II PERSONAL DATA CONTROLLER – PERSONAL DATA PROCESSING PRINCIPLES The Controller of the Personal Data collected using the website of Conference and Fair Central European BioForum is 8 Business Sp. z o.o. having its registered office in Łódź at ul. Rewolucji 1905 r. 9/ 3U, 90-273 Łódź, registered in the Register of Enterprises of the National Court Register for the District Court for Łódź Śródmieście in Łódź Commercial Court, 20TH Commercial Department of the National Court Register under KRS number 0000457952, NIP (tax ID) number 7252066580, with the share capital of PLN 30 000.00 (in words: thirty thousand Polish zlotys), phone: + 48 881 300 888 e-mail: firstname.lastname@example.org (hereinafter “8 Business Sp. z o.o” or “Controller”). The User’s personal data that have been provided in the registration form will be processed for the following purposes: 1) taking necessary actions in connection with the organization of the User’s participation in the Conference and Fair on the basis of Article 6 section 1 letter b) GDPR; 2) the User’s registration and participation in the Conference and Fair on the basis of Article 6 section 1 letter a) GDPR; 3) sending marketing content by the Controller or its cooperating entities – Conference and Fair partners, also by e-mail on the basis of Article 6 section 1 letter a) GDPR; 4) other purposes resulting from legally justified interests of the Controller or authorized third parties, in particular: settlement of benefits resulting from contracts concluded with the Controller, protection of third party rights, ensuring safety, including detection of hazards, making statistical measurements, adjusting website content to preferences and interests, running direct marketing of products and services by the Controller, on the basis of Article 6 section 1 letter f) GDPR. The data recipients will be the entities cooperating with the Controller to which he will entrust the personal data for processing, according to the specified purpose. Personal data processing is entrusted in the case of cooperation with subcontractors or service providers used by the Controller to provide the services. In no case entrusting of any data shall exempt the Controller from liability for the processing thereof. The data can also be transferred to public authorities on their request as stated in valid legal regulations. Provision of the User’s personal data is voluntary, but necessary to participate in the Conference and Fair. Personal data of the User sending an application for participation in the Conference and Fair will be stored for the period of: the User’s use of the Controller’s services, performance and complete settlement of any concluded contracts, including expiry of any claims thereunder, until the User withdraws the consent granted on the basis of Article 6 section 1 letter a) GDPR with regard to the data which the consent has been granted before for as well as duration of the Controller’s justified purpose. The user is entitled to: access to the content of the provided data, correct, remove or restrict processing of the personal data, transfer the personal data, obtain copies of the personal data, submit an objection against personal data processing, withdraw the consent at any time without any effect on conformity with the law of the processing which has been completed under the consent prior to the withdrawal (the consent is withdrawn by sending the respective notice to the e-mail address of the Controller or in another express way), file a complaint to the President of the Data Protection Office , when he/she decides that the processing of their personal data breaches the provisions of GDPR. Personal data are subject to confidentiality, are transferred only to the entities authorized to receive them based on the law, the entrusting or availability agreement concluded by the Controller. Personal data will not be subject to automated processing (so-called profiling) consisting in using the personal data to evaluate some natural person’s personal factors, in particular to study or forecast aspects concerning the natural person’s work effects, their economic situation, health, personal preferences, interests, credibility, behaviors, location or movement.
III DATA REQUIRED DURING REGISTRATION In the registration form for participation in the Conference and Fair Central European BioForum, it is necessary to provide personal data i.e. first name, last name, telephone number, e-mail address. A message is sent to the provided e-mail address, confirming registration on the site. The User’s personal data, including e-mail address, telephone number and correspondence address, are or can be used in the case of any actions which the Conference and Fair Participant has expressed their consent to when signing up for participation in the Conference and Fair. In this case, the legal basis for processing these personal data is Article 6 section 1 letter a of GDPR: i.e. consent to processing the personal data for one or more specific purposes expressed by the person the data relate to. We also process the provided data to manage the Conference and Fair Participants’ registered accounts and to inform the Users about changes in the site, i.e. based on the Controller’s legally justified interests (Article 6 section 1 letter f of GDPR). We also process data to prevent a second registration of persons for whom the registration in the Conference and Fair has been completed, due to any prohibited use of our services, on the basis of Article 19 section 2 item 3 in connection with Article 21 sect. 1 of the Act of 18 July 2002 on Provision of Electronic Services (Journal of Laws 2017.1219 i.e. as amended).
V COOKIES 8 Business Sp. z o.o. having its registered office in Łódź makes every effort to ensure that the website of the Conference and Fair make it simple to each User to browse the site and register for participation in the Conference and Fair. Therefore, caring for the User’s safety and comfort, we inform that, by browsing the site, you express your consent to the site using cookie files. It is possible to use the website without using the cookies but this can mean that some site functions or services will not operate correctly. If you do not express your consent to using the cookie files, in the browser’s settings you should mark the option to reject cookie files or signal any transfer thereof.
VI WHAT ARE COOKIE FILES? Cookies are small text files, sent and stored in the Device the User connects to the Internet from and enters the website http://cebioforum.com/. These files can be considered useful because they allow the “site” to identify the User’s preferences. A cookie file usually contains the website name which it comes from, file “life” (meaning its existence time), and a value that is usually a randomly generated unique number.
VIII TYPES OF COOKIES USED The cookies used by the Controller are safe for the User’s Device. In particular, any viruses or other unwanted software or malicious software cannot get through to the User’s Device in this way. These files allow to identify the software used by the User and adjust the Site individually to each User. Cookies usually contain the domain name they come from, their storage time in the Device and the assigned value. The Controller uses two types of cookie files: a. Session cookies: are stored in the User’s Device and are left there until the browser’s session is terminated. Any recorded information is then permanently removed from the Device’s memory. The session cookies mechanism does not allow collection of any personal data or any confidential information from the User’s Device. b. Permanent cookies: are stored in the User’s Device and are left there until deleted. Termination of the browser’s session or turning off the Device does not remove them from the User’s Device. The permanent cookies mechanism does not allow collection of any personal data or any confidential information from the User’s Device.
IX POSSIBILITY TO DETERMINE THE CONDITIONS OF STORING OR OBTAINING ACCESS BY THE COOKIES It is possible to configure each online browser to completely or partially exclude the possibility of storing any cookie files on the computer’s or another device’s hard disk used to view websites. No express acceptance for cookie files does not imply the inability to use the Controller’s site. The User can independently change at any time the settings concerning cookie files, defining the terms of storing the cookies and the cookies obtaining access to the User’s Device. The User can make changes to the settings referred to in the previous sentence using the online browser’s settings or by configuration of the service. These settings can be changed in particular so as to block automatic handling of any cookie files in the browser’s settings or notify each time about posting cookies in the User’s Device. Detailed information about the possibilities and methods of handling cookie files is available in the software (online browser’s) settings. The User can remove the cookies at any time using the available function in the web browser he or she uses. Any limited use of cookie files may affect some functionalities available on the Site.