Cookie policy
  1. The website does not automatically collect any information except that contained in cookies.
  2. Cookies are computer data, in particular text files, which are stored on the user’s end device and are intended for use on the website. Cookies usually contain the name of the website from which they come, the time of storage on the end devices, and a unique number.
  3. The entity placing cookie files on the website user’s end device and accessing them is the website operator – Polish Academy of Sciences, Department of Auxiliary Activities with its registered seat at ul. Nowy Świat 72, 00-330 Warsaw.
  4. Cookies are used for:
    1. adjusting the content of the website to the user’s preferences and optimizing the use of websites, in particular these files allow for recognition of the website user’s device and appropriate display of the website, tailored to the user’s individual needs;
    2. creating statistics, which help to understand how users of the website use the websites, which allows to improve their structure and content;
    3. maintaining the session of the website user (after logging in), thanks to which the user does not have to re-enter login and password on each subpage of the website.
  5. The website uses two main types of cookies: session cookies and persistent (persistent cookies. Session cookies are temporary files that are stored in the user’s end device until the user logs out, leaves the website or switches off software (web browser). Persistent cookies are stored in the end user device for the time specified in the parameters of cookies or until they are deleted by the user.
  6. The website uses the following types of cookies:
    1. “indispensable” cookies that make it possible to use the services available on the website, such as authentication cookies used for services that require authentication on the website;
    2. cookies used to ensure security, such as those used to detect abuse of authentication within the site;
    3. “performance” cookies, which allow the collection of information about the use of the website;
    4. “functional” cookies, which enable “remembering” the user’s selected settings and personalizing the user’s interface, e.g. with regard to the selected language or region of the user’s origin, font size, website layout, etc.
  7. In many cases, the software used to browse the Internet (web browser) allows the storage of cookies on the user’s end device by default. Website users can change their cookie settings at any time. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the settings of the web browser or inform on their placement on the device of the website user each time. Detailed information on the possibility and methods of using cookies is available in the software (web browser) settings.
  8. The website operator informs that restricting the use of cookies may affect some of the functionality available on the website.
  9. Cookie files placed on the website user’s end device can also be used by the advertisers and partners cooperating with the website operator.
  10. More information about cookies is available at wszystkoociasteczkach.pl or in the “Help” section of the web browser menu.
Privacy Policy of palacstaszica.pl

This Policy is addressed to the users of the https://palacstaszica.pan.pl website [hereinafter referred to as the Website]. The Policy describes the principles of collecting and using data of the Website users, which are collected directly from them or through cookies and similar technologies.

  1. The Personal Data Controller is the Polish Academy of Sciences in Warsaw, ul. Nowy Świat 72, 00-330 Warsaw, represented by its Director (hereinafter referred to as the “Controller”).

In matters related to the processing of the User’s data by the Controller, the User can contact using the above address details, or the Controller’s designated Data Protection Officer at the e-mail address: iod@pan.pl

  1. The Controller operates the website https://palacstaszica.pan.pl .
  2. The Website User (hereinafter referred to as the “User”) agrees to the processing of the User’s personal data by the Controller on the terms set forth in this Privacy Policy.
  3. All statements, inquiries and information regarding personal data may be submitted to the Controller via:
    1. email to akademia@pan.pl;
    2. in writing to the Controller’s registered address.
  1. The User’s personal data are processed on the basis of Article 6 and other provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the “GDPR”).
  2. The User’s personal data are processed for the purpose of:
    1. responding to inquiries sent by the User via the contact form or e-mail and for further contact with the User;
    2. performing the concluded contracts for the provision of room rental services.
  1. User data is also processed in order to perform contracts to which the User is a party, or to take other actions at the request of the User prior to entering into a contract.
  2. User data shall also be processed where it is necessary for purposes resulting from legitimate interests pursued by the Controller or by a third party (except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data), including in particular:
    1. making tax settlements in accordance with Polish tax law;
    2. maintaining accounting records in accordance with the Accounting Act and other applicable provisions of Polish law;
    3. enforcing collection of receivables in accordance with the Civil Code and other applicable provisions of Polish law.
  1. The Controller processes the following categories of User data:
    1. full name;
    2. e-mail address;
    3. phone number;
    4. mailing address;
  1. Recipients of the User’s personal data may be:
    1. Employees, contractors, subcontractors and other persons employed by or working with the Controller;
    2. Accounting firms that work with the Controller;
    3. Law firms that cooperate with the Controller;
    4. Entities that provide IT services to the Controller, including but not limited to website hosting and email services;
    5. Entities that provide marketing services to the Controller;
    6. Entities involved in making settlements, including invoice system providers and banks;
    7. Postal and courier service providers.
  1. The User’s personal data may be transferred to third countries, but only under the principles described in Article 46 of the GDPR, i.e. on condition that the recipient provides appropriate safety measures. In any case, the User is entitled to receive a copy of the data concerning the User.
  2. The User’s personal data will be stored for the period necessary to fulfill the purposes of the data processing, i.e. for:
    1. the period for which communications with the User are maintained, including, in particular, the period necessary to present the offer and provide the User with any requested information;
    2. the period necessary for the proper performance of the agreements concluded with the User;
    3. the period necessary for tax settlements relating to the User and the period required by law to retain records relating to tax settlements;
    4. the legally required retention period for accounting records;
    5. the period necessary to carry out the enforcement of collection of the Controller’s receivables.

The User’s personal data will be permanently deleted when all of the above periods end.

  1. The User has the right:
    1. to obtain confirmation from the Controller as to whether or not personal data concerning the User are being processed;
    2. To receive a copy of the processed data;
    3. To obtain from the Controller any information within the scope of this Privacy Policy.
  1. The User has the right to request the Controller to promptly rectify any personal data concerning the User that are inaccurate. Taking into account the purposes of the processing, the User has the right to request the completion of incomplete personal data, including by providing an additional statement.
  2. The User has the right to request that the Controller immediately delete personal data concerning the User, and the Controller is obligated to delete the personal data without undue delay (subject to exceptions provided by law) if any of the following circumstances apply:
    1. The personal data are no longer necessary for the purposes for which it was collected or otherwise processed;
    2. The User has withdrawn the consent on which processing is based and there is no other legal basis for processing;
    3. The User files an objection referred to in Section 18;
    4. The personal data were processed unlawfully;
    5. The personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
    6. The personal data were collected in connection with the offering of information society services directly to a child, based on the consent of the child or the child’s parent (guardian).
  1. The User has the right to request that the Controller restrict processing in the following cases:
    1. When the User questions the correctness of the personal data – for a period allowing the Controller to check the correctness of the data;
    2. When the processing is unlawful and the User objects to the erasure of the personal data, requesting instead that its use be restricted;
    3. When the Controller no longer needs the personal data for the purposes of the processing, but they are needed by the User to establish, assert or defend claims;
    4. When the User raises an objection referred to in section 18 – until it is determined whether the legitimate grounds on the part of the Controller override the grounds of the data subject’s objection.
  1. The User has the right to receive in a structured, commonly used, machine-readable format the personal data concerning the User that the User provided to the Controller, and the User has the right to transmit those personal data to another controller without hindrance from the Controller to whom the User provided the personal data.

When exercising the right to data portability, the User has the right to request that the personal data be sent by the Controller directly to another controller, if technically possible.

  1. The User has the right to object at any time, on grounds relating to the User’s particular situation, to the processing of personal data concerning the User based on legitimate interests pursued by the Controller or by a third party. The Controller shall no longer be permitted to process such personal data unless the User demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defense of claims.
  2. The User may withdraw their consent to data processing at any time. However, please note that:
    1. Withdrawal of consent does not affect the lawfulness of the processing carried out before the withdrawal of consent;
    2. Despite the withdrawal of consent, the Controller is still entitled to process the data to the extent indicated in section 7-8 and to the extent necessary for the performance of the concluded agreements.
  1. The User has the right to lodge a complaint with a supervisory authority, in particular in the Member State of the User’s habitual residence, place of work or the place where the alleged infringement occurred, if the User believes that the processing of personal data concerning the User violates the provisions of the GDPR.
  2. The Website allows the collection of user information through cookies and similar technologies, the use of which usually involves the installation of this tool on the user’s device (computer, smartphone, etc.). This information is used to remember user decisions (font selection, contrast, policy acceptance), to maintain user sessions (e.g. after logging in), to remember passwords (with consent), to collect information about the user’s device and the User’s visit for security purposes, but also to analyze visits and to customize content.

Information obtained through cookies and similar technologies are not combined with other data of Website users and are not used to identify them by the Controller. Find out more about the cookies policy here. address indicated in section 1.

