I consent to the processing of personal data provided in the contact form. The data will be processed solely for the purpose of responding via the provided phone number or email address. The data controller is the Maritime University of Gdynia Ltd., Morska Street 81-87, 81-225 Gdynia, NIP: 5860012873. This consent can be revoked at any time by sending a relevant withdrawal to the address biuro@swfis.umg.edu.pl
§1 Definitions Service - the "domain_name_rooms_UM.pl" online service operating at www.domain_name_rooms_UM.pl External Service - websites of partners, service providers, or clients cooperating with the Administrator. Service/Data Administrator - The Administrator of the Service and the Data Administrator (hereinafter referred to as the Administrator) is the Maritime University of Gdynia Ltd., Morska Street 81-87, 81-225 Gdynia, NIP: 5860012873. User - a natural person for whom the Administrator provides services electronically via the Service. Device - an electronic device along with software through which the User accesses the Service. Cookies - text data collected in the form of files placed on the User's Device. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Personal Data - means information about an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Processing - means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction. Restriction of Processing - means the marking of stored personal data with the aim of limiting its processing in the future. Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. Consent - the data subject's voluntary, specific, informed, and unambiguous indication of their wishes by which they, through a statement or a clear affirmative action, signify agreement to the processing of personal data relating to them. Personal Data Breach - means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed. Pseudonymization - means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person. Anonymization - Data anonymization is an irreversible process of operations on data that destroys or overwrites "personal data," preventing identification or linking the record to a specific user or natural person. §2 Data Protection Officer Based on Article 37 of the GDPR, the Administrator has not appointed a Data Protection Officer. For matters related to data processing, including personal data, please contact the Administrator directly. §3 Types of Cookies Internal Cookies - files placed and read from the User's Device by the Service’s IT system. External Cookies - files placed and read from the User's Device by IT systems of External Services. The scripts of External Services, which may place Cookies on the User's Device, have been deliberately placed in the Service through scripts and services made available and installed in the Service. Session Cookies - files placed and read from the User's Device by the Service during a single session of the given Device. After the session ends, the files are deleted from the User's Device. Persistent Cookies - files placed and read from the User's Device by the Service until they are manually deleted. These files are not deleted automatically after the session ends unless the User's Device configuration is set to delete Cookies after the session ends. §4 Data Storage Security Mechanisms for storing and reading Cookies - The mechanisms for storing, reading, and exchanging data between Cookies stored on the User's Device and the Service are implemented through built-in mechanisms of web browsers and do not allow for the retrieval of other data from the User's Device or data from other websites visited by the User, including personal data or confidential information. Transferring viruses, trojan horses, and other worms to the User's Device is also practically impossible. Internal Cookies - The Cookies used by the Administrator are safe for Users' Devices and do not contain scripts, content, or information that could endanger the security of personal data or the security of the Device used by the User. External Cookies - The Administrator takes all possible measures to verify and select service partners in the context of User security. The Administrator selects well-known, large partners with global social trust. However, the Administrator does not have full control over the content of Cookies originating from external partners. The Administrator is not responsible for the security of Cookies, their content, or their lawful use by Scripts from External Services installed in the Service, to the extent permitted by law. A list of partners is provided in the further part of the Privacy Policy. Cookie Control The User can, at any time, independently change the settings regarding the storage, deletion, and access to data stored by Cookies for each website. Information on how to disable Cookies in the most popular desktop browsers is available on the page: how to disable cookies or from one of the indicated providers.Managing cookies in the Chrome browserManaging cookies in the Opera browserManaging cookies in the FireFox browserManaging cookies in the Edge browserManaging cookies in SafariManaging cookies in Internet Explorer 11The User can delete all previously saved Cookie files at any time using the tools available on the User’s Device, through which they access the Service. Risks on the User's Side The Administrator uses all possible technical measures to ensure the security of data stored in Cookies. However, it should be noted that the security of this data depends on both parties, including the User's actions. The Administrator is not responsible for the interception of this data, session hijacking, or data deletion resulting from the conscious or unconscious actions of the User, viruses, trojan horses, or other spyware that the User's Device may be or may have been infected with. To protect against these risks, Users should follow the rules of safe internet usage. Personal Data Storage The Administrator ensures that every effort is made to keep the voluntarily provided personal data of Users secure, with restricted access, and processed in accordance with the purpose for which it was collected. The Administrator also makes every effort to protect the stored data from loss through appropriate physical and organizational security measures. §5 Purposes of Cookie Usage - To improve and facilitate access to the Service - To personalize the Service for Users - To maintain statistics (users, visit counts, types of devices, connections, etc.) §6 Purposes of Personal Data Processing Personal data voluntarily provided by Users is processed for one of the following purposes: - Provision of electronic services - Communication between the Administrator and Users regarding the Service and data protection - Ensuring the legitimate interest of the Administrator Anonymous and automatically collected User data is processed for the following purposes: - Maintaining statistics - Ensuring the legitimate interest of the Administrator §7 External Service Cookies The Administrator uses JavaScript scripts and web components from partners in the Service, who may place their own Cookies on the User's Device. Remember, you can control the allowed Cookies used by specific websites in your browser settings. Below is a list of partners or their services implemented in the Service, which may place Cookies: - Statistics tracking: Google AnalyticsServices Provided by Third Parties The services provided by third parties are beyond the Administrator's