We use cookies to personalise content and advertising to offer social media features and analyse traffic on our website. We share information about how you use our website with social media, advertising and analytics partners. Partners may combine this information with other data received from you or obtained when you use their services.

 

Cookie settings

Technical cookies - files of key significance that enable users to navigate the website and use its functionalities, such as accessing secure areas on the website.

Cookie

Duration

Description

cookielawinfo-checkbox-analytics

1 year

This cookie is set by the GDPR Cookie Consent plug-in. The cookie is used to store the user`s consent to cookies in the `Analytics` category.

cookielawinfo-checkbox-functional

1 year

The cookie is set by the GDPR cookie consent to record the user`s consent to cookies in the `Functional` category.

cookielawinfo-checkbox-necessary

1 year

This cookie is set by the GDPR Cookie Consent plug-in. The cookies are used to store the user`s consent to cookies in the `Necessary` category.

cookielawinfo-checkbox-others

1 year

This cookie is set by the GDPR Cookie Consent plug-in. The cookie is used to store the user`s consent to cookies in the `Others` category.

cookielawinfo-checkbox-performance

1 year

This cookie is set by the GDPR Cookie Consent plug-in. The cookie is used to store the user`s consent to cookies in the `Performance` category

viewed_cookie_policy

1 year

The cookie is set by the GDPR Cookie Consent plug-in and is used to store information on whether the user has consented to the use of cookies. It does not store any personal data.

 

Functional

Functional cookies - record the choices made by users (such as user name, language, or region where users are located).

Cookie

Duration

Description

_ga

2 years

It records a unique ID that is used to generate statistical data on how the user uses the website.

_gid

24 hours

It is used to group a set of user interactions to define a session, thanks to a randomly generated identifier (combination of a timestamp and a random number).

yt.innertube

persistent

It records a unique ID and keeps statistics on the You Tube videos the user has seen.

 

Performance

Performance cookies - collect information about how users use the Website and which parts of the Website they visit the most often.

Cookie

Duration

Description

yt-player-bandwidth

persistent

It is used to determine the optimum video quality based on the device settings and user`s window.

yt-player-headers-readable

persistent

It is used to determine the optimum video quality based on the device settings and user`s window.

 

 

 

 

Privacy and data protection policy
for the data processed in connection with the provision of services by ILS PAN via websites under the inp.pan.pl  domain

  1. The controller of the personal data collected via the services provided through the website is the Institute of Law Studies of the Polish Academy of Sciences (ILS PAS), with its registered office in Warsaw (00-330) at 72 Nowy Świat Street, TIN: 525-000-93-93. Contact details: e-mail: inp@inp.pan.pl;tel. +48 22 826-75-71.
  2. The Data Protection Officer can be contacted by sending an e-mail to iod@inp.pan.pl,or a letter to the Institute`s postal address with the `DPO` note.

Basic information

  1. When providing services via the website, the Controller collects personal data of persons submitted via forms and also collects data automatically contained in system logs and cookies.
  2. In the course of the provision of services via the website, the Controller processes such personal data as identification data (e.g. first name, surname), contact details (e.g. telephone number, e-mail address, residential address), data on enquiries, orders and complaints, data on research and development activities, data on publications, data on place of employment; in the case of business entities, also the company name and TIN number and details of the contact person (position).
  3. Where data is collected in connection with the fulfilment of legal obligations, only the data required by the relevant legislation is processed.
  4. The provision of personal data by users of the ILS PAS website is voluntary but often necessary in order to make use of the services offered through the website.
  5. Contact forms collecting personal data as part of the services provided through the website are intended for adults. The Controller does not knowingly process personal data of persons under the age of 16. The consents granted by persons are valid for persons over 16 years of age.
  1. The data acquired in connection with the provision of services via the website is contained in system logs and cookies or using other similar Internet technologies.
  2. Cookies - IT data (usually in the form of text files) stored on users` terminal devices and intended for the use of websites.
  3. Cookies have the following functionality:
    1. they allow recognising the user`s device and display the content of websites optimised to the user`s individual preferences accordingly;
    2. they store in memory the last operations performed by the user;
    3. they are used to create anonymous statistics that help understand how the user uses websites, which enables improving their quality and functionality.
  4. Cookies are not used to identify the user, and only identify the device.
  5. Cookies usually contain the name of the website from which they originate, the duration of their storage on the end device, and a unique number.
  6. Data is collected in an automated manner by the websites in the inp.pan.co.pl domain using the Google Analytics tool and by cookies.
  7. The websites in the inp.pan.pl domain use two main types of cookies: session cookies (stored on the recipient`s device only for the duration of the recipient`s visit to the website or until the browser is switched off) and persistent cookies (stored on the user`s terminal device for the time specified in the parameters of the cookies or until they are deleted by the user).
  8. The website uses the following types of cookies:
    1. essential cookies, which enable the use of the services provided through the website, e.g. authentication cookies;
    2. secure cookies, which are used to detect authentication fraud;
    3. performance cookies, which allow information on usage to be collected;
    4. functional cookies, which enable remembering the settings selected by the user and personalising the user interface, e.g. with regard to the user`s language or region, the font size, the appearance of the website, etc.
  9. Web browsers can allow cookies to be stored on the user`s terminal device by default. Users can make changes to their cookie settings at any time, in particular in such a way as to block cookies automatically or to inform about them each time they are placed on the terminal device. Detailed information about the possibilities and ways of using cookies are available in the settings section of your browser.
  10. The cookies we create do not contain personal data.
  11. By default, the software used for browsing websites permits cookies to be placed on the device. These settings can be changed so as to block the automatic use of cookies in the browser settings or to inform the user each time they are sent to the device.
  12. Detailed information about the possibility and methods of using cookies is available in the software (web browser) settings.
  13. Restricting the use of cookies may affect some of the functionalities available on the website or prevent the use of the website altogether.