General information clause on personal data processing of the POLISH ACADEMY OF SCIENCES – Department of Auxiliary Activities in Warsaw

Due to the implementation of the requirements of Article 13 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – General Data Protection Regulation (hereinafter referred to as the “GPPR”), we would like to inform you about the principles of personal data processing and your rights in connection with the processing of personal data by the Polish Academy of Sciences – Department of Auxiliary Activities. The following rules apply as of 25 May 2018.

  1. The Controller of your personal data is the Polish Academy of Sciences in Warsaw, ul. Nowy Świat 72, 00-330 Warsaw, Poland (hereinafter: the Controller).
  2. The Controller has appointed a Data Protection Officer who may be contacted at the following email address: ………………………………………………………………
  3. The Controller processes your personal data under ongoing contracts, on the basis of applicable laws, the Controller’s legitimate interests, and on the basis of the consent you have given.
  4. Your personal data is processed for:
    • Purposes of execution of concluded contracts, based on the provisions of Article 6(1)(b) of the GDPR;
    • Purposes of fulfillment of legal obligations incumbent on the Controller (e.g. implementation of tax law), based on the provisions of Article 6(1)(c) of the GDPR;
    • Purposes resulting from legitimate interests pursued by the Controller or by a third party, related to marketing and information activities and activities undertaken to protect the Controller’s or third party’s interests, based on the provisions of Article 6(1)(f) of the GDPR;
    • Purposes necessary to protect the vital interests of the data subject or another natural person, based on the provisions of Article 6(1)(d) of the GDPR;
    • Other purposes, only on the basis of your previously given consent, based on the provisions of Article 6(1)(a) of the GDPR, to the extent and for the purpose specified in the content of your consent.
  5. In connection with the processing of data for the purpose(s) referred to in section 3, recipients of your personal data may be:
      • public authorities and entities performing public tasks or acting on behalf of public authorities, to the extent and for the purposes arising from the provisions of generally applicable law;
      • other authorized bodies and entities,
      • entities performing tasks and services for the Controller.
  6. Your personal data will be stored for the period necessary to fulfill the purposes specified in section 3, and after that time in the extent and for the period necessary or required by generally applicable law or resulting from the legitimate interests of the Controller.
  7. In connection with the processing of personal data by the Controller, you have the following rights:
    • the right to have access to personal data, including the right to obtain a copy of such data;
    • the right to request rectification (amendment) of personal data – in case the data is incorrect or incomplete;
    • the right to request erasure of your personal data (the so-called right to be forgotten), where:
      • the data are no longer necessary for the purposes for which they were processed;
      • the data subject has objected to the processing of personal data;
      • the data subject has withdrawn consent to the processing of personal data, which is the basis for the processing and there is no other legal basis for the processing;
      • personal data are processed unlawfully;
      • personal data must be deleted in order to comply with a legal obligation.
    • The right to request restriction of processing of personal data – where:
      • the data subject disputes the accuracy of the personal data;
      • the processing is unlawful and the data subject objects to the erasure of the data, requesting instead that the data be restricted;
      • the Controller no longer needs the data for its own purposes, but the data subject needs the data to establish, defend or assert a claim;
      • the data subject has objected to the processing, until such time as it is established that the legitimate grounds on the part of the controller override the grounds for the objection.
    • the right to data portability – if the following conditions are jointly met:
      • the processing is based on a contract concluded with the data subject or on the basis of consent given by the data subject;
      • the processing is done by automated means.
    • The right to object to data processing – where the following grounds are jointly met:
      • there are reasons connected with your particular situation, in the case of data processing based on a task carried out in the public interest or in the exercise of public authority by the Controller;
      • the processing is necessary for the purposes of legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
  8. In case of obtaining information about unlawful processing of your personal data by the Controller, you have the right to lodge a complaint with the President of the Office for Personal Data Protection (PUODO).
  9. In a situation where the processing of personal data takes place on the basis of the consent of the data subject (Article 6(1)(a) of the GPDR), the provision of personal data by you to the Controller is voluntary, and the withdrawal of consent for the processing may take place at any time, which does not affect the lawfulness of the personal data processing performed before its withdrawal. Withdrawal of consent will prevent the Controller from taking certain actions on your behalf.
  10. Provision of data is mandatory in a situation where the prerequisite for the processing of personal data is provided by law or a contract concluded between the parties.
  11. Your data may be processed by traditional and automated means, but will not be subject to profiling.
  12. Detailed information regarding the processing of personal data will be published on the website available at: http://www.zdp.pan.pl, https://palacstaszica.pan.pl
  13. You can contact the Controller by sending correspondence to the address indicated in section 1.