See what’s going on with energy and mining in Poland

01.01.2023

Privacy policy

Privacy policy

This Privacy Policy sets out the principles for the processing and protection of personal data provided by Instrat Foundation in connection with the use of the website www.instrat.pl, energy.instrat.pl, esg.instrat.pl; email and telephone contacts; cooperation and maintenance of relationships with media representatives(s); participation in Foundation events requiring registration; interaction in the space of the Foundation’s social media accounts.

The privacy policy sets out for what purposes the Intrastat Foundation processes data, on what legal basis, and for how long it is stored. In addition, the document contains information on the rights of data subjects.

1. Personal data controller

The administrator of the personal data is Instrat Foundation, located in Warsaw at Hoża 51 Street (00-681 Warsaw), registered in the National Court Register under the number: 0000618811, hereinafter referred to as the Administrator.

In any matter related to the processing and protection of personal data, the User may contact the Administrator:

  • by e-mail to: info@instrat.pl;
  • by directing correspondence to: Instrat Foundation, Hoża 51, 00-681 Warsaw.

2. Definitions

  • Administrator – Instrat Foundation with its registered office in Warsaw, 51 Hoża Street (00-681 Warsaw), hereinafter referred to as: the Administrator; the Foundation.
  • Personal Data – information about a natural person identified or identifiable by one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technology.
  • Policy – this Privacy Policy.
  • RODO – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
  • Website – the websites operated by the Administrator at the following addresses www.instrat.pl, energy.instrat.pl, esg.instrat.pl.
  • Social media – the social networks on which the Administrator/Foundation communicates: LinkedIn, X, Facebook, Instagram, YouTube.
  • User – anyone who visits the Website or uses one or more of the services or functionalities described in the Policy.

3. Data security

Instrat Foundation processes Users’ personal data as a controller in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter “RODO”).

The Instrat Foundation uses the technical measures required by data protection legislation to prevent unauthorised persons from obtaining and modifying personal data.

4. User rights

In any case of data processing by the Administrator, the User:

  1. has the right of access (information about the data being processed and to obtain a copy of that data);
  2. may rectify (amend) them;
  3. may request the deletion of the data when allowed by the RODO;
  4. has the right to restrict their processing (suspend operations on the data) within the limits set by the RODO;
  5. has the right to withdraw, at any time, consent to the processing of the data if it is carried out on the basis of Article 6(1)(f) of the RODO without affecting the processing carried out on the basis of consent before its withdrawal.

To modify or request the deletion of data, please specify exactly which data the request concerns and the desired method of data modification (e.g. modification of personal data, complete deletion of personal data from the database).

The deletion of personal data may occur as a result of the withdrawal of consent or the lodging of a legally permissible objection to the processing of personal data.

Should the User wish to exercise his/her rights or learn more about them, the Foundation can be contacted through the communication channels indicated in section 1 of the Policy.

5. Profiling

The user shall not be subject to decisions which are based solely on automated processing, including profiling, and which produce legal effects or similarly significantly affect the user.

6. The right to lodge a complaint against the processing of data by the Controller

At any time, the User has the right to lodge a complaint with the President of the Office for the Protection of Personal Data (https://uodo.gov.pl/) if he/she believes that the Administrator’s processing of personal data is in breach of the law.

7. Aims and basis of processing of personal data

7.1 Use of services
7.1.1. What data is processed?

The Foundation’s Services are hosted on the cyberfolks.pl server, which generates and analyses aggregate statistics on visits to the Services. Information is collected on:

7.1.1. What data is processed?

The Foundation’s Services are hosted on the cyberfolks.pl server, which generates and analyses aggregate statistics on visits to the Services. Information is collected on:

  1. IP address;
  2. an identification header (user agent) to identify the browser and system used by the User;
  3. approximate location data (country, city);
  4. the website visited
  5. the time the website was visited.
7.1.2 Purpose of data processing

The purpose is to ensure the functionality of the Services, to correct errors and to analyse aggregate statistics of visits and popularity of content (the behaviour of individuals is not analysed).

7.1.3 User rights

As described in sec. 4 of the Policy.

7.1.4 Basis for the processing of User data

Article 6(1)(f) RODO, i.e. the legitimate interest of the Administrator.

7.1.5 What is a legitimate interest?

Ensuring the functionality of the Services, fixing errors and analysing visit statistics.

7.1.6 Entities authorised to access User data

Only authorised employees and associates, the entity providing the Administrator with hosting, the entity providing the Administrator with statistical analysis software, the entity storing the personal data and the entity providing the Administrator with IT services have access to the User’s personal data.