Data processing

  1. ILS PAN processes personal data only for specific, explicit and legitimate purposes. Each time, the Controller informs the users about the purpose and legal basis of the processing of their personal data by a separate message designed specifically for the individual services provided via the ILS PAS website.
  2. When processing the personal data of the users of the services provided through the website, the Controller exercises due care to ensure that the data are processed in manner that is secure, lawful and transparent for the data subject.
  3. When processing data, the Controller is guided by the following principles:
    1. personal data are collected only to the minimum extent necessary to fulfil the purposes for which they are collected;
    2. the purposes for which personal data are collected are clearly defined and are based on legislation or statutory activities;
    3. the retention of personal data is limited to the period necessary for the purposes for which they are collected, unless there are legal grounds to extend the retention period;
    4. personal data are protected against accidental loss, unauthorised access, accidental alteration and other unlawful forms of processing;
    5. personal data are not shared with other entities;
    6. the protection of individuals in relation to the processing of their personal data is one of the fundamental rights of every person, and therefore the processing of data is carried out with due care for the respect of the privacy of the individuals whose data is being processed, regardless of whether the data was obtained directly from the data subject or from other sources (i.e. from organisational units of the ILS PAS in connection with their statutory tasks);
    7. the appropriate security of the data is ensured at each stage of the processing in terms of appropriate technical and organisational measures to protect personal data against unlawful or unauthorised access or use as well as against accidental destruction, loss or compromise of the integrity of the data. As part of ensuring the security of the personal data processed, the ILS PAS is committed to the following principles:
      1. confidentiality, i.e. the protection of data against accidental disclosure to third parties;
      2. integrity, i.e. the protection of data against unauthorised modification;
      3. accessibility, i.e. ensuring that authorised persons have access to the data if needed.

The personal data that people provide on our pages is encrypted and protected by an SSL certificate.

