RODO - GAPS Gdańsk

Privacy Policy of the ŁAŹNIA Centre for Contemporary Art as part of the GAPS project

The following privacy policy sets out the principles for the processing and protection of personal data. Its aim is to explain the reasons why we collect and process personal data as part of our GAPS project.

What is personal data?

The term ‘personal data’ refers to all information that makes it possible to distinguish one person from another without much effort. This information can either directly concern the person (such as his or her name, identification number and sometimes date of birth, e-mail address or image) or it may describe them in an indirect manner. For instance, it may concern their characteristics, health, beliefs, place of residence, addictions, race or religion.

What kind of personal data are we talking about in our case?

This is data provided to us by our Customers, Business Partners, Collaborators and Employees in connection with their use of our services, their collaboration or employment with us. We process this data.

What does data processing mean?

Data processing is any action we may perform with regard to personal data – involving both active use thereof, such as collecting, downloading, recording, combining, modifying or sharing data, and passive use, such as storing, limiting, erasing or destroying data.

Who is the Data Controller (meaning who has influence on data processing and security)?

Your personal data controller is the ŁAŹNIA Centre for Contemporary Art, ul. Jaskółcza 1, 80-767 Gdańsk. NIP (tax ID no.): 583-25-52-296, REGON (statistical no.): 191571237.

The Data Controller may be contacted via:

the correspondence address: ŁAŹNIA Centre for Contemporary Art, ul. Jaskółcza 1, 80-767 Gdańsk, POLAND
the e-mail address: office@laznia.pl.

The Controller has appointed Mr Edward Dybowski to the position of Personal Data Protection Inspector; he can be contacted at the following email address: iod@laznia.pl.

What is the legal basis and purpose of processing your data?

Each instance of processing of your data has to be based on an appropriate legal basis that complies with the applicable regulations. Such basis may be your consent to data processing or other legal provisions that enable it, in accordance with the Personal Data Protection Act of 10 May 2018 (Polish Journal of Laws of 2019, item 1781) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or ‘GDPR’).

We may process your data for the following purposes:

if you are our Customer or a person interested in taking advantage of a project provided by us, your personal data will be processed on the basis of Article 6(1)(b) GDPR as processing that is necessary for you to participate in the project.
if you use our website and its subsites that employ cookies – this is our legitimate interest and we process your data on the basis of Article 6(1)(f) GDPR.
if you use and/or interact with our social media profiles on:

Facebook – https://www.facebook.com/cswlaznia/,

Twitter – https://twitter.com/cswlaznia/ ,

Instagram – https://www.instagram.com/cswlaznia/,

YouTube – https://www.youtube.com/user/cswLaznia/ ,

– this is our legitimate interest and we process your data on the basis of Article 6(1)(f) GDPR.

We process your data in connection with the creation of registers (collections) resulting from the ongoing GAPS project – Article 6(1)(f) GDPR (legitimate interest of the controller).
To improve the quality of our services, we also process statistical information regarding the use of our website, including session information, IP number, amount of time spent on individual pages and subpages, use of particular functionalities of the services, information about the device and browser. The controller employs cookies or other similar technologies and statistical tools. This data is processed in accordance with Article 6(1)(f) GDPR for the legitimate interest of the Controller: facilitating Website usage, improving the quality and functionality of the services provided, and the processing of this data does not infringe on the rights and freedoms of users. User information is not used for any additional purposes and, due to the nature of the website service, adjusting the way its content is displayed, facilitating its use and improving the quality of website services provided is not only a market standard but also what users expect of website providers. In addition, users may withdraw their consent at any time by changing the settings of their browser regarding the permissibility of using cookies or other similar technologies.
To publish marketing information about our products or services on our website. Such content is displayed by the Controller in accordance with Article 6(1)(f) GDPR, that is the Controller’s legitimate interest to publish content related to the services provided and content promoting campaigns in which the Controller is involved. At the same time, this action does not violate the rights and freedoms of users, users expect to receive similar content, and sometimes they even expect it or it is their direct purpose for visiting the site.

With whom do we share your data?

In accordance with the legal regulations in place, we may transfer your data to entities processing them on our behalf, such as hosting companies that host this website or subcontractors employed to provide our services. We are also obliged to make such data available at the request of entities authorised to do so under other provisions of law, e.g. the Polish Social Insurance Institution (ZUS), local and municipal welfare centres (MOPS, GOPS), tax offices, courts and law enforcement agencies. In some cases, however, access will only be granted if they request it from us, indicating the legal basis that allows them to make such a request.

As a general rule, the controller does not envisage transferring data to third countries located outside the European Economic Area.

Within the European Union, in all Member States, you are guaranteed an identical level of protection of your data thanks to GDPR (full text available HERE).

How long are we going to process your data?

We take great care to limit the scope of data we collect and the time taken to process it to the necessary minimum. To this end, we carry out a systematic review of documents in our possession, removing redundant ones whose usefulness has expired. Please note that depending on the basis on which we obtained your data, the duration of its processing may be determined by separate legal regulations, independent of us, which may oblige us to store your data, regardless of your will or desire. Examples include labour law, social security law as well as accounting or bookkeeping regulations.

Should the data in our possession be used for a purpose other than that for which it was collected, we will always inform you accordingly and you will have the opportunity to object.

What rights do you have with regard to your data?

If we process your personal data, you always have the right to:

demand access to your data – within the limits of Article 15 GDPR,
have it corrected – within the limits of Article 16 GDPR,
demand its removal – within the limits of Article 17 GDPR, or limit the scope of processing – within the limits of Article 18 GDPR,
object to the processing of your data – within the limits of Article 21 GDPR,
transfer your data, including obtain copies thereof – within the limits of Article 20 GDPR.

