PRIVACY POLICY

This privacy policy outlines the scope and objectives of the processing of personal data of members and prospective members of the Polish Data Center Association based in Warsaw (“Association“), as well as individuals visiting the Association’s website and contacting the Association by mail or e-mail. It also includes information required by applicable legal regulations. This privacy policy further provides details on the extent and purposes for which personal data will be processed for individuals participating in events organized by the Association and recipients of information about the Association’s events.

Personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”), as well as Polish law implementing GDPR, in particular the Act of 10 May 2018 on the protection of personal data (consolidated text Journal of Laws of 2019, item 1781).

  1. Personal Data Controller:

The Personal Data Controller is: Polish Data Center Association, headquartered in Warsaw, registered in the Register of Associations, other social and professional organizations, foundations, and independent public healthcare facilities by the District Court for the Capital City of Warsaw in Warsaw, 13th Economic Division of the National Court Register under KRS number: 0001037313, NIP: 5214020379, REGON: 525358092.

 

Contact Information of the Data Controller:

  • Mailing Address: Nowogrodzka 47A, 00-695 Warsaw.
  • Phone: +48 510 253 455
  • E-mail: info@pldca.pl
  1. Categories of Individuals and Types of Personal Data Processed by the Controller:

a. Personal data of the Association’s members:

  • First and last name,
  • PESEL,
  • Residential address/mailing address,
  • E-mail address,
  • Contact phone number.

 

b. Personal data of prospective members (including their representatives and agents) of the Association:

  • First and last name,
  • PESEL (Polish national identification number),
  • Residential address/mailing address,
  • E-mail address,
  • Contact phone number,
  • Image.

c. Personal data of individuals contacting the Association:

  • First and last name,
  • Residential address/mailing address,
  • E-mail address.

d. Personal data of individuals participating in events organized by the Association and recipients of information about the Association’s events:

  • First and last name,
  • Residential address/mailing address,
  • E-mail address,
  • Contact phone number.
  1. Purposes of Processing Personal Data and the Legal Basis for their Processing

a. The personal data of members and candidates for membership (including their representatives and agents) are processed for the following purposes:

  • Joining the Association and achieving the Association’s statutory objectives – based on the Act of April 7, 1989, on associations (Journal of Laws 2017.210 consolidated text) and based on the legitimate interest of the Association consisting in the right to process personal data to the extent necessary to determine whether the candidate for membership meets the requirements set out in the Association’s Statute, admitting members to the Association in accordance with the Association’s Statute, and fulfilling the statutory objectives of the Association (legal basis: Article 6(1)(c) GDPR). Providing data in this scope is voluntary but necessary for joining and participating in the Association.
  • Informational purposes – the data of members are published on the Association’s website (www.pldca.pl) to provide information about its members, and to promote the activities of the Association – based on the legitimate interest of the Association (legal basis: Article 6(1)(f) GDPR). Providing data in this scope is voluntary but necessary for joining and participating in the Association.
  • For processing your data for tax and accounting purposes in accordance with applicable laws (legal basis: Article 6(1)(c) GDPR). Providing data in this scope is voluntary but necessary for joining and participating in the Association.
  • Image publication – for promoting the image of members and the activities of the Association, by publishing members’ photos on the Association’s website www.pldca.pl – based on the consent given by the members of the Association (legal basis: Article 6(1)(a) GDPR). Providing data in this scope is voluntary but necessary for the dissemination of the image.

b. The personal data of individuals participating in events organized by the Association and recipients of information about the Association’s events are processed for the following purposes:

  • egistration and participation in events organized by the Association (legal basis: Article 6(1)(b) GDPR). Providing data in this scope is voluntary but necessary for participating in the Association’s events.
  • Sending information about events organized or co-organized by the Association (legal basis: Article 6(1)(f) GDPR and Article 10 of the Act on the provision of electronic services and Article 172 of the Telecommunications Law (if applicable)). Providing data in this scope is voluntary but necessary for receiving information about events from the Association.

c. The personal data of individuals visiting the Association’s website and contacting the Association are processed for the following purposes:

  • For handling inquiries, complaints, claims, and applications, and for answering questions asked (Article 6(1)(f) GDPR).
  • For mutual contact (legal basis Article 6(1)(a) GDPR).
  • For the use of cookies on the website (Article 6(1)(a) GDPR).
  • For website management (Article 6(1)(f) GDPR).

 

  1. Additionally, the aforementioned personal data is processed based on the legally justified interest of the Administrator (Article 6, section 1, point f of GDPR) for the following purposes:
  • Enforcing compliance with the internal rules of the Administrator,
  • Preventing fraud and abuse,
  • Debt collection, conducting legal, arbitration, mediation, and enforcement proceedings;
  • Data storage for archival and evidential purposes, as well as ensuring accountability (demonstrating compliance with legal obligations);
  • Analyzing data automatically collected when using the website;
  • Creating records of data processing activities and documentation arising from GDPR.
  1. Information about the recipients of personal data:

The recipients of personal data are entities providing services on behalf of the Association. Personal data is shared with the following categories of entities within the European Union:

  • Individuals cooperating with the Association under civil law contracts, supporting current activities,
  • Entities providing accounting (financial and bookkeeping) services,
  • Entities providing IT services,
  • Entities providing legal services.

