Menu
Privacy policy

In connection with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the GDPR), as well as the provisions of the Polish Personal Data Protection Act of 10 May 2018, this Privacy Policy sets out the rules for the processing of personal data and the use of cookies collected via the website operated by the Industrial Development Agency JSC (Agencja Rozwoju Przemysłu S.A.) with its registered office in Warsaw.

We make every effort to protect the privacy of visitors to our website and to ensure transparency as to the manner, purpose and legal basis for processing personal data. Below we present the key information on the rules governing data processing and the use of cookies.

I. Personal data controller and contact details

The controller of personal data is:

Industrial Development Agency JSC (Agencja Rozwoju Przemysłu S.A.)

ul. Nowy Świat 6/12, 00-400 Warsaw
Tax ID (NIP): 526-030-02-07
REGON: 000001699
KRS: 0000037957

Contact details of the Data Protection Officer at the Industrial Development Agency JSC

Name of the DPO: Krzysztof Radtke

Email address: iod@arp.pl

II. Scope and purposes of personal data processing

We process the following data:

  • data provided via the contact form (email address, phone number, first and last name),
  • basic technical and statistical data (e.g. IP address, browser and operating system data).

Personal data are processed only to the extent necessary to achieve purposes such as:

  1. communicating via the contact forms available on this website,
  2. ensuring the security and proper functioning of the website,
  3. sending newsletters and marketing information, including promotional content, on the basis of your consent,
  4. carrying out statistical analyses on the basis of the Controller’s legitimate interests.

III. Legal bases for processing

Processing is carried out on the basis of:

  1. the data subject’s consent (Article 6(1)(a) GDPR), in the scope of marketing communication and newsletter subscription,
  2. the Controller’s legitimate interests (Article 6(1)(f) GDPR), e.g. responding to enquiries and handling contact forms, as well as ensuring the security of the website and performing analyses,
  3. legal obligations – where legal provisions require us to process personal data for archiving, tax, reporting or accounting purposes (Article 6(1)(c) GDPR).

IV. Cookies

The website uses only essential cookies that ensure the proper functioning of the service and do not require the user’s consent. We currently do not use analytical or tracking tools (such as Google Analytics).

We reserve the right to implement such tools in the future – once appropriate user consent mechanisms, compliant with applicable law (GDPR, ePrivacy Directive), have been put in place. Any changes will be communicated in an updated privacy policy and in the cookie management panel available on the website.

The user has the right to change cookie settings at any time via their browser settings or the cookie management panel available on the website.

More information on the cookies used on the site can be found in the cookie management window.

V. Data recipients

Data may be transferred to partners and entities cooperating in the delivery of courses, as well as to IT and technical service providers, on the basis of data processing agreements. Recipients of personal data processed by ARP S.A. as the data controller may include:

  • entities providing hosting services;
  • subcontractors of ARP S.A. providing software delivery services, software or hardware maintenance services used by us, as well as service providers whose assistance we use;
  • entities providing survey services;
  • debt collection companies;
  • auditors and chartered accountants, legal advisers, tax advisers;
  • authorities supervising compliance with the law, regulatory bodies and other public administration authorities.

Data will not be transferred outside the European Economic Area without appropriate safeguards.

VI. Data retention period

The length of time for which we may process your personal data depends on the legal basis that constitutes the lawful ground for ARP S.A. to process personal data. Accordingly, we inform you that where ARP S.A. processes personal data on the basis of:

  1. consent, the processing period continues until such consent is withdrawn by the data subject or the processing purpose is achieved;
  2. the data controller’s legitimate interest, the processing period continues until this interest no longer exists (e.g. until the expiry of civil law limitation periods) or until the data subject objects to further processing, in cases where such an objection is permitted by law;
  3. applicable legal provisions, the data processing periods for this purpose are determined by those provisions.

VII. Rights of data subjects

Data subjects whose data are processed have the right to:

  1. access their data,
  2. rectification of data,
  3. erasure of data (“right to be forgotten”),
  4. restriction of processing,
  5. data portability,
  6. object to the processing of data,
  7. withdraw consent at any time,
  8. lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office.

VIII. Changes to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy, in particular in the event of changes in legal regulations, guidelines issued by supervisory authorities or changes in the way personal data are processed.

The updated version of the Policy will always be published on the website and will apply from the moment it is made available.