Information of the administrator on the processing of personal data

Pursuant to Article 13(1) and (2) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – Journal of Laws of the Republic of Poland. EU. L No. 119, p. 1 (hereinafter: GDPR), we hereby inform that:

1. The co-administrators of personal data processed as part of the Event are:
   1. AGH University of Krakow, with its registered office at Al. Mickiewicza 30, 30-059 Cracow, NIP: 6750001923, REGON: 000001577, agh.edu.pl.  
   2. The TRY IT Foundation with its registered office at Al. Mickiewicza 30, 30-059 Kraków, entered into the Register of Entrepreneurs of the National Court Register and the Register of Associations, Other Social and Professional Organizations, Foundations and Independent Public Health Care Institutions of the National Court Register, KRS No. 0000859303, NIP 6772456275, REGON 387052706, www.tryit.org.pl.
2. Contact details for the Data Protection Officer: iodo@agh.edu.pl.
3. Each of the Joint Administrators is responsible for:
   1. processing of personal data in accordance with the principles set out in Article 5 of the GDPR;
   2. proper protection of personal data – in particular against access by unauthorized persons and unauthorized modification of data;
   3. exercising the rights of natural persons referred to in Articles 15-22 of the GDPR, taking into account possible restrictions resulting from the provisions of law;
   4. ensuring accountability in the implementation of obligations arising from the GDPR;
   5. keeping documentation describing the manner of personal data processing, including a register of data processing activities (requirement of Article 30 of the GDPR);
   6. reporting to the supervisory authority a violation referred to in Article 33 of the GDPR that occurred within its own structures;
   7. notifying a person of a data breach, if it may cause a high risk of infringement of the rights or freedoms of natural persons.
4. Your personal data will be processed for the purpose of registering your participation in the Conference, concluding a participation agreement in the Conference, communicating with participants, documenting the course of the event, promoting the Conference and in order to send information about scientific events organized by AGH in the future. Your personal data will be processed in accordance with Article 6(1)(e) of the GDPR, in connection with the Act of 20 July 2018. The Law on Higher Education and Science (Journal of Laws, item 1668) and the mission carried out by the Co-Administrator – the university – on its basis, which is to conduct scientific activity, shape civic attitudes, as well as participate in social development and create an economy based on innovation. In addition, the basis for data processing will be Article 6(1)(b) of the GDPR concerning taking steps prior to the conclusion of the contract and the performance of the contract itself, Article 6(1)(c) of the GDPR indicating the need to comply with a legal obligation incumbent on the administrator, Article 6(1)(f) of the GDPR regarding the necessity of processing for the purposes resulting from the legitimate interests pursued by the administrator and, alternatively, Article 6(1)(a) of the GDPR regarding the data processed on the basis of the consent.
5. Your personal data may be made available to persons and entities cooperating with each of the Joint Administrators on the basis of separate agreements, including organisational and technical services, in particular in the field of accounting, legal or IT services and other cooperation. Personal data may be transferred to state authorities, legal protection bodies (Police, Prosecutor’s Office, Court) or local government bodies in connection with the conducted proceedings.
6. Your personal data will be stored for a period of 6 years from the end of the Conference.
7. You have the right to request access to your data from the Joint Administrators and the right to rectify or delete them, as well as the right to limit data processing and the right to object to processing in the cases and under the conditions specified in the GDPR.
8. Your personal data will also not be subject to decisions made in an automated manner (without human involvement). Your personal data will not be used for profiling.
9. You have the right to lodge a complaint with the President of the Data Protection Office if you believe that the processing of your personal data violates the provisions of the GDPR.
10. Providing personal data is voluntary, but necessary to participate in the Conference.
11. In order to document the course of the Conference, photographs and a video will be taken during the Conference, which will be used in accordance with the Statement of Consent to the Use of Speech and Image and Personal Data.