Privacy Policy of the NASK-PIB

Effective as of May 25, 2018 Information security—with particular emphasis on the protection of personal data and respect for the right to privacy—is of paramount importance to NASK-PIB. It is also a fundamental attribute of our operations, enabling us to gain and maintain trust in the services provided by NASK-PIB. To achieve this goal, NASK-PIB has implemented and applies an information security policy throughout the organization. Furthermore, in key areas of activity, NASK-PIB has introduced an information security management system based on the ISO/IEC 27001:2013 standard and has obtained the relevant certification. NASK-PIB follows transparent principles regarding its privacy policies, including providing information about why and how your personal data is processed, how long it is stored, and to whom it may be disclosed. To ensure the best possible protection of your personal data, NASK-PIB applies the following principles:

• NASK-PIB processes personal data solely to fulfill legitimate purposes for which the data is collected or in accordance with binding legal provisions.
• NASK-PIB processes only those categories of personal data that are necessary for the intended purposes.
• NASK-PIB does not process personal data in a way that is incompatible with the original purpose of the processing.
• NASK-PIB processes personal data in accordance with the highest security standards to protect it from loss or misuse.
• NASK-PIB does not retain personal data longer than necessary for the purposes for which it is processed.
• NASK-PIB provides continuous access to a Data Protection Officer, available at iod@nask.pl.
• NASK-PIB fulfills its information obligations in accordance with data protection regulations, in particular the provisions of the General Data Protection Regulation (GDPR), with respect to data subjects.

Detailed information can be found in the privacy policies available on the websites of individual services provided by NASK-PIB.