

future and provide better service.

4) adapting the content of the Website to User preferences and optimizing the use of

websites; in particular, these files allow for recognition of the Website User's

device and appropriate display of the website, adapted to his individual needs;

4. The following types of cookies are used on the Site:

1)  "necessary" cookies to enable services available on the Site, such as

authentication cookies used for services that require authentication on the Site;

2) cookies used to ensure security, e.g. used to detect abuse of authentication on the

Site;

3) "performance" cookies, which allow the collection of information about how the

Site is used;

4) "functional" cookies, which enable "remembering" the user's selected settings

and personalizing the user's interface, e.g. with regard to the selected language or

region of the user's origin, font size, website layout, etc;

5) "advertising" cookies, enabling you to provide users with advertising content

more tailored to their interests.

5. In many cases, the software used to browse the Internet (web browser) allows the

storage of cookies on the user's end device by default. Users can change their cookie

settings at any time. These settings can be changed in particular in such a way as to

block the automatic handling of cookies in the settings of the web browser or inform

on their placement on the user's device each time. Detailed information on the

possibility and methods of using cookies is available in the software (web browser)

settings.

6. PDA informs that restrictions on the use of cookies may affect some of the

functionalities available on the Site.

7. Cookies placed in the end user's device and used can also be by advertisers and

partners cooperating with the operator of the Website.

 

 

§ 9

[Time of processing personal data]

 

1. PDA processes personal data:

1) User – for the duration of the use of the Site.

2) Registered user - from the moment of entering personal data on the Site until

the moment of deleting the account of a registered user.

3) Subscriber - from the moment of subscribing to the newsletter service until the

moment of unsubscribing.

2. After the cancellation of services, PDA shall store personal data for a period of 5

years resulting from the protection against possible claims and obligations imposed on

PDA by generally applicable law, based on Article 6(1)(f) of the GDPR;

 

§ 10

[Recipients of users' data]

 

1. PDA discloses users' personal data to processors under the concluded agreements on

entrustment of personal data processing in order to provide services to the

administrator, e.g. hosting and Site maintenance, IT services, marketing and PR

services, legal and consulting services, while obliging the above entities to

confidentiality when processing the data.

2. The PDA shall disclose personal data, if requested to do so by authorised state

authorities, in particular organizational units of the prosecutor's office, the Police, the

President of the Office for Data Protection, the President of the Office for Competition

and Consumer Protection.


§ 11

[Transmission of personal data to third countries]

 

1. The PDA may transfer and process personal data in third countries. The transfer and

processing of data to a third country shall be based on a decision of the European

Commission on the adequate level of protection for personal data or standard contractual clauses. 

2. If no decision of the European Commission on the adequate level of protection of personal data has been issued with regard to a given third country, then the transfer to that third country shall be subject to the provision of adequate safeguards as referred to in Article 46(2) of the

GDPR.

3. Third countries are countries outside the European Economic Area. The European

Economic Area includes all countries of the European Union and the countries of the

so-called European Free Trade Association, which include Norway, Switzerland, Iceland and

Liechtenstein.

4. In connection with the use of ICT providers located in third countries, the PDA may

transfer personal data to a third country. The legal basis for such transfer shall be the

concluded standard contractual clauses.

 

§ 12

[Rights of personal data subjects]

1. Every person whose personal data is processed has the right:

a) of access – to obtain confirmation from the PDA as to whether or not his/her personal

data is being processed. If data about the person are processed, the person is

entitled to access them and obtain the following information: about the purposes of

processing, the categories of personal data, the recipients or categories of

recipients to whom the data have been or will be disclosed, the period for which

the data will be stored or the criteria for their determination, the data subject's right

to request rectification, erasure or restriction of processing of personal data and to

object to such processing (Article 15 GDPR);

b) to obtain a copy of the data – obtain a copy of the data undergoing processing, with

the first copy being free of charge, and for subsequent copies the data administrator may

charge a reasonable fee based on administrative costs (Article 15(3) GDPR);

c) of rectification - request for the rectification of personal data concerning him/her that

is inaccurate or the completion of incomplete data (Article 16 GDPR);

d) to erasure of data ("right to be forgotten") - a request to erase her personal data if

the data administrator no longer has a legal basis for processing them or the data are no

longer necessary for the purposes of processing (Article 17 of the GDPR);

e) to limit processing - request to limit the processing of personal data (Article

18 GPDR) when:

▪ the data subject contests the accuracy of the personal data - for a period

enabling the administrator to verify the accuracy of the data,

▪ the processing is unlawful and the data subject opposes their erasure by

requesting the restriction of their use,

▪ the administrator no longer needs the data, but they are necessary for the data

subject to establish, exercise or defend a claim,

▪ the data subject has objected to the processing – until such time as it is

ascertained whether the legitimate grounds on the part of the administrator

override the grounds of the data subject's objection;


f) of data transfer–- to receive in a structured, commonly used and machine-readable

format the personal data concerning him or her which he or she has provided to the

administrator, and to request that these data be sent to another administrator, where the

data are processed on the basis of the data subject's consent or a contract concluded

with him or her and where the data are processed by automated means (Article 20

of the GDPR);

g) objection – objecting to the processing of its personal data for the legitimate

purposes of the administrator on grounds relating to its particular situation, including

profiling. The administrator shall then assess the existence of valid legitimate grounds

for the processing which override the interests, rights and freedoms of the data

subject, or grounds for the establishment, exercise or defence of claims. If, in

accordance with the assessment, the interests of the data subject override the

interests of the administrator, the administrator shall be obliged to cease processing the

data for those purposes (Article 21 GDPR).

2. In order to exercise the aforementioned rights, the data subject should contact the PDC using the contact information provided and inform him/her of which right and to what extent he/she wishes to exercise it. In addition, any data subject has the right to lodge a complaint with a supervisory authority if he or she believes that the processing of personal data concerning him or her violates the provisions of the RODO.

 

§ 13

[Changes to the Privacy Policy]

1. The Privacy Policy may be supplemented or updated in accordance with PDA's

ongoing needs to provide current and accurate information to users of the Site

regarding their personal data and information. Registered users will be notified of any

changes to the privacy policy by email to the address provided at registration.

2. This privacy policy is effective as of September 29, 2021.

 

 

 

Sign up to our Newsletter
Get a free ebook and discount codes

Your e-mail is safe . We promise not to send you spam.

Our website uses cookies to guarantee the best possible experience. By using the website, you agree to our use of cookies.