7.2 Contact by e-mail, telephone, contact form
7.2.1 What data is processed?

The e-mail address, telephone number, data provided in the contact form on the Administrator’s Services and any other information provided by the User himself, e.g. name, information about his situation, are processed.

7.2.2 Purpose of data processing

The purpose of the data processing is:

  1. responding to the User’s message or resolving the case presented by the User;
  2. to analyse communications and requests received.
7.2.3 User rights

As described in para. 4 of the Policy.

7.2.4 Basis for processing the User’s data

Article 6(1)(f) RODO, i.e. the legitimate interest of the Administrator.

7.2.5 What is a legitimate interest?

The legitimate interest is:

  1. to achieve the statutory objectives by handling incoming correspondence and possibly resolving the case presented by the User and replying to the message;
  2. improving the Foundation’s operations by analysing the queries received and the responses provided – which serves to achieve the statutory objectives.
7.2.6 Entities authorised to access the data

The User’s personal data can be accessed only by authorised employees and collaborators and the entity providing IT services to the Administrator, the entity storing personal data for the Administrator.

7.3 Cooperation and maintenance of relations with media representatives(s)
7.3.1 What data are processed?

Name, contact details (email address or telephone number), affiliation (current and previous) and possible information about previous interactions with the Foundation are processed.

7.3.2 Purpose of data processing

The data are processed for the purpose of:

  1. respond to questions asked;
  2. to establish or maintain cooperative relations with journalists;
  3. to promote the statutory activities by sending out press releases,
  4. to analyse the effectiveness of communications and media mentions,
  5. to analyse the effectiveness of the activities and possible personalisation of the communication (in combination with other data about you contained in the CRM system).
7.3.3 User Rights

As described in sec. 4 of the Policy.

7.3.4 Where does the data come from?

Data is obtained from publicly available sources (e.g. editorial page) or obtained from other organisations or media persons. Often also provided directly by media representatives/representatives.

7.3.5 Basis for processing your data

Article 6(1)(f) RODO, i.e. the legitimate interest of the Administrator.

7.3.6 What is a legitimate interest?

The legitimate interest is:

  1. promoting statutory activities by sending out press releases, responding to media enquiries, maintaining relations;
  2. improving activities by analysing the effectiveness of communications, using the CRM system to manage relationships.
7.3.7 Entities authorised to access your data

Data will only be provided to:

  1. to the entity holding personal data for the Foundation;
  2. to the Foundation’s IT service provider.
7.4 Participation in events requiring registration
7.4.1 What data is processed?

Name or pseudonym, position, affiliation, email address and other information is processed if required by the nature of the event (e.g. training, conference) or by the agreement with the grantor.

7.4.2.Purpose of data processing

The purpose of the data processing is:

  1. Enabling registration for Foundation events;
  2. in combination with other data about the user contained in the CRM system, to analyse the effectiveness of the Foundation’s activities and the possible personalisation of communication.
7.4.3 User Rights

As described in sec. 4 of the Policy.

7.4.4 Where does the data come from?

Data is provided directly by the User if they have expressed a wish to participate in the event.

7.4.5.Basis for processing the User’s data

Article 6.1.b of the RODO, i.e. the performance of the contract concluded with the User, e.g. the implementation of a training course, the conduct of a conference, and Article 6.1.f of the RODO, i.e. the legitimate interest of the Administrator.

7.4.6.What is a legitimate interest?

The legitimate interest is:

  1. improving the Foundation’s activities by analysing their effectiveness and maintaining relationships – using the CRM system for relationship management;
  2. implementing the requirements of those who donate to the Foundation’s activities.
7.4.7 Entities authorised to access your data

The data will be provided to:

  1. to the entity holding personal data for the Foundation;
  2. The Foundation’s IT service provider;
  3. entities running events on behalf of the Foundation, if an event is involved;
  4. to the grantors who have provided funds for the organisation of the event, if such a provision is included in the agreement with them;
  5. if the event is held online, the videoconferencing platform and, in some cases, the platforms that broadcast the event.

7.5 Interaction through the Foundation’s social media accounts (LinkedIn, X, Facebook, Instagram, Youtube)
7.5.1 What data is processed?

User name, first name and surname (data visible in the profile) are processed; information on how long the User has been following the Foundation’s accounts; comments and reactions to content and any other information that is provided by the User through these channels; as well as the data that the social media processes for the purpose of creating statistics. In the case of targeting advertising to the User – age range, gender, locality, selected interests.

