Privacy and Cookies policy of the information service for the City of Warsaw

Last updated on: 30.01.2024.

General provisions

  1. This Privacy Policy describes the principles of processing information about visitors to the Municipal Information Portal of the Warsaw City Hall (PIUW), including personal data and cookies of these persons (hereinafter "Users").
  2. The "Municipal Information Portal of the Warsaw City Hall" (PIUW) is understood to be the main website of the Warsaw City Hall and related services created as part of this PIUW portal (hereinafter the "Service").
  3. This privacy policy applies to the main website and related websites. A list of all related pages is available at the link: List of pages created within the PIUW portal
  4. The purpose of this Policy is to inform Users about aspects of:
  • the collection, processing and protection of User data on the Website in accordance with the applicable legal provisions, in particular those protecting the privacy of website users, i.e.:
    • *Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. Official Journal of the EU. L. 2016 No. 119/1 (hereinafter "GDPR");
    • the Act of 18 July 2002 on rendering electronic services;
  • copyright protection of the Website content
  1. The Service features appropriate technical and organisational measures to ensure the protection of the User's data being processed and, in particular, protection of data against unauthorised access, alteration, loss, damage or destruction.
  2. User data may be processed by automated means.

Processing of personal data

  1. The Controller of the Users' personal data processed at the Warsa City Hall is the Mayor of the City of Warsaw, with a registered office in Warsaw (00-950), Pl. Bankowy 3/5.
  2. The Data Controller has appointed a Data Protection Officer who can be contacted at the email address:
  3. The legal basis authorising the Controller to process the User's personal data is:
  • The Controller's legitimate interest (Art. 6 sec. 1 let. F GDPR)
  • The User's consent to the processing of their personal data (Art. 6 sec. 1 let. A GDPR)
  1. The use of the Website does not require the User to register or submit any personal data.
  2. The PIUW system does not carry out profiling processes that perform automated processing of personal data. The system only uses anonymised statistical data that does not allow individuals to be uniquely identified. The system does not process information that is considered personal data.

  3. In order to collect statistics and improve the system's performance, the following may be processed:
  • Anonymised IP address
  • Approximate geolocation
  • Date and time of visit
  • Title of the viewed page
  • URL of the viewed page
  • URL of the referring page
  • Screen resolution used
  • Time in the local user's time zone
  • Files that have been clicked on and downloaded
  • Clicked links to third-party domains
  • Page generation time
  • Main language of the browser used
  • User Agent of the browser used

  1. The provision of personal data may be required when using the Website's additional services, such as subscribing to the Newsletter or filling out a form. As these services are provided by third-party providers, the User will be informed of the details of the processing of their personal data and asked to accept the dedicated Privacy Policy of the respective service before using it.
  2. The PIUW system uses a Load Balancer to efficiently distribute traffic to our servers. Accordingly, Users' IP addresses may be stored in the system logs. IP addresses are collected to ensure optimum performance and security of our services. IP addresses are collected in order to:
  • Ensure load balancing and effective traffic distribution.
  • Detect and prevent attacks on our systems.

IP addresses are stored for a specific period necessary for the aforementioned purposes. The Controller has implemented appropriate security measures to protect IP addresses from unauthorised access. By using our services, you consent to the collection and processing of IP addresses in accordance with the provision of this privacy policy.

  1. The user has the right to:
  •  access their personal data, including obtaining copies of such data;
  • request rectification (correction) of their personal data;
  • request the deletion of personal data (so-called Right to be forgotten), in the event that:
    • the data is no longer necessary for the purposes for which it was collected or otherwise processed,
    • there is no legal basis for processing personal data;
    • an objection to the processing has been lodged and there are no overriding legitimate grounds for the processing;
    • data are processed unlawfully
    • data must be deleted in order to comply with a legal obligation.
  • demand restriction of the processing of their personal data;
  • object to the processing of data - where the following conditions are cumulatively met:
    • there are reasons relating to a specific situation,
    • the data shall be processed for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, except where the controller is able to demonstrate the existence of compelling legitimate grounds for the processing of the personal data overriding the interests, rights and freedoms of the data subject or grounds for the establishment, exercise or defence of claims;
  • lodge a complaint with the President of the Personal Data Protection Office (pol. Prezes Urzędu Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warsaw, telephone hotline: 606-950-000.) in the event of becoming aware of unlawful processing by the Warsaw City Hall of your personal data;
  • withdraw consent at any time - in relation to data processed based on that consent;
  • data portability - in relation to data processed based on consent, where the processing is carried out by automated means.