 

The Association does not share personal data with entities outside the territory of the European Union.

  1. Rights of individuals whose data is processed by the Association.

Every person whose personal data is processed has the following rights:

a. Data Access – the right to obtain confirmation from the Association whether their personal data is being processed, and the right to access such data and additional information referred to in Article 15, sections 1 and 2 of GDPR;

b. Data Rectification – the possibility to request immediate rectification and completion of incomplete data by submitting an additional statement;

c. Data Erasure / Right to Be Forgotten – the right to request immediate data deletion if any condition specified in Article 17, section 1 of GDPR is met;

d. Data Processing Limitation – the right to request a limitation of personal data processing in cases mentioned in Article 18, section 1 of GDPR;

e. Data Portability – the possibility of receiving personal data in a structured, commonly used, machine-readable format and transferring this data to another data administrator in cases mentioned in Article 20, section 1 of GDPR;

f. Objection – the right to object for reasons related to a specific situation against processing data based on the legally justified interest of the Association or another data administrator, unless there are valid legally justified reasons for processing that override the interests, rights, and freedoms of the person concerned, or reasons for establishing, pursuing, or defending claims;

g. Withdrawal of Consent – at any time without affecting the legality of the processing carried out based on consent.

h. Submitting a complaint to the supervisory authority – any person concerned by the data has the right to submit a complaint to the supervisory authority if they believe that the processing of their personal data violates GDPR.

To exercise your rights, please direct your requests by sending an email to: info@pldca.pl or in written form sent to the postal address: ul. Kazimierzowska 43/49, 02-572 Warsaw.

The Association is obligated to inform individuals whose data is concerned about the rectification, deletion of personal data, or limitation of processing that it has carried out.

The person whose data is concerned has to the supervisory authority, which is the President of the Personal Data Protection Office, address: ul. Stawki 2, 00-193 Warsaw.

  1. Personal Data Retention Period

The personal data of Association members are stored until the termination of membership in the Association or until the withdrawal of consent for data processing, in cases where such processing takes place based on expressed consent.

The personal data of prospective members (including their representatives and agents) of the Association are stored for the period necessary to determine whether the conditions for membership in the Association, as established in the Statute, have been met and to make an appropriate decision in this regard.

The personal data of individuals participating in events organized by the Association are processed for the period necessary to manage and settle the event.

After the expiration of the aforementioned periods, the Association will destroy personal data, except when the storage of said data is required by applicable laws. The Association may also store data for the following needs:

  • Claim enforcement, fulfilling obligations arising from legal provisions, especially tax and accounting obligations,
  • Abuse and fraud prevention,
  • Crime prevention,
  • Statistical and archival purposes.

 

  1. No Profiling

The Administrator does not process personal data in an automated manner (including profiling).

 

COOKIE FILES

The Association makes every effort to make the use of the website user-friendly. The website uses cookie files to provide its users with access to specific features and to gather information regarding site visits. Cookie files store information about user activity on the device’s memory while using the website.

What are Cookie Files?

Cookie files are short text-based pieces of information, stored on the device used by the user while browsing websites and other similar technologies used to collect information about user activity online.

Cookie files usually contain the name of the website that stored them, the maximum time they are stored in the device’s memory, and a unique identification number. Cookie files are not used to identify users or determine their identity. They are primarily used so that users can fully utilize this website. “Cookies” are also used by the Administrator for analytical and marketing purposes to make the website even more useful and functional.

 

What are Cookie Files Used For?

Cookie files are used by websites to automatically recognize a user by the server, enabling the tailoring of displayed web pages to their preferences and needs, as well as optimizing the use of websites. They can be read by us (“first-party cookies”), which I use to ensure the proper functioning of this site, and by systems belonging to other entities whose services I use (“third-party cookies”).

The Administrator uses cookie files for the following purposes:

  • Recognizing a user who has previously visited the website,
  • Adapting the content and material on the website to the user’s preferences and optimizing the utility of the website,
  • Remembering settings and options chosen by the user, and history of pages visited on the website to recommend content,
  • Implementing processes necessary for the proper functioning of all the features on the website,
  • Ensuring the reliability of the website and the security of processed data,
  • Correct configuration of selected website features, particularly those responsible for verifying browser session authenticity,
  • Collecting anonymous statistics via analytical tools,
  • Exchanging information with external web services providing enriching services to the website.

Managing, Deleting, and Blocking Cookie Files

During the first visit to the website, information about the use of cookie files is displayed. At that point, the user can express consent and select which cookies are allowed.

When the user visits the website again, the site will recognize their device, which had previously visited the site, hence it may read the parameters of already stored cookie files, thus “cookies” facilitate the use of previously visited websites and other purposes as further specified in this policy.

However, users can change browser settings at any time to block the automatic handling of cookie files or to be informed each time cookies are stored in the device’s memory. Users can also delete all existing cookie files at any time. Information about how to change the default cookie settings and how to delete them is available in the browser’s help files and on the website of its publisher. More information about cookie files can be found in the “Help” section in the browser’s menu.