7.5.2.Purpose of data processing

The purpose of the data processing is:

  1. to interact with the User as part of the social Media channels operated by the Foundation, including replying to private messages and conducting discussions as part of comments under posts;
  2. to promote the Foundation’s activities through posts that are placed on Social Media, including advertisements and sponsored posts aimed at specific groups of users and users of a particular Social Media;
  3. to keep statistics which consist in the presentation by the entities running the Social Media of data about the number of views of the Foundation’s posts, their reach, the number of interactions, demographic data of the Foundation’s observers; this data is statistical in nature, but is created on the basis of the observation of the Users’ behaviour in the Social Media.
7.5.3 User Rights

As described in para. 4 of the Policy.

7.5.4 Where does the data come from?

The Foundation receives data from you when you start following the Foundation’s Social Media accounts or otherwise interact in the Foundation’s account space. In the case of targeted advertising, it is possible to receive data from the Social Media where such advertising is presented, i.e. Google Ireland Ltd.

User data is transferred to the Social Media on which the Foundation’s accounts are maintained, i.e. LinkedIn Corp., X Corp., Meta Platforms, Inc., Google Ireland Ltd.

7.5.5 Basis for the processing of User data

Article 6(1)(f) RODO, i.e. the legitimate interest of the Administrator.

7.5.6 What is a legitimate interest?

The legitimate interest is:

  1. responding to User messages and comments;
  2. informing about the activities and promoting the Foundation;
  3. analysing statistics related to the Foundation’s channels on Social Media.

8. Voluntariness of the transfer of personal data

8.1 Personal data have been provided to the Administrator voluntarily. However, failure to provide the data required by the Foundation or the withdrawal of consent to its processing may make it impossible to provide the desired interaction with the Foundation (e.g. continuity of communication; ensuring participation in an event).

9. Period of processing of personal data

9.1 The period of data processing by the Controller depends on the type of service provided and the purpose of the processing. The period of data processing may also result from the regulations when they constitute the basis for processing. If the data are processed on the basis of the legitimate interest of the Controller, the data shall be processed for the period allowing the fulfilment of this interest or until an effective objection to the processing is raised. Where processing is based on consent, data are processed until the consent is withdrawn. When the basis for processing is the necessity to conclude and perform a contract, the data are processed until the contract is terminated.

9.2 The processing period may be extended if the processing is necessary for the establishment or assertion of claims or the defence against claims, and thereafter only if and to the extent required by law.

10. Transfer of data outside the European Economic Area

10.1 Personal data is not transferred to a third country or international organisation before the Foundation.

10.2 However, the social media on which the Foundation’s accounts appear (Facebook, X, Linkedin, Instagram, Youtube) and the Google tools used by the Administrator may transfer data outside the European Economic Area, to the United States. In such a situation, the transfer of personal data is based on a decision on the adequacy of the level of personal data protection provided by the US under the Privacy Shield Framework.

11. Cookie policy

11.1 To monitor information about users of www.instrat.pl, energy.instrat.pl, esg.instrat.pl use cookies (“cookies”) offered by Google Analytics. Google Analytics cookies are files used to analyse and adjust the User’s use of the Website, to create statistics and reports on the functioning of the Website. Detailed information on the scope and principles of data collection in connection with this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.

11.2 The use of cookies to collect data through them, including gaining access to the data stored on the User’s device, requires the User’s consent. This consent may be withdrawn at any time. Consent is not required only in the case of cookies, the use of which is necessary for the provision of a telecommunications service (data transmission to display content).

11.3 It is possible to withdraw your consent to the use of cookies via your browser settings. Detailed information on this can be found at the following links:
– Internet Explorer: https://support.microsoft.com/pl-pl/help/17442/windows-internet-explorer-delete-manage-cookies
– Mozilla Firefox: http://support.mozilla.org/pl/kb/ciasteczka
– Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647
– Opera: http://help.opera.com/Windows/12.10/pl/cookies.html
– Safari: https://support.apple.com/kb/PH5042?locale=en-GB

12. Amendments to the Personal Data Processing Policy

12.1 The Policy is kept under review and updated as necessary.
12.2 The current version of the Policy was adopted on 9.01.2023.

Instrat Foundation

Follow us on

Supported by

License: Creative Commons Attribution 4.0 International (CC BY 4.0) - unless stated otherwise

Contact

Privacy policy

About us

Skip to content