Privacy policy

In connection with your use of our online website available at the domain: innoagh.pl (“Service”), we collect your personal data to the extent necessary to provide the individual services offered, as well as information about your activity in the Service. Your data will be processed by us for the purposes indicated below, related to the operation of the Service and the provision of services we offer therein.

In accordance with Art. 13 and Art. 14 of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR), we inform you that the Administrator of your personal data is Kraków Centre of Innovative Technologies INNOAGH Sp. z o.o. located in Kraków (30-054) at Czarnowiejska Street 36, apt. C5-017 (hereinafter “Administrator”).

If you have any doubts regarding the privacy policy, you can contact the Personal Data Administrator:

• electronically at the e-mail address: innoagh@agh.edu.pl, or
• by mail by sending a letter to: ul. Czarnowiejska 36, apt. C5-017, 30-054 Kraków, or
• by phone at: +48 + 48 12 617 36 56.

Your personal data is processed in accordance with the GDPR and other applicable personal data protection laws.

Your personal data are processed on the following legal bases:

• due to the performance of the service contract that binds you with the Administrator, or actions necessary to enter into the contract (Art. 6 sec. 1 lit. b GDPR),
• due to legal requirements to which the Administrator is obliged to comply (Art. 6 sec. 1 lit. c GDPR),
• due to the legitimate interest of the Administrator consisting in processing data for the purpose of establishing, pursuing, or defending possible claims (Art. 6 sec. 1 lit. f GDPR), based on the consent obtained from you by contacting the Administrator (Art. 6 sec. 1 lit. a GDPR).

Your data may be processed for the purpose of:

• providing services offered in the Service,
• using other functions of the Service by you,
• contacting you at your request.

In the above cases, the data will be processed accordingly:

• for the period resulting from the applicable legal provisions, if they constitute the basis for processing,
• in terms of conclusion and performance of the contract – for the duration of its validity, and after its termination, until the expiration of the limitation period of any claims arising from the legal relationship,
• in terms of processing data based on the legitimate interest of the Administrator – for the period enabling the realization of this interest or until an effective objection is raised against data processing based on the legitimate interest of the Administrator,
• to the extent that data is processed based on expressed consent – until its withdrawal.

Transfer of Personal Data Your personal data may be processed by the Administrator’s employees, as well as subcontractors, i.e., external entities with which the Administrator uses services, such as:
a) software provider needed to run the Service,
b) email service software provider,
c) accounting service providers,
d) persons who may potentially access your personal data while providing services related to technical support of the website on our behalf,
e) software provider facilitating business operations,
f) parcel delivery service providers,
g) appropriate public authorities and other entities to the extent that the Administrator is obliged to provide them with data under legal provisions,
h) entities that may participate in providing legal or other advisory services on our behalf,
i) other subcontractors who have access to data if the scope of their activities requires such access.

All entities to which the Administrator entrusts the processing of personal data guarantee the application of appropriate measures for the protection and security of personal data required by legal provisions.

Your personal data may be transferred to external entities within the framework of data processing agreements signed with the Administrator. Your personal data may be transferred to countries outside the European Economic Area, provided these countries have been recognized by the European Commission as ensuring an adequate level of personal data protection equivalent to that applicable in the European Economic Area, or subject to appropriate safeguards, which may consist of using standard contractual clauses for data protection adopted by the European Commission or binding corporate rules approved by the relevant supervisory authority.

You have the right to:

• access your personal data and receive a copy of it, i.e., the right to obtain confirmation whether the Administrator processes data and information regarding such processing,
• rectify data if the data processed by the Administrator is incorrect or incomplete,
• request the Administrator to delete data,
• request the Administrator to restrict data processing,
• data portability, i.e., the right to receive personal data provided to the Administrator and send it to another administrator,
• object to data processing based on the legitimate interest of the Administrator or against processing for direct marketing purposes,
• file a complaint with the Polish supervisory authority (President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw) or the supervisory authority of another European Union member state, appropriate due to the usual residence or work of the person concerned or due to the place of alleged infringement,
• withdraw consent to the processing of personal data, although withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If, in your opinion, there has been a violation of the protection of your personal data, you may address the Administrator.

Security and Confidentiality of Your Personal Data:
The Administrator cares about the security of your personal data. He has analyzed the risks associated with the various processes of processing your data and then implemented appropriate security and personal data protection measures. The Administrator continuously monitors the state of its technical infrastructure, trains its staff, examines the applied procedures, and introduces necessary improvements to ensure the protection of your personal data.

The Administrator guarantees the confidentiality of all personal data provided by you. The Administrator ensures the adoption of all necessary security and personal data protection measures required by data protection laws. Personal data is collected with due diligence and adequately protected against access by unauthorized persons, including through the use of security certificates on the Service website.

Cookies:
Cookies (so-called “cookies”) are computer data, especially text files, that are stored in the Service user’s end device and are intended for use on the Service’s websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, and a unique number. Cookies do not cause changes in your device settings, while allowing you to use all the functions of the Service. During the first visit to the website, you are presented with information about the use of cookies. Using the appropriate browser option, you have the possibility to manage cookies, which means you can always change cookie settings or delete cookies altogether. Please remember that disabling or limiting cookie handling can cause difficulties in using the Service website, as well as many other websites that use cookies.

Cookies on the Service website are used for:
a) adjusting the content of the Service website to the user’s preferences and optimizing the use of it; in particular, these files allow recognizing the Service user’s device and properly displaying the website, tailored to his individual needs,
b) creating statistics that help understand how Service users use the website, which enables improving its structure and content,

In many cases, the software used for browsing websites (web browser) by default allows the storage of cookies in the user’s end device. Service users can change cookie settings at any time. These settings can be changed in such a way as to block the automatic handling of cookies in the web browser settings or inform about their placement in the user’s device each time. Detailed information about the possibilities and ways of handling cookies is available in the software settings (web browser).

Server Logs:

Using the Service website involves sending queries to the server on which the website is stored. Each query directed to the server is recorded in the server logs. Logs include, among others, your IP address, date and time of the server, information about the web browser and operating system you use. Logs are saved and stored on the server. Data recorded in server logs are not associated with specific individuals using the site and are not used by the Administrator to identify you. Server logs are only auxiliary material used to administer the Service, and their content is not disclosed to anyone except those authorized to administer the server.

Additional Information:

The Administrator is entitled to make changes to the Privacy Policy. The announcement of changes will occur by posting the new content of the Privacy Policy on the Service’s website, along with indicating the information from which day the new Privacy Policy is effective. This Privacy Policy is effective as of January 1, 2023.