Privacy Policy
§ 1. General Information
1. This policy applies to the website operating under the URL: asbir.pl
2. The website operator and data controller is: STOWARZYSZENIE AKADEMICKA SIEĆ BEZPIECZEŃSTWA I RÓWNOŚCI, AL. MJR. WACŁAWA KOPISTO 2A, 35-959 RZESZÓW (hereinafter referred to as the “Operator”).
3. Operator’s contact email address: sekretarz@asbir.pl
4. The Operator is the Controller of your personal data provided voluntarily on the website.
5. The website uses personal data for the following purposes:
a. Managing the newsletter.
6. The website collects information about users and their behavior in the following ways:
a. Through data voluntarily provided in forms, which are entered into the Operator’s systems, if required.
b. By storing cookies on end-user devices.
§ 2. Selected Data Protection Methods Used by the Operator
1. Login and data input areas are protected at the transmission layer (SSL certificate). This ensures that personal data and login details entered on the website are encrypted on the user’s device and can only be read on the target server.
2. Personal data stored in the database is encrypted in such a way that only the Operator with the key can read it. This protects the data in case the database is stolen from the server.
3. User passwords are stored in a hashed form. The hashing function is one-way, meaning it cannot be reversed, which is a modern standard for storing user passwords.
4. Two-factor authentication is used in the service, providing an additional layer of security for logging in.
5. The Operator periodically changes administrative passwords.
6. To minimize the risk of unauthorized data access, the Operator uses complex passwords containing uppercase and lowercase letters, numbers, and special characters, with a minimum length of 8 characters.
§ 3. Hosting
1. The website is hosted (technically maintained) on the servers of SeoHost.pl (hereinafter referred to as the “Hosting Company”).
2. The Hosting Company maintains server logs to ensure technical reliability. Logged data may include:
a. Resources identified by URL (requested page or file addresses),
b. Time of request,
c. Time of response,
d. Client station name – identified via HTTP protocol,
e. Information about errors that occurred during the HTTP transaction,
f. URL of the previously visited page (referer link) – if the user was directed to the website via a link,
g. Information about the user’s browser,
h. IP address,
i. Diagnostic information related to the self-ordering process via forms on the website,
j. Information related to email correspondence sent to or from the Operator.
§ 4. Your Rights and Additional Information on Data Use
1. In certain situations, the Administrator may transfer your personal data to other recipients if necessary for contract performance or to fulfill legal obligations. This includes:
a. Authorized personnel, employees, and collaborators who must access the data to perform their duties,
b. The hosting company,
c. Companies handling email campaigns,
d. Companies handling SMS communications,
e. Companies collaborating with the Administrator on self-marketing,
f. Couriers,
g. Insurers,
h. Law firms and debt collectors,
i. Banks,
j. Payment operators,
k. Public authorities.
2. Your personal data will be processed no longer than necessary for activities defined by specific regulations (e.g., accounting). Marketing data will not be processed for more than three years.
3. You have the right to request from the Administrator:
a. Access to your personal data,
b. Correction,
c. Deletion,
d. Processing restriction,
e. Data portability.
4. You have the right to object to the processing described in § 3.2, including profiling for legitimate interests pursued by the Administrator, unless there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.
5. You have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa, Poland. However, it is recommended to notify lukasz.prus@novalex.pl first.
6. Providing personal data is voluntary but necessary to use the website.
7. Automated decisions, including profiling, may be made for the provision of services under a concluded contract or for the Administrator’s direct marketing.
8. Personal data is not transferred to third countries outside the EU.
§ 5. Information in Forms
1. The website collects information provided voluntarily by the user, including personal data, if provided.
2. The website may save information about connection parameters (time, IP address).
3. The website may save information to associate data from a form with the user’s email address, particularly if the user’s email appears within the form’s URL.
4. Data provided in forms is processed for purposes resulting from the specific form’s function, such as handling service requests or commercial contact, service registration, etc. Each form clearly explains its purpose.
§ 6. Administrator Logs
1. Information about user behavior on the website may be subject to logging. These data are used for website administration.
§ 7. Important Marketing Techniques
1. The Operator may use statistical analysis of website traffic via Google Analytics (Google Inc., USA). No personal data is shared with Google; only anonymized information is used. This service utilizes cookies stored on the user’s device. Users can manage their preferences through the tool: Google Ads Preferences.
2. Remarketing techniques may be employed to tailor ads to user behavior, though no personal data is transferred to advertising operators.
3. Facebook Pixel technology may be used, enabling Facebook to know that a registered user of the platform uses the website. The service relies on cookies and no additional personal data is shared by the Operator.
4. User behavior may be analyzed through heatmaps and session recordings, which are anonymized before being sent to the service operator.
5. Automation solutions may be used for targeted actions, such as sending an email after visiting a specific subpage, provided consent has been given.
6. Profiling may be applied under data protection regulations.
§ 8. Cookies Information
1. The website uses cookies.
2. Cookies are text files stored on the user’s device, used for website operations.
3. Cookies serve purposes such as maintaining user sessions and implementing marketing techniques outlined in § 7.
4. The website uses both session and persistent cookies.
5. Browser settings can be adjusted to manage cookies, including blocking or deleting them.
6. Third-party cookies may be used (e.g., Google, Facebook, X Corp).
§ 9. Managing Cookies
1. To manage cookies, follow instructions for your browser:
Mobile Devices: