Privacy policy

LEGAL NOTICE

The information on this websites is subject to a disclaimer, a copyright notice, privacy policy and rules related to personal data protection.

CONTACT INFO

E-Mail: contact@42warsaw.pl

Any commercial exploitation, even partial, of the data present on the website is forbidden without prior written consent

For more information on the way your personal data is processed by US please read our Privacy Policy AND Information clause available among our legal documents

EU DISPUTE RESOLUTION

The European Commission provides a platform for online dispute resolution (ODR): https://ec.europa.eu/consumers/odr.
Our e-mail address can be found above in the site notice.

LIABILITY FOR CONTENT

As service provider (if and when applicable) we are liable for our own content on these sites in accordance with Polish Law of 18 July 2002 on the Provision of Electronic Services (Journal of Laws No. 144, item 1204, as amended), hereinafter „UOŚUDE”.

Under Article 14 of the UOŚUDE responsibility for the stored data shall not be borne by the person, who, making the resouces available for the purpose of the data storage by a service recipient, is not aware of unlawful nature of the data or the activity related to them, and in case of having been informed or having received a message on unlawful nature of the data or the activity related to them, makes immediately the access to the data impossible. In terms of legal obligations to remove information or to block the use, liability is only possible at the time of knowledge about a specific violation of law. Illegal contents will be removed immediately at the time we get knowledge of them pursuant to Art. 14 of the UOŚUDE.

Under Art. 15 of the UOŚUDE service providers are not obligated to permanently monitor submitted or stored information or to search for evidences that indicate illegal activities.

Liability for Links to third parties’ websites

Our sites may contain links to external third-party websites, the content of which is beyond our sphere of influence. Therefore, we cannot assume any liability for such third-party content. The provider or operator of any linked website is always liable for the content of that website. We encourage you to review their privacy policies. The linked websites were checked for possible violations of law at the time the link was created. No illegal content could be identified at the time the link was created. However, permanent checks of the content of the linked websites without any specific indications that a violation of law has occurred cannot be reasonably expected. If we become aware of any violations of law, we will remove the links concerned immediately.

Social media widgets

Our sites may include Social Media Features and Widgets, such as the Share this button. These Social Media Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are hosted by a third-party site. Your interactions with these Features are governed by the privacy policy of the company providing it.

COPYRIGHT

Copyright protects works as such, and their respective authors and rights holders.

Content and compilations published on these websites are subject to Polish copyright laws, in particular Act on Copyright and Related Rights of 4 February 1994. Reproduction, editing, distribution as well as the use of any kind outside the scope of the copyright law requires a written permission. Downloads and copies of these websites are permitted for private use only. The commercial use of our contents without permission is prohibited. Copyright laws of third parties are respected as long as the contents on these websites does not originate from the provider. Contributions of third parties on this site are indicated as such. However, if you notice any violations of copyright law, please inform us. Such content will be removed immediately.

PROTECTION OF PERSONAL DATA

42 Warsaw respects the privacy of its users. All information is treated confidentially in accordance with the applicable data protection regulations.

COOKIES

Our website uses so-called cookies. These are small text files that are stored on your terminal device with the help of the browser. They do not cause any damage. We use cookies to make our sites user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognize your browser on your next visit. If you do not wish this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases. When deactivating cookies, the functionality of our website may be limited.

For more information on cookies please read our Cookies Policy.

PUBLISHER of the website:

“FREEDOM OF CHOICE” FOUNDATION

FOUNDATION “FUNDACJA WOLNOŚCI”

HEREINAFTER REFERRED TO as „42 WARSAW”

E-MAIL: contact@42warsaw.pl

Al. Solidarności 171 B (Spark) Warsaw Poland

HOST OF THE WEBSITE:

42 – Non-profit association

96 boulevard Bessières 75017 Paris FRANCE

E-mail: webmaster@42.fr

INFORMATION ON SERVICE PROVIDERS AND DATA CONTROLLERS PURSUANT TO ARTICLE 5 OF POLISH LAW OF 18 JULY 2002 ON THE PROVISION OF ELECTRONIC SERVICES AND ARTICLE 13 OF REGULATION (EU) 2016/679 (GENERAL DATA PROTECTION REGULATION)

42 WARSAW

contact@42warsaw.pl

Al. Solidarności 171 B (Spark) Warsaw Poland

ASSOCIATION 42

contact@42.fr.

96 boulevard Bessières 75017 Paris FRANCE

DISCLAIMER

42 Warsaw maintains this website to enhance public access to relevant information. Our goal is to keep this information; timely and accurate. If errors are brought to our attention, we will try to correct them. However 42 Warsaw accepts no responsibility or liability whatsoever with regard to the information on this site.

This information is of a general nature only and is not intended to address the specific circumstances of any particular individual or entity; not necessarily comprehensive, complete, or up to date; sometimes linked to external sites over which 42 Warsaw may have no control and for which 42 Warsaw assumes no responsibility.  It is our goal to minimize disruption caused by technical errors.  However some data or information on our site may have been created or structured in files or formats that are not error-free and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems.

This disclaimer is not intended to limit the liability of 42 Warsaw in contravention of any requirements laid down in applicable national polish law or EU law nor to exclude its liability for matters which may not be excluded under that law.

Our Privacy Policy discloses how 42 Warsaw will maintain and use any personal data provided by you when visiting our sites. For all other submission of information or content by you, the following terms apply:

By submitting information or material (such as feedback, data, answers, questions, comments, suggestions, ideas, plans, orders, requests or the like) to 42 Warsaw, for example by e-mail or via this site, you agree that: (i) the material will not contain any item that is unlawful, libelous, defamatory, obscene, pornographic, abusive, harassing or threatening, or otherwise unfit for publication; (ii) you will use reasonable efforts to scan and remove any viruses or other contaminating or destructive features before submitting any material; (iii) you own the material or have the unlimited right to provide it to us (iv) you agree not to take action against us in relation to material that you submit, and you agree to indemnify us if any party takes action against us in relation to the material you submit.

PRIVACY POLICY FOR 42 WARSAW WEBSITE

PRIVACY POLICY FOR 42 WARSAW WEBSITE
We are pleased about your visit to our website.
When using 42warsaw.pl and our services or when you interact with our social media you provide us with personal data.
Pursuant to the article 13 of the GDPR we would like to inform you about how we handle your personal data.
Your privacy is important to us. We aim for a careful treatment of personal data of everyone who is or attempts to enroll to 42 Warsaw. This privacy policy describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves and by other
means.

42 Warsaw by Freedom of Choice Foundation is an official partner of 42
Association, part of the 42 Network, and has set a Partnership contract to arrange the processing of personal data controlled by 42 and processed by Foundation.  Officially licensed to 42 (located 96 Boulevard Bessières,
75017 Paris), we are part of a worldwide network of coding schools.  Within the network, all schools use the same curriculum, intranet and tools. This statement applies to all activities (including the activities via the
website) of 42 Warsaw. This Privacy Statement is in line with the 42 Privacy Statement, and last
amended 26 June 2023.
We may amend this Privacy Statement from time to time.

We collect personal data from you, through our application website and during the curriculum. You provide some of this data directly, and we get some of it by collecting data about your progress in the curriculum and your
interactions within the school. The personal data collected from you are used for educational purposes. Our educational model requires some personal data to participate. We rely on a variety of legal reasons and permissions (“legal bases”) to process data, including the necessity to enter into and perform contracts, legitimate interest and with your consent. We only collect personal data which are adequate, relevant and not excessive in relation to the purposes for which they are collected.

DATA CONTROLLER CONTACT DETAILS

The controller of your personal data the „Freedom of Choice” Foundation with its registered office in Warsaw Poland.
National Court Register (KRS) No 0001012079 NIP TAX ID 5213999674
HOW YOU CAN REACH US

OUR CONTACT DETAILS
42 WARSAW AL. SOLIDARNOŚCI 171 B (SPARK) WARSAW
E-MAIL: CONTACT@42WARSAW.PL

CONTACT DETAILS OF OUR DATA PROTECTION OFFICER

We have appointed a Data Protection Officer (“DPO”) whom you may
contact in all matters related to the processing of your personal data, by e-
mail: IOD@PERFECTINFO.PL

USAGE DATA

When you visit our websites, so-called usage data is temporarily evaluated on our web server, in form of a protocol, for statistical purposes and in order to improve the quality of our web pages. This data record consists of
 the name and address of the requested content,
 the date and time of the query,
 the description of the web browser and operating system used,
 the referral link, which indicates from which page you reached our
page,
 the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.
The mentioned protocol data will only be evaluated anonymously.
SAVING OF IP-ADDRESS FOR STATISTICAL PURPOSES

In addition, we store the complete IP address transmitted by your web browser for a period of seven days to enable us to detect, limit and eliminate attacks on our website. After this period we delete or anonymize the IP address. The legal basis is Art. 6(1)(f) GDPR.