  1. The data subject`s consent given pursuant to Article 6(1)(a) of the GDPR can be expressed by a declaration of will directly or by performing an action confirming such consent, i.e. ticking a checkbox. Once the consent has been given, a person may withdraw his or her consent at any time in the manner indicated in the personal data processing notice for the specific service. The consent provides a legal basis, among other cases, where users:
    1. request contact via contact forms;
    2. subscribe to a newsletter;
    3. order books.
  2. The legal basis in the form of a contract or activities aimed at concluding a contract applies, among other situations, when the Controller processes personal data as part of the services provided by the ILS PAN website, such as the processing of postgraduate or doctoral studies, or doctoral seminars, as well as registration of candidates.
  3. Based on the premise of the fulfilment of a legal obligation (Article 6(1)(c) of the GDPR), we process personal data for archiving purposes, which stems from the Act of 14 July 1983 on the national archival resource and archives - on the basis of these provisions, a public entity is obliged to archive, in accordance with the adopted clerical instructions, the documents within which it processes personal data.
  4. On the basis of the premise of legitimate interests (Article 6(1)(f) of the GDPR), the ILS PAN processes personal data for, among others, the following purposes:
    1. analytics and statistics, to ensure high quality of the handling process optimisation services. In this case, the result of the processing is aggregated data;
    2. in connection with the provision of the services provided electronically, in order to ensure their security;
    3. exercising the data subjects` rights, in particular the right to data accuracy, the right to withdraw consent and the retention of requests and evidence of their handling;
    4. ensuring data security, in particular data integrity, accuracy and currency.
  1. The Controller ensures that the personal data of persons using the services provided through the pages in the inp.pan.pl domain are up-to-date and correct, responding promptly to each request for rectification or updating of the data, unless the relevant legislation provides otherwise in this respect.
  2. The Controller implements the right of persons to access and correct their personal data, unless the relevant legislation provides otherwise in this respect,
  3. Where applicable, the Controller also implements, as appropriate, the rights of persons to the erasure of their personal data, withdrawal of their consent, restriction of processing, data portability, the right to object to data processing and the right not to be subject to a decision based solely on automated data processing.
  1. Only authorised employees of the Institute may have access to personal data obtained in connection with the provision of services by the ILS PAN via the websites.
  2. Personal data may also be made available to other recipients who are processors - providing services at the request of and on behalf of the ILS PAS, to whom activities requiring data processing have been commissioned, in particular in the field of IT services and archiving.
  3. The data obtained via a website is stored for the time necessary to fulfil the purposes for which they were collected, unless otherwise provided by law.
  4. In the case of data processing based on consent, the data will be stored for the duration of the consent or until the consent is revoked.
  5. The basic retention periods for the different services are the following:
    1. subscription to a newsletter - until the user unsubscribes;
    2. sending correspondence on a matter via the contact form - until the user objects, withdraws his or her consent or the purpose of the processing has ceased, as appropriate, but no longer than the period indicated in the Subject File Index;
    3. provision of electronic services or in connection with concluded contracts - for the duration of the contract, but not beyond the expiry of the limitation period for claims;
    4. processing in connection with the performance of a task in the public interest - until the purpose of the processing has ceased or an objection relating to the particular situation of the data subject has been lodged, unless there are compelling grounds for further processing;
    5. data processing for purposes based on legitimate interest - for the duration of the validity of these purposes or until an objection is lodged, in any event no longer than 5 years, unless there is a need to keep the data for longer, where such an obligation arises under the law, or it is necessary for the establishment, defence or assertion of claims.

Rights of data subjects

  1. Users whose personal data are processed as part of the services provided through the ILS PAS websites, subject to the exceptions provided by law, have the right to:
    1. withdraw their consent to the processing of personal data at any time, if their consent is the legal basis for the processing;
    2. access the data, i.e. a person has the right to receive confirmation from the Controller as to whether his or her personal data are being processed by the ILS PAN, for what purpose, in what way and for how long;
    3. rectify outdated or inaccurate personal data, and to have it completed if it is incomplete;
    4. object to the processing of the personal data if the ILS PAS processes personal data on the basis of a legitimate interest (e.g. analytical, statistical, evidential or archiving purposes). Then, in the event of an objection, the Controller will cease processing unless the Controller can demonstrate the existence of compelling legitimate grounds for the processing which objectively should override the interests of the data subject or are necessary for the establishment, assertion or defence of claims (e.g. evidentiary purposes or the assertion of claims);
    5. erase the personal data (right to be forgotten) in accordance with Article 17 of the GDPR (respecting exceptions in particular for the purposes of establishing, pursuing or defending claims);
    6. restrict the processing of the personal data, which in practical terms may consist in temporarily blocking access to the data or transferring the data to another system;
    7. data portability, i.e. the data subject has the right to receive a copy of the personal data he or she has provided to us if the processing is based on his or her consent or on the basis of a contract, and in an automated manner;
    8. lodge a complaint to the supervisory authority, i.e. the President of the Office for the Protection of Personal Data, based in Warsaw at 2 Stawki Street.
  2. In the case of the processing of website users` data on the basis of a declaration of consent, withdrawal of consent results in the user no longer being able to use certain services, e.g. no longer receiving newsletters, information about conferences or the Institute`s educational offer. Irrespective of the above, the data may still be processed based on other legal grounds.
  1. Requests concerning the processed personal data (obligatorily including the first name and surname of the requesting person and his or her contact details; the website address with an indication of the service provided through it), including requests for the exercise of rights, must be sent by e-mail to www@inp.pan.pl or iod@inp.pan.pl, or by letter to the Institute`s postal address. In order to process some requests, the Controller may require additional information to confirm the requesting person`s identity.
  2. Responses to requests will be provided without undue delay, but no later than within 30 days counting from receipt of the request. This time limit may be extended due to the complexity of the request or the number of requests received by a further two months, of which the requesting person will be informed.

References

  1. This Policy is general in nature and presents the most important issues related to the processing of personal data.
  2. Detailed regulations can be found in the Security Policy of the ILS PAS, introduced by Order of the Director of the ILS PAS no. Dyr.021.12.2019 of 13 August 2019 and in the individual information clauses (e.g. user account registration, newsletter subscription submission and contact form submission).

If the user follows links from the ILS PAS website to other websites, social media sites or websites of cooperating entities, the user should consult the privacy and data protection policy of the third party`s website.