control. These parties may change their terms of service, privacy policies, data processing purposes, and ways of using cookies at any time. §8 Types of Collected Data The Service collects data about Users. Some data is collected automatically and anonymously, while other data consists of personal information voluntarily provided by Users when signing up for various services offered by the Service. Anonymously Collected Data:- IP Address - Browser Type - Screen Resolution - Approximate Location - Pages Viewed on the Service - Time Spent on Each Page of the Service - Operating System Type - Previous Page Address - Referring Page Address - Browser Language - Internet Connection Speed - Internet Service Provider Data Collected During Registration:- First Name / Last Name / Username - Email Address - IP Address (collected automatically) Data Collected When Subscribing to the Newsletter:- Email Address Some data (without identifying information) may be stored in cookies. Some data (without identifying information) may be transferred to statistical service providers. §9 Access to Personal Data by Third Parties As a rule, the only recipient of the personal data provided by Users is the Administrator. Data collected through the services provided are not transferred or sold to third parties. Access to data (usually based on a Data Processing Agreement) may be granted to entities responsible for maintaining the infrastructure and services necessary for running the Service, such as: §10 Processing of Personal Data Personal Data Voluntarily Provided by Users:- Personal data will not be transferred outside the European Union, unless published due to an individual action by the User (e.g., posting a comment or entry), which would make the data accessible to anyone visiting the Service. - Personal data will not be used for automated decision-making (profiling). - Personal data will not be sold to third parties. Anonymous Data (Without Personal Information) Collected Automatically:- Anonymous data (without personal information) will be transferred outside the European Union. - Anonymous data (without personal information) will not be used for automated decision-making (profiling). - Anonymous data (without personal information) will not be sold to third parties. §11 Legal Basis for Processing Personal Data The Service collects and processes User data based on: - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation): - Article 6(1)(a) - the data subject has given consent to the processing of their personal data for one or more specific purposes. - Article 6(1)(b) - processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract. - Article 6(1)(f) - processing is necessary for the purposes of the legitimate interests pursued by the Administrator or by a third party. - Act of May 10, 2018, on the protection of personal data (Journal of Laws 2018, item 1000) - Act of July 16, 2004, Telecommunications Law (Journal of Laws 2004, No. 171, item 1800) - Act of February 4, 1994, on copyright and related rights (Journal of Laws 1994, No. 24, item 83) §12 Period of Personal Data Processing Personal Data Voluntarily Provided by Users:In principle, personal data is stored only for the duration of the Service's provision by the Administrator. It is deleted or anonymized within 30 days after the service ends (e.g., deletion of a registered user account, unsubscribing from the Newsletter, etc.). An exception is when there is a need to safeguard the Administrator's legitimate interests. In such a case, the Administrator will store the data for no longer than three years from the time of the User's request for deletion if there has been a violation or suspected violation of the Service's regulations by the User. Anonymous Data (Without Personal Information) Collected Automatically:Anonymous statistical data, which does not constitute personal data, is stored by the Administrator for statistical purposes for an indefinite period. §13 User Rights Related to Personal Data Processing The Service collects and processes Users' data based on the following rights: - Right of Access to Personal Data: Users have the right to access their personal data by submitting a request to the Administrator. - Right to Rectify Personal Data: Users have the right to request the Administrator to promptly correct any inaccurate personal data and/or complete any incomplete personal data by submitting a request. - Right to Erasure of Personal Data: Users have the right to request the Administrator to promptly erase their personal data by submitting a request. In the case of user accounts, the deletion process involves anonymizing data that identifies the User. The Administrator reserves the right to delay fulfilling the erasure request to protect the Administrator's legitimate interest (e.g., if the User has violated the Terms of Service or data has been obtained through correspondence). For the Newsletter service, Users can delete their personal data independently by clicking the link included in every email message. - Right to Restrict the Processing of Personal Data: Users have the right to restrict the processing of their personal data in cases specified in Article 18 of the GDPR, such as challenging the accuracy of personal data, by submitting a request to the Administrator. - Right to Data Portability: Users have the right to obtain their personal data from the Administrator in a structured, commonly used, and machine-readable format by submitting a request. - Right to Object to the Processing of Personal Data: Users have the right to object to the processing of their personal data in cases specified in Article 21 of the GDPR by submitting a request to the Administrator. - Right to Lodge a Complaint: Users have the right to lodge a complaint with the supervisory authority responsible for personal data protection. §14 Contact with the Administrator Users can contact the Administrator in one of the following ways: - Email Address: biuro@swfis.umg.edu.pl §15 Service Requirements Limiting the storage and access to Cookies on the User's Device may cause certain functions of the Service to malfunction. The Administrator is not responsible for any malfunctioning features of the Service if the User restricts the ability to store and read Cookies in any way. §16 External Links The Service, including articles, posts, entries, or User comments, may contain links to external websites with which the Service Owner does not cooperate. These links, as well as the websites or files they direct to, may be harmful to your Device or pose a security risk to your data. The Administrator is not responsible for the content found outside the Service. §17 Changes to the Privacy Policy The Administrator reserves the right to make any changes to this Privacy Policy without notifying Users regarding the use and application of anonymous data or Cookies. The Administrator reserves the right to make changes to this Privacy Policy regarding the processing of Personal Data, of which Users with accounts or those subscribed to the newsletter will be notified via email within 7 days of the changes. Continued use of the services implies acknowledgment and acceptance of the changes to the Privacy Policy. If a User disagrees with the changes, they are required to delete their account from the Service or unsubscribe from the Newsletter. The changes to the Privacy Policy will be published on this subpage of the Service. The changes take effect immediately upon publication.