DATA SECURITY

We take technical and organizational measures to protect your data as thoroughly as possible from unwanted access. We use an encryption procedure on our web pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can usually tell this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

COMMUNICATION BY EMAIL / TELEPHONE

Purpose of data processing/legal basis: We will of course treat personal details provided by you by e-mail/phone/mail confidentially. We use yourdata exclusively for the purpose of processing your enquiry. The legal basis for data processing is Art. 6(1)(f) GDPR. The justified interest here arises from the interest in answering your enquiries and thus in maintaining and
promoting customer satisfaction.
Duration of storage/criteria for determining the duration of storage: All personal data which you send us in connection with enquiries will be deleted or anonymized by us, provided that this data is no longer necessary and there are no legal obligations to store such data.
If you assert your rights as a data subject, your personal data will be stored
for 3 years after the final reply in order to prove that we have provided you
with comprehensive information and that the legal requirements have been
met.

COMMUNICATION VIA OUR CONTACT FORM

You have the possibility to contact us via our contact form. To use our contact form we require the data that is marked as mandatory fields. The legal basis for the processing of this data is, in accordance with Art. 6(1)(f)
GDPR, our legitimate interest in ensuring the successful processing of your enquiry and to further optimize our service. Your data will be deleted after the final processing of your enquiry, provided that there are no legal storage obligations. With regard to processing in accordance with Art. 6(1)(f) GDPR, you have the right to object at any time. To do so, please contact our DPO.

NEWSLETTER REGISTRATION AND SENDING (SUBSCRIBE)

You can subscribe to our newsletter through our website.
The newsletter will only be sent if you have given us your express consent pursuant to Art. 6 (1) p. 1 lit. a) of the GDPR. After subscribing through our websites, you will start receiving e-mails from us. You can easily revoke
your consent at any time by clicking on the unsubscribe link in every newsletter.

As part of the newsletter registration, we store additional data beyond the data already mentioned, insofar as this is necessary for us to prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation email sent by us. The corresponding data processing is based on Art. 6 para. 1 p. 1 lit. f) GDPR and is done in the interest of being able to account for the legality of the newsletter dispatch. When sending the newsletter, we are supported by our service provider Mailchimp (The Rocket Science Group LLC, 675 Ponce de Leon Ave, NE Suite 5000 Atlanta, GA 30308 USA), which is strictly bound by instructions and contractually obligated to us accordingly. You can find the privacy policy of Mailchimp and Rocket Science Group LLC  here .

APPLICATION FOR A STUDY PROGRAM AND ADMISSION TO THE
STUDY PROGRAM

We process your personal data, which you provide in our admission questionnaire, primarily for the purpose of carrying out the application procedure and deciding on the admission to the study program. In this respect, data processing is carried out for the performance of pre-contractual measures that precede a contractually regulated business relationship. The data processing is therefore necessary for the execution of your application (Art. 6 (1)(b) GDPR).

Furthermore, during the application process, an individual email address is created using your profile name. This is created as follows:  “firstname.lastname@student42warsaw.pl”. This is done based on our legitimate interest in creating uniform email addresses and thus on the basis of Art. 6 (1)(f) GDPR.
If you give your express consent, we will send you an invitation to participate in our final survey by e-mail. This is done on the basis of Art. 6 (1)(a) GDPR. You can revoke your consent at any time. You can easily revoke your consent, for example, by
clicking on the unsubscribe link in the email.
We may also use a bot resp. discord to get in touch with you, to keep youup to date on current topics and to support you with any problems that mayarise in the course of your studies. We also use this to invite you tocomplete surveys. This is done on the basis of our legitimate interest in communicating with you and optimizing our offer (Art. 6 (1)(f) GDPR).
If your application is successful, we may require further personal data from you in addition to the data you provided in your application. We will then process your personal data primarily for the purpose of processing, concluding and executing the study contract concluded with you. The processing of your personal data may then arise on the one hand due to the performance of pre-contractual measures that precede a contractually regulated business relationship or on the other hand in the fulfillment of
obligations arising from a concluded contract with you (Art. 6 (1)(b) GDPR).
Furthermore, it may be necessary to process your personal data to uphold legitimate interests (Art. 6(1)(f) GDPR). The legitimate interests comprise, in particular, the conclusion, processing and execution of the study contract.
Additionally, legitimate interests include internal administrative purposes (e.g. accounting), communication with you, support in the context of your studies, ensuring IT security and IT operations, and enforcing, exercising or defending legal claims.
In addition, we are subject to various legal obligations that may require the processing of your personal data that you have provided to us as a (future) student (Art. 6(1)(c) GDPR). These legal obligations may arise, for example, from tax law (e.g. to comply with retention periods in relation to the tax office), commercial and foreign trade law or sanctions law.
Within the scope of our business relationship, you must provide the personal data that is required for the decision to conclude, perform and execute the study contract and to fulfill the associated obligations arising from the contract. We are required by law to collect this personal data or are entitled to do so on the basis of our legitimate interests. Without this data, we will generally not be able to contact you.

