Privacy Policy of the City of Warsaw information service

§ 1. General provisions

  1. This Policy of the City of Warsaw information service (hereinafter “the Service”) sets forth the rules for the processing of all data concerning the visitors of the sites available under the um.warszawa.pl domain (hereinafter “Users”).
  2. The purpose of the Policy is to inform Users about aspects of:
    1. the collection, processing and protection of the Users’ data in the Service in accordance with applicable law, in particular those regulations that protect the privacy of website users, i.e.:
      1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 EC OJEU L. 2016 No. 119/1 (hereinafter “GDPR”);
      2. The Act of July 18, 2002 on the provision of electronic services,
    2. the copyright protection of the content posted on the Service.
  3. The Service possesses appropriate technical and organisational means to ensure the protection of the processed data on the User, and in particular to protect the data against unauthorised access, change, loss, damage or destruction.
  4. User data may be processed by automated means.

§ 2. Processing of personal data

  1. The Controller of Users’ personal data processed in the City of Warsaw is the Mayor of Warsaw with its registered office at Bankowy Square 3/5 00-950 Warsaw.
  2. The Controller appointed a Personal Data Protection Officer who can be contacted via e-mail: iod@um.warszawa.pl.
  3. The legal basis authorising the Controller to process the User’s personal data is:
    1. legitimate interest (Article 6 (1) (f) of the GDPR)
    2. the User’s consent to the processing of their personal data (Article 6 (1) (a) of the GDPR)
  4. Providing personal data will be required in order for the User to gain access to a particular functionality of the Service, i.e.:
    1. newsletter subscription,
    2. ability to comment on particular articles, events,
    3. participation in competitions, surveys, events registrations,
    4. mailbox use.
  5. In cases referred to in in point 4, the Controller has the right to process the following personal data of the User:
    1. first and last name,
    2. nickname,
    3. phone number
    4. e-mail address
    5. residence address,
    6. date of birth.
  6. In addition, the User may consent to the disclosure of their personal data, indicated in point 5, to the Controller for the Controller’s marketing purposes.
  7. The User’s personal data will be processed for a period necessary for the implementation of processing goals.
  8. The recipients of the User’s personal data may include:
    1. entities to which the Controller will entrust the processing of personal data, in particular entities providing IT and postal services for the benefit of the Controller,
    2. public authorities and other entities to which the Controller will provide access to personal data on the basis of applicable law,
    3. entities to which the Controller will provide access to personal data on the basis of the User’s consent.
  9. The User has the right to:
    1. access personal data, including the right to obtain a copy of these data;
    2. request correction (revision) of personal data;
    3. request the erasure of personal data (known as the “right to be forgotten”) in the following events:
      1. the data are no longer necessary for the purposes for which they were collected or otherwise processed;
      2. there is no legal basis for processing personal data;
      3. the data subject has objected to the processing of the data and there is no other legal ground for processing;
      4. the data are processed unlawfully;
      5. the data must be removed in order to comply with the legal obligation.
    4. request a restriction to the processing of personal data;
    5. object to the processing of data – when the following conditions are cumulatively met:
      1. there are reasons related to an extraordinary situation,
      2. the data are processed in order to complete a task which is carried out in the public interest or under the exercise of public authority entrusted to the Controller, except for the situation in which the Controller demonstrates that there are important legitimate grounds for the processing of personal data superior to the interests, rights, freedom of the data subject, or grounds for the establishment, exercise or defence of claims;
    6. lodge a complaint to the President of the Personal Data Protection Office if the User becomes aware of the unlawful processing of their personal data by the City of Warsaw;
    7. withdraw consent at any time – with regard to the data processed on the basis of the consent;
    8. transfer data – with regard to the data processed on the basis of the consent when the data processing is automated.

§ 3. Cookies and access logs

  1. The Service collects data automatically based on the analysis of access logs and data contained in text files stored in the User’s computer or other mobile device, during the User’s activity on the Internet, known as cookies.
  2. Utilised cookies or data contained in access logs are not used to deliberately identify the User.
  3. Cookies:
    1. are used for technical and safety purposes;
    2. allow for parametrisation, e.g., remembering visits on websites and User’s preferences concerning a particular website (i.a. the language of the website, its colour, font size, layout, content placement and other similar features that facilitate the use of the website);
    3. provide statistical information about the users’ traffic, their activity and way of using the Service;
    4. allow collecting such data as IP address, operating system and browser types;
    5. are not harmful to users’ computers or smartphones – they do not affect their functioning, they do not cause any configuration changes in a user device nor in software installed on those devices.
  4. The User has the option to limit or disable access of cookies to their device. In case of using this option, the use of the Service will be possible, except for functions that, because of their operating method, require cookies.
  5. The Service uses the Open-Source Matomo web analytics service. The tool works on the basis of cookies and does not share data which could allow personal identification.

§ 4. Copyright

  1. All the Service’s content is protected by the provisions of the Act of February 4 1994 on Copyright and Related Rights. The content cannot be reproduced, distributed and published, unless the owner of the Service gives his prior written consent, excluding the personal use permitted by copyright rights.
  2. All rights concerning the content of text, graphics, photo, video, and other elements are subject to legal protection, and are reserved by the City of Warsaw or respectively by entities cooperating with the City of Warsaw.
  3. The trademarks legally owned by the City of Warsaw are subject to protection and any use of the logotypes requires obtaining appropriate consent.

§ 5. Closing remarks

  1. The Service will not process personal data of persons under 16 years of age without obtaining consent from their parents or other legal representatives.
  2. The Service contains links to external websites. The Controller is not liable for rules applying to these websites concerning privacy and the processing of data. This policy applies only to websites operating under the um.warszawa.pl domain.
  3. This policy is subject to amendment due to technological development and modification of already existing standards. Therefore, it may be subject to verification in order to introduce the most current regulations, both legal and technological. In case of potential doubts concerning the content of this policy, clarification can be obtained by contacting us via e-mail on: redakcja.PIUW@um.warszawa.pl.