Cookies and access logs

  1. The website automatically collects the data contained in cookies.
  2. "Cookies" are IT data, in particular text files, stored in the Users' terminal devices for the purpose of using specific websites.
  3. Cookies are used by the Data Controller for the sole purpose of operating the Website, including recognising the User's device and displaying the Website's pages in a manner tailored to the User's needs, as well as for creating anonymous Website statistics and improving the efficiency and effectiveness of using the Website.
  4. You may consent to the processing of all types of information or opt out of particular processing purposes.
  5. The Website may store the following types of cookies on your device:
  • Essential Cookies - Cookies necessary for the correct display and operation of the website are essential for the proper functioning of the website. They are responsible for essential service functions and ensuring security. These files allow the website to function properly, so they cannot be deactivated. Although it is possible to adjust your browser settings to block these Cookies, please be aware that certain website elements may cease to function properly. Cookies necessary for the website's operation are not stored permanently on the user's device, they are saved for one year, but can be deleted at any time in the settings (
  • Analytical cookies - analytical cookies collect data on visits to and use of the Website. All data is collected and processed anonymously. Their purpose is to evaluate and improve the Website's performance and to adapt it to the needs and interests of users (Matomo).
  • Marketing cookies - these types of cookies are used to display banners according to the User's interests. No user data is collected and passed on to third parties for the purpose of displaying advertisements (Revive Adserver).
  • Third-party files - content may be displayed on the site in the form of videos from YouTube and threads from Facebook and Twitter. Acceptance of third-party providers' cookies is necessary to display this content. Third-party cookies are set by services that may store information about Users' activities and preferences. By using these Cookies, the User agrees to the terms of the third-party website's privacy policy available on their website (e.g. YouTube, Facebook, Twitter).

  1. Each Cookie file is assigned to a domain, which means that Cookies added by the domain are only used within that domain, whereas Cookies added by, e.g., embedded YouTube videos will be used by the YouTube website in accordance with its privacy policy.

  1. Each third-party service has its own Cookie policy and it regulates what data is processed. Elements from the following third-party services may be embedded within the PIUW website:

  1. The User can update or change the consents given at any time by clicking on the "Cookies Settings" button of the page titled "Privacy and Cookies Policy of the Warsaw City Hall Information Service".
  2. The User may, at any time, block the installation of Cookies, delete permanent Cookies or otherwise modify the conditions for storing or receiving Cookies, using the appropriate options of their Internet browser, with the proviso that disabling Cookies in their browser may cause difficulties in using the Website.


  1. All contents of the Website are protected by the provisions of the 4 of February 1994 Copyright and Related Rights Act. The content of the website may not be reproduced, distributed or published, except with the prior written consent of the website's owner, with the exception of personal use permitted under copyright law.
  2. All rights regarding the content of the text elements, graphics, photos, videos and others are subject to legal protection, are reserved by the City of Warsaw or, respectively, entities cooperating with the City of Warsaw.
  3. Trademarks in the legal possession of the City of Warsaw are subject to protection and any use of logos requires the relevant permission.

Concluding remarks

  1. The website contains links to related pages created within the PIUW portal and third-party websites outside the PIUW portal. The same privacy policy applies to all pages created within the PIUW portal. The Data Controller is not responsible for the privacy and data processing policies of these third-party sites, other than PIUW.
  2. This Policy is subject to change, due to technological developments and modification of existing standards. As such, it may be subject to revision with a view of introducing the most up-to-date regulations, both legal and technological. If you have any doubts concerning the content of this Policy, clarification can be obtained by contacting us via e-mail at: