PRIVACY AND COOKIES POLICY
VIZJA University
Legal basis:
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), dated 27 April 2016 (OJ L 119, p. 1).
– The Personal Data Protection Act of 10 May 2018 (Journal of Laws of 2018, item 1000, as amended).
– The Telecommunications Act of 16 July 2004 (Journal of Laws No. 171, item 1800; Journal of Laws of 2018, item 1000, as amended)
WHO IS THE CONTROLLER OF PERSONAL DATA?
The Controller of the processed personal data is VIZJA University, ul. Okopowa 59, 01-043, REGON 017280390, NIP 525-22-08-719, entered into the register of non-public higher education institutions kept by the Minister of Education and Science, register no. 261, phone: +48 22 536-54-11, e-mail: rektorat@vizja.pl („VIZJA ” or „Controller”)
WHAT ARE THE PURPOSES, LEGAL GROUNDS, AND DURATION OF VIZJA UNIVERSITY’S PROCESSING OF YOUR PERSONAL DATA?
Provision of educational services and archiving of data after the service has been completed
For the purpose of providing educational services, undertaking necessary actions before concluding a contract, fulfilling the contract, and archiving data after the service has been completed, your data will be processed based on the concluded contract or the Act of 20 July 2018 – the Law on Higher Education and Science – for the following periods:
– 50 years in accordance with art. 15, sec. 12, point 4 of the Regulation of the Minister of Science and Higher Education of 27 September 2018 on Studies,
– 25 years if the documentation concerns postgraduate studies,
– the period required by applicable law in the case of other educational services (e.g., training),
– 6 months from the end of recruitment if you do not enroll in studies at VIZJA University
Remote learning, diploma examinations, credits, and verification of learning outcomes conducted remotely
As a university, we may conduct teaching activities using distance learning methods and techniques. The legal basis for processing your data is art. 12, sec. 1 of the Regulation of the Minister of Science and Higher Education of 27 September 2018 on Studies. We may also organize the verification of learning outcomes specified in the study program, in particular conducting credits and final examinations for specific courses, outside the university premises or its branch using electronic communication means. In the case of diploma examinations conducted outside the university premises or its branch via electronic communication means, these means must ensure, in particular, real-time transmission of the diploma exam among its participants and real-time multiparty communication. The legal basis for processing your data is art. 76a, sec. 1 of the Act of 20 July 2018 – Law on Higher Education and Science. Personal data processed during the transmission will be processed only for the duration of the tasks.
Library
If you use library resources or reading rooms, your personal data will be processed to enable access to library collections, to use the university’s library information system, and to fulfil our obligations under the Act of 27 June 1997 on Libraries and the Act of 20 July 2018 – Law on Higher Education and Science. The legal basis for the processing of your personal data is art. 6(1)(b) and (c) of the GDPR, and art. 6(1)(a) of the GDPR if applicable.
Support for students with disabilities
In connection with the implementation of processes aimed at providing support through the Office for Students with Disabilities (OSD) and ensuring that persons with disabilities have full access to university admission procedures, education, and research activities, your personal data may be processed. The documentation you submit will serve as the basis for accessing all forms of support offered by OSD to students with disabilities and health-related difficulties.
If you receive support from the university, the processing of your personal data is necessary to fulfil the university’s legal obligations (art. 6(1)(c) of the GDPR) related to the performance of tasks set out, among others, in the Act of 20 July 2018 – Law on Higher Education and Science, and in executive regulations issued on its basis
Processing of personal data in the video surveillance system
As part of tasks related to ensuring the safety of individuals on university premises, protecting property, and establishing, pursuing, or defending claims in judicial, administrative, or other non-judicial proceedings, we operate a video surveillance system. The legal basis for processing data recorded by the surveillance system is our legitimate interest (art. 6(1)(f) of the GDPR). Video surveillance recordings are stored for no longer than one month from the date of recording, unless the recording is needed to establish or document events for the purposes for which the monitoring is conducted. In such cases, the retention period may be extended until those purposes have been fulfilled.
Image
Your image is processed on the basis of your consent (art. 6(1)(a) of the GDPR) for the purpose of promoting activities carried out by the Controller. This data may be shared in the form of photographs published on the university’s websites and social media channels. Your image will be processed until you withdraw your consent.
Marketing
For marketing purposes, your data will be processed based on the consent you have given, for a period of 5 years counted from January 1 of the year following the date the consent was provided. With your consent, we will be able to send you information about our offerings, events we organize, and promotions we have prepared for you.
Newsletter
For the purpose of providing the Newsletter service, your data is processed to the extent necessary for the proper delivery of this service. The legal basis for processing your data is art. 6(1)(b) of the GDPR. Providing personal data is voluntary, but necessary to subscribe to and use the Newsletter service; failure to provide data will result in the inability to use the service. Your data will be processed for the duration of your subscription, in accordance with the Newsletter service terms and conditions, until you unsubscribe.
Social Media
As part of our activities on social media, we will process your personal data for the following purposes:
– managing our profile/channel on social media platforms, under the terms set by those platforms, and informing you through them about our activities, events we organize, and the products and services we offer;
– contacting you;
– analyzing the functioning, popularity, and usage of our profile/channel;
– sending you commercial information, including invitations to events we organize, via the functionalities of the profile/channel
The legal basis for processing your data for the purposes listed above is our legitimate interest, which consists of promoting our activities, expanding our community of followers, and responding to your inquiries. We process personal data for the duration of your activity related to our profile/channel, and afterwards for no longer than until your account is deleted or you are removed from the profile/channel.
Graduate Career Tracking
For the purpose of tracking the career paths of graduates, your data will be processed based on the consent you have given, for a period of 5 years counted from January 1 of the year following your graduation.
With your consent, we can learn whether you were satisfied with your studies and how completing them has influenced your career. This information helps us improve our academic offerings and modernize our study programs.
Claims and Legal Defense
In addition, we will process your personal data for the purpose of establishing, pursuing, or defending against claims, which constitutes our legitimate interest. We will process this data until the expiration of the limitation period for potential claims, as specified by applicable law.
WHAT ARE YOUR RIGHTS IN CONNECTION WITH THE PROCESSING OF YOUR PERSONAL DATA BY VIZJA UNIVERSITY?
You have the right to
- access the content of your data,
- rectify your personal data,
- have your personal data erased, if:
– you withdraw your consent to the processing of personal data,
– your personal data is no longer necessary for the purposes for which it was collected or otherwise processed,
– you object to the use of your data for marketing purposes,
– your personal data is processed unlawfully - restrict the processing of your data,
- to object to data processing,
- data portability,
- withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
You also have the right to lodge a complaint with the supervisory authority (the Polish Data Protection Authority, PUODO) if you believe that the processing of your personal data violates applicable data protection laws. Provision of personal data for marketing purposes is voluntary.
WHO IS THE RECIPIENT OF YOUR PERSONAL DATA?
The recipients of your personal data are authorized employees and associates of the Data Controller.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
As a university, we regularly use services provided by external companies to ensure the highest standard of service for you. Your personal data may be transferred to these entities for processing on our behalf. This most commonly applies to cooperation with specific service providers (e.g., data storage providers, providers of tools used in remote learning) or subcontractors (e.g., marketing agencies). In such cases, data transfer does not entitle these entities to use the data for their own purposes – they may only use it for the clearly defined purposes indicated by us. Under no circumstances does the transfer of data relieve us, as the Data Controller, of responsibility for its processing. Your data may also be disclosed to public authorities, but only when authorized by applicable law.
In connection with our use of social media, your personal data may be transferred to platform owners such as Facebook, YouTube, and Instagram, as well as to the marketing agencies that support us. Your data may be transferred for processing to data recipients, in particular to entities cooperating with the Data Controller. By entities cooperating with the Data Controller, we mean those directly or indirectly associated with the Data Controller, especially those with capital ties.
The Data Controller’s service providers are based mainly in Poland and in other countries of the European Economic Area (EEA). Some providers may be located outside the EEA. In such cases, the Data Controller ensures that these providers offer a high level of personal data protection. In connection with our use of Microsoft Office 365 tools, your personal data may be transferred outside the EEA, including to the United States.
COOKIES POLICY
This Policy concerns cookies and applies to websites operated by VIZJA University (address: Okopowa 59, 01-043 Warsaw, REGON: 017280390, NIP: 525-22-08-719 (hereinafter „VIZJA” or “Controller”).
What are cookies
Cookies are IT data, in particular text files, stored on users’ end devices and intended for use with websites. These files make it possible to recognize the user’s device and display the website in a manner tailored to their individual preferences. Cookies typically contain the name of the website they originate from, the duration of their storage on the end device, and a unique identifier.
What do we use cookies for?
We use cookies to:
– adapt the content of the website to the user’s preferences and optimize the use of the website; in particular, these files allow the website to recognize the user’s device and display the site properly, tailored to their individual needs;
– create statistics that help us understand how users interact with the website, which enables us to improve its structure and content;
– maintain the user’s session on the website (after logging in), so the user does not have to re enter their login and password on each subpage.
What types of cookies do we use?
Our websites use two main types of cookies: “session” cookies and “persistent” cookies. Session cookies are temporary files that are stored on the user’s end device until they log out, leave the website, or close the web browser. Persistent cookies are stored on the user’s end device for the duration specified in the cookie parameters or until they are deleted by the user.
Our websites use the following types of cookies:
– Necessary cookies – enable the use of services available on the website, e.g., authentication cookies used for services that require logging in.
– Security cookies – used to ensure security, e.g., to detect authentication abuse on the website.
– Performance cookies – allow the collection of information about how users interact with the website.
– Functional cookies – allow the website to remember the user’s selected settings and personalize the user interface, e.g., language preferences, region, font size, or website layout.
– Advertising cookies – enable the delivery of advertising content tailored more closely to users’ interests.
– Analytical cookies – used for web analytics to better understand how users interact with website content and to improve its layout. These cookies collect information about how visitors use our site, the type of site from which users were referred, the number of visits, and the time spent on the site. This information does not record specific personal data and is used to compile aggregated usage statistics. For this purpose, we use Google Analytics.
Third-party cookies used on the Controller’s websites:
Google Analytics – these web analytics cookies collect information about how visitors use our website, the type of site from which users were referred, the number of visits, and the time spent on the site. This information does not record specific personal data and is used to compile aggregated usage statistics.
YouTube – the Controller’s websites include embedded videos and links to content from the YouTube platform. As a result, when browsing a page containing embedded YouTube content or clicking on a YouTube link, users may encounter cookies set by that service. More information is available at: youtube.pl
Adobe Flash Player – the website uses animations created with Flash technology. Flash Player software uses local shared objects, also known as Flash cookies, to enablefunctionalities such as automatic restoration and saving user preferences. Flash cookies are stored on the user’s device in the same way as regular cookies, but they are managed differently through the browser. More information is available at: www.adobe.com
Do cookies contain personal data?
Personal data collected using cookies may be gathered solely for the purpose of performing specific functions for the user. Such data are encrypted in a way that prevents access by unauthorized persons.
Deleting cookies
By default, software used for browsing websites allows cookies to be stored on the user’s device. These settings can be changed so as to block the automatic handling of cookies in the browser settings or to notify the user each time a cookie is sent to their device. Detailed information about the options and methods for handling cookies is available in the settings of your browser software.
Internet Explorer
FireFox
Opera
Chrome
Limiting the use of cookies may affect certain functionalities available on the website.
What security measures are used on VIZJA University websites?
The websites are equipped with security measures designed to protect data under our control from loss, misuse, or alteration. We are committed to protecting all information disclosed to us by users in accordance with security standards and confidentiality practices. VIZJA University offers users the option to unsubscribe from receiving promotional materials and newsletters. Users also have the ability to remove their information from our databases and stop receiving email communications.