Privacy Policy

Data Controller
University of Szczecin (US)
al. Papieża Jana Pawła II 22a, 70-453 Szczecin, Poland
E-mail: rektorat@usz.edu.pl

Data Protection Officer (DPO)
E-mail: iod@usz.edu.pl
Correspondence address: al. Papieża Jana Pawła II 31, 70-453 Szczecin, Poland

This Privacy Policy applies to all cases in which the University of Szczecin acts as the data controller and processes personal data. It covers both situations where the University of Szczecin processes personal data obtained directly from the data subject and cases where personal data are obtained from other sources. In both cases, the University of Szczecin fulfils its information obligations referred to in Articles 13 and 14 of the GDPR.

Personal data at the University of Szczecin are processed for the purpose of fulfilling obligations and exercising rights specified by law, in particular under the Law on Higher Education and Science, as well as for the statutory purposes of the University.

Personal data are processed with full respect for the privacy of the individuals concerned. Privacy protection is taken into account and applied in all projects and activities, in both public and private spheres. The inclusion of data protection at the design stage aims to integrate privacy safeguards into the creation of a project itself, the operation of its components, and the management of information technologies and systems throughout the entire information lifecycle. In the case of ICT systems, this means embedding data protection mechanisms into the system and the processing operations it supports — for example, through early pseudonymisation of data or enabling the data subject to monitor the processing of their personal data.

Personal Data and Their Processing

Personal data refer to any information about an identified or identifiable natural person. The processing of personal data means any operation performed on personal data, whether or not by automated means, such as collecting, storing, recording, organising, modifying, reviewing, using, disclosing, restricting, erasing, or destroying. The University of Szczecin processes personal data for various purposes, and depending on the purpose, different methods of collection, legal bases, uses, disclosures, and storage periods may apply.

Principles of Data Processing

In implementing its personal data protection policy, the University of Szczecin fulfils its information obligations toward data subjects and exercises particular diligence to safeguard their interests, ensuring in particular that the data are:

  • processed lawfully, fairly, and transparently to the data subject (lawfulness, fairness, transparency);
  • collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes. Further processing for archiving in the public interest, scientific or historical research, or statistical purposes shall not be considered incompatible with the initial purposes under Article 89(1) GDPR (purpose limitation);
  • adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (data minimisation);
  • accurate and, where necessary, kept up to date (accuracy);
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as they are processed solely for archiving in the public interest, scientific or historical research, or statistical purposes under Article 89(1) GDPR (storage limitation);
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction, or damage, using appropriate technical or organisational measures (integrity and confidentiality).

Processing of Personal Data of Visitors to the University of Szczecin’s Websites

  1. 1. The University of Szczecin collects information about website users transmitted by their web browsers.
  2. 2. This information depends on the configuration of the user’s browser and typically includes the IP address, operating system name, and browser name and version.
  3. 3. The information mentioned above, when treated independently, does not allow user identification.
  4. 4. In some cases, however, the information transmitted by the web browser may allow identification of the user.
  5. 5. The University of Szczecin uses information collected via web browsers for statistical purposes, to improve its websites and systems, and to provide user support.
  6. 6. The University’s online systems use session and, in exceptional cases, persistent “cookies” (text files stored on the user’s computer that enable certain operations).
  7. 7. Cookies are used, among other things, to store data necessary for user authentication.
  8. 8. Cookies are data files, particularly text files, stored on the user’s device for the purpose of using the University’s websites. They usually contain the name of the website from which they originate, their storage duration, and a unique identifier.
  9. 9. The entity placing and accessing cookies on the user’s device is the Administrator.
  10. 10. Cookies are used for:
    • creating statistics to understand how users interact with the University’s websites and to improve their structure and content;
    • maintaining user sessions (after logging in) so that users do not need to re-enter login data on every page;
    • retaining information related to referral programmes;
    • profiling users to display tailored materials within advertising networks, particularly Google.
  11. 11. The user decides whether or not to accept cookies and can adjust this preference at any time in their browser settings.
  12. 12. Rejecting cookies in the browser may result in partial or total loss of functionality of University of Szczecin systems that rely on this technology.

Disclosure of User Data to Third Parties and Retention Periods

  1. 1. The University of Szczecin may share personal data with third parties providing services on its behalf. Such entities are obliged to use the provided personal data solely for the purposes of performing services commissioned by or on behalf of the University and must treat the shared data as confidential.
  2. 2. The University may also share data with partners cooperating in the delivery of products and services. In such cases, partners are required to use the data only for the purposes for which they were originally collected and to which the user has consented, in accordance with this policy and applicable law.
  3. 3. In certain limited circumstances, the University of Szczecin may disclose or transfer personal data to unrelated third parties (e.g., due to legal obligations or court orders). Data may also be disclosed to authorised entities when required by law, in cases involving the violation of the University’s rights or other actions causing harm to the University.
  4. 4. Personal data will be stored for the duration of service provision or handling of an inquiry. If processing is based on consent, the data will be stored until the consent is withdrawn. Where processing is based on the legitimate interest of the administrator, data will be retained until a valid objection is raised.
  5. 5. The data retention period may be extended if processing is necessary for establishing, exercising, or defending legal claims, and thereafter only to the extent required by law.
  6. 6. The University of Szczecin does not sell or transfer personal data collected through its websites or systems to mailing list brokers.

Rights of Data Subjects

You have the right to access, rectify, erase, restrict processing, and transfer your data (where processing is automated and based on consent or contract). You also have the right to object to processing based on Article 6(1)(e) GDPR.

You may object, on grounds relating to your particular situation, to processing based on Article 6(1)(e) GDPR. In such a case, we will cease processing your data unless we demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms.

You have the right to lodge a complaint with the President of the Personal Data Protection Office (UODO):
ul. Stanisława Moniuszki 1A, 00-014 Warsaw, Poland.

Voluntary Provision of Data

Providing personal data is voluntary but necessary to process your inquiry.

Changes to the Privacy Policy

The University of Szczecin reserves the right to update or modify this Privacy Policy at any time, without prior notice, by posting the revised version on its official website.

Megszakítás