All these rights are detailed in Articles 15 to 21 GDPR, the text of which is linked above.

You may also withdraw your consent to the processing of your personal data, in which case we will immediately delete your personal data as long as there is no legal obligation requiring us to continue processing it. For example, if you request the elimination of your data in your personnel file, we will immediately remove it from the database. However, in accordance with personnel regulations, we will continue to hold it in our financial and accounting records for the period governed by the law currently in force.

If you feel that we have in any way – which of course is not our intention – violated your rights or failed to ensure the security of your personal data, you have the right to lodge a complaint with the supervisory authority, which is the President of the Office for Personal Data Protection.

Automated decision-making and profiling information

We do not make any automated decisions based on your data, that is decisions without human involvement. Nor do we take any actions aimed at profiling you.

Please note that our website may contain links to other websites. They will open in a new browser window or in the same window. We are not liable for the content provided by these websites and, as a User, you are responsible for reviewing the privacy policies or terms and conditions of these sites.

How do we protect your data?

We use mandatory organisational and technical measures to ensure the security of your data. We have installed the required physical securities at our premises to prevent unauthorised data access. Our employees have the required authorisations, the relevant confidentiality agreements, as well as the entrustment of processed data and may process said data in a limited manner, that is only to the extent necessary for the proper performance of their duties.

The security of your data transmitted electronically is ensured by our 128-bit SSL security protocol. Its graphic symbol is a green padlock displayed in the web browser next to the address of our website. By encrypting it before transmission, you can be sure that you are entering our site, which has not been modified in any way as it travelled to you over the Internet.

Please remember that as a User, you should also take care to protect your personal data transmitted over the Internet, in particular not to disclose your login data to third parties, to use anti-virus protection and keep your software up to date.

The Controller reserves the right to amend this privacy policy in accordance with the applicable law. Such changes could be motivated by changes related to the development of online technology, changes in generally applicable law or development of the Website through new administrative tools. The date of publication and update of the Privacy Policy is shown at the top of the page.
Disclaimers and copyrights

Our website www.gaps.gda.pl also includes links to other websites, videos and information that we have found valuable or interesting. However, we are not responsible for the content of these websites or any changes to them, and we are not liable for the privacy policies of their current or future owners.

All content featured on our website is subject to the copyright of the respective person(s) and/or the Controller (e.g. photographs, texts, videos, free materials, etc.). The controller does not consent to copying said content in whole or in part without his express prior consent.

COOKIES POLICY

What are cookies and what are they used for?

Cookies are text files that are stored on your device and used by the server to recognise this device when you reconnect; they are downloaded every time you ‘enter’ and ‘leave’ our website. Cookies are not used to determine your identity, but only to identify your device, among other things so that the display can be adjusted to its technical capacity, for example resolution or browser version.

Cookies are most commonly used in the case of counters, polls, online shops, sites that require login, advertising and to monitor visitor activity. They also make it possible, among other things, to remember your interests and accordingly adapt websites in terms of the content displayed and matching advertisements. These files are used by practically all websites – search engines, news sites, blogs, online shops, government websites, etc. Our website also employs them.

What do cookies do?

In general, cookies work according to the following principles:

they identify the computer and browser data used to view the website – for example, they allow us to know whether a particular computer has already visited the website,
data collected through the use of cookies is not in any way combined with the personal data of users collected, for instance, during registration on our websites,
it is not harmful to you or your computers or smartphones – this data does not affect the way they work,
it does not cause any changes to the configuration of the terminal equipment or the software installed on such equipment,
default cookie parameters allow the information contained in them to be read only by the server that created them,
based on your behaviour on the websites you visit, they transmit information to the servers so that the displayed website is better suited to your individual preferences.

What are the types of cookies?

There are three types of cookies:

Session cookies are temporary files stored in the memory of your browser until the end of the session. These are mandatory files, required for the correct performance of certain applications or their functionalities. When you close your browser, they should be automatically deleted from the device you used to visit the website,
Persistent cookies facilitate the use of websites that you visit often. These files are stored in the relevant folder for an extended period of time, which you can adjust in your browser settings. Each time you visit the site, data from these cookies is transferred to the server. This type of cookies is sometimes also referred to as tracking cookies,
Third-party cookies are files usually originating from advertising servers, search servers, etc. that collaborate with the given website owner. They ensure that the advertisements displayed are tailored to your interests and habits, which in turn often allows you to use some of the content of the website free of charge. They are also used to count ‘clicks’ on advertisements, user preferences, etc.

Do you have to agree to our use of cookies?

Remember that you are able to independently manage cookies. This is made possible, for example, by the browsers you use (cookies are usually enabled by default). The most popular browsers enable you to:

accept the use of cookies in order to take full advantage of the options offered by websites,
manage cookies on individual websites you select,
define settings for different types of cookies, for instance accepting persistent cookies as session cookies, etc.,
block or remove cookies.

You may find information on how to enable or disable cookies in the settings options of the most popular browsers.

By leaving your browser settings unchanged, you consent to our use of cookies. However, blocking them or disabling some of their types may prevent you from using the full functionality of the website or interfere with its proper functioning.

Why do we use cookies?

The website uses both session cookies and persistent cookies. We use them for the following purposes:

to create statistics in order to improve the structure and content of the pages,
to maintain the website User’s session.

The following information is collected in order to correctly display the page: name and version of the web browser, language settings, date and time of sending the request to the server, IP from which the request was sent, requested URL. This data is collected to enable the correct operation of our website.

The data collected by our website is not disclosed or made available to third parties, except for the relevant law enforcement authorities entitled to conduct criminal proceedings initiated at our request.