Privacy and Cookie Policy

1. Introduction

This Privacy and Cookie Policy outlines the rules for processing personal data and the use of cookies on the nfic.pl website (hereinafter: “Website”). The Website is managed by Foundation for Medical Research.

2. Data Controller

The Data Controller of your personal data is Foundation for Medical Research with headquarters at Beskidzka 37/7, 30-611 Krakow, Poland.

3. Data Protection Officer

You can contact Data Protection Officer (DPO) at: office@nfic.pl.

4. Scope of Data Collected

The Website may collect the following personal data from users:

  • IP address,
  • Device information (e.g., device model, operating system),
  • Browsing data (e.g., visit duration, visited subpages),
  • Registration data (e.g., name, email address, phone number) for conference registration,
  • Login data (e.g., username, password) for streaming viewers.

5. Purposes of Data Processing

Collected personal data is processed for the following purposes:

  • Website traffic analysis using Google Analytics,
  • Enhancing Website functionality and content,
  • Locating users and displaying maps using Google Maps,
  • Responding to user inquiries,
  • Processing conference registrations (subject to separate conference regulations),
  • Managing user accounts for streaming access,
  • Displaying embedded videos from Vimeo.

6. Legal Basis for Data Processing

Personal data of users is processed based on:

  • Article 6(1)(a) GDPR – user’s consent for processing data for specific purposes,
  • Article 6(1)(b) GDPR – processing data is necessary for the performance of a contract or to take steps prior to entering into a contract,
  • Article 6(1)(f) GDPR – legitimate interests of the Data Controller, such as website traffic analysis and service improvement.

7. Google Analytics

The Website uses Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to analyze how users use the Website. The information generated by the cookies about the use of the Website (including the IP address) is transmitted to and stored by Google on servers in the United States. Google uses this information to evaluate the use of the Website, compile reports on website activity, and provide other services related to website activity and internet usage.

8. Google Maps

The Website uses Google Maps, a mapping service provided by Google LLC, to display maps and locations. By using Google Maps, users agree to the processing of their data by Google in accordance with Google’s privacy policy.

9. Embedded Vimeo Videos

The Website uses embedded videos from Vimeo, a video hosting service provided by Vimeo, Inc. When you view a video embedded on our Website, Vimeo may collect certain information about your device and interactions with the video. By using our Website, you agree to the processing of your data by Vimeo in accordance with Vimeo’s privacy policy.

10. Registration and Contact Form

When users use the registration or contact form available on the Website, the Data Controller processes the personal data provided by the user (e.g., name, email address, phone number) to respond to user inquiries and manage conference registrations. Data provided in the registration form may also be processed by the subcontractors involved in the conference management.

11. User Accounts and Streaming

The Website provides a login option for users to access online streaming and video on demand. Creating an account involves providing a username and password. The Data Controller processes this data to manage user accounts and provide access to video services.

12. Data Sharing

The Data Controller does not share personal data of users with other entities, except as required by law or when necessary to provide services via the Website (e.g., Google Analytics, Google Maps, Vimeo, Logistics Organizer, IT subcontractors).

13. Data Transfer Outside the EEA

Personal data of users may be transferred to countries outside the European Economic Area, particularly to the United States, where Google and Vimeo servers are located. In such cases, the Data Controller implements appropriate safeguards, such as standard contractual clauses approved by the European Commission.

14. Data Retention Period

Personal data of users will be stored for the period necessary to achieve the purposes outlined in this Privacy and Cookie Policy unless a longer retention period is required by law. Data provided through the registration form will be retained for the duration of the conference and any necessary follow-up.

15. User Rights

Users have the right to:

  • Access their personal data,
  • Rectify their personal data,
  • Erase their personal data,
  • Restrict the processing of their personal data,
  • Data portability,
  • Object to the processing of their personal data,
  • Withdraw consent to the processing of personal data at any time without affecting the lawfulness of processing based on consent before its withdrawal,
  • Lodge a complaint with a supervisory authority (Data Protection Authority).

To exercise these rights, users can contact the Data Controller via email: [contact email address].

16. What are Cookies?

Cookies are small text files stored on your device by your web browser when you visit a website. They are used to remember your preferences and track your activities on the Website.

17. Types of Cookies Used

  • Essential Cookies: Necessary for the proper functioning of the Website.
  • Performance Cookies: Used to collect information about how visitors use the Website, enabling us to improve its performance.
  • Functional Cookies: Allow the Website to remember your preferences and provide enhanced functionality.

18. Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. However, blocking cookies may affect the functionality of the Website.

19. Changes to the Privacy and Cookie Policy

The Data Controller reserves the right to make changes to this Privacy and Cookie Policy. Changes will be published on this page. Continued use of the Website after changes are posted constitutes acceptance of the updated Privacy and Cookie Policy.

20. Contact

For questions regarding this Privacy and Cookie Policy, please contact the Data Controller at office@nfic.pl.

Last updated: May 2024