USE OF VIDEO CONFERENCING SYSTEMS (ZOOM AND
GOOGLE.MEET)

DESCRIPTION OF DATA PROCESSING, PURPOSES AND TYPES OF
DATA
We use the tools “Zoom” and “Google.Meet” to conduct telephone conferences, online meetings and video conferences (hereinafter: “online meetings”) as part of the application and the study program itself.
Depending on the type and scope of use, various types of data are collected or processed. This includes in particular
 Personal information (e.g. first and last name, e-mail address, profile picture)
 Meeting metadata (e.g. date, time and duration of communication, meeting name, participant IP address).
 Device/hardware data (e.g. IP addresses, MAC addresses, Clint
version)
 Text, audio, and video data (e.g. chat histories, video, audio, and presentation recordings)
 Connection data (e.g. phone numbers, country names, start and end times, IP addresses)

REQUIRED DATA AND FUNCTIONS
You will receive an access link from the host by e-mail. When you register for the online meeting, you must then enter your name and, if applicable, your e-mail address. As a participant, you can join meetings directly via the browser without having to install the Zoom or Google.Meet client.

In addition, the tools collect user data that is necessary for the supply, technical and operational support and improvements of the services provided. This includes, in particular, technical data about your devices, network and internet connection, such as IP address, MAC address, other device IDs (UDID), device type, operating system type and version, client version, camera type, microphone or speaker, type of connection).

VOLUNTARY INFORMATION AND FUNCTIONS

You can provide further information about yourself, but you do not have to. You are also free to use the chat, question or survey functions during the online meeting. You can also switch your camera and microphone on, off or
mute yourself.
If you use the chat, question or survey function, the text entries you make will be processed in order to display them in the “online meeting” and log them if necessary. If you turn on your camera or microphone, the data from the microphone of your end device and from any video camera of the end device will be processed for the duration of the meeting. At the start of
online meetings, your camera image and microphone are turned off by default.
Please note that any information you or others upload, provide, or create during an online meeting will be processed at least for the duration of the meeting. This includes, in particular, chat/instant messages, files, whiteboards, and other information shared while using the service.

OTHER FUNCTIONS

If required for the purposes of logging the results of an online meeting, chat content may be logged. However, this only applies to “public” chats and messages addressed directly to the hosts. Contents of private chats are not logged.
If we wish to record online meetings, we will inform you in advance and – if necessary – ask for your consent. If a recording takes place, the participants of the online meeting will be informed of this by the system both via video and audio.

“Zoom” has the option of software-based “attention monitoring” (“attention tracking”). However, this is not used by us and has therefore been deactivated. More information on the processing of your data when using “Zoom”, is provided via a detailed list of the data collected and processed by “Zoom” as well as the “Zoom” privacy policy which can be found at: https://zoom.us/de-de/privacy.html.
Further information on the processing of user data when using Google Meet can be found here: https://support.google.com/meet/answer/9852160 ”

LEGAL BASIS FOR DATA PROCESSING

The processing of your data is based on Art. 6(1)(b) GDPR, if your participation in the online meeting is necessary for the fulfillment of a contract concluded with you. The same applies if the holding of the online meeting is necessary for the performance of pre-contractual measures that take place at your request.
If the data processing in connection with the use of the online conference systems is not necessary for the fulfillment of a contract concluded with you or for the performance of pre-contractual measures, it is carried out on the basis of Art. 6 (1)(f) GDPR. Our legitimate interest is the ability to maintain location-independent communication, the maintenance of business contacts and the provision of outstanding services.
If you voluntarily provide personal information when using the tools or voluntarily use functions that are not mandatory, the associated data processing is based on your revocable consent in accordance with Art. 6
(1)(a), 7 GDPR. You can revoke your consent at any time with effect for the future. Please note that processing that took place before the revocation is not affected by this.

SHARING YOUR DATA

In principle, we do not transfer your data to third parties. Data is only passed on if it is intended to be passed on, if you have expressly consented to the transfer in advance, or if we are obliged or authorized to do so by law. Please note that content from “online meetings” as well as personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.
When processing your data, Zoom Video Communications Inc. supports us as an external service provider and processor within the meaning of Art. 28 GDPR. As a processor, Zoom Video Communications Inc. processes your data strictly in accordance with instructions and on the basis of a separately concluded data processing agreement. When using Google Meet, we
receive support from the US service provider Google LLC. Google LLC that also supports us as a processor according to Art. 28 GDPR. We have also concluded a data processing agreement with Google LLC in accordance with Art. 28 GDPR. The data processing may thereby also take place outside the EU or the EEA. The transfer of data to the USA is subject to appropriate safeguards within the meaning of Art. 46 GDPR through the use of standard data protection clauses as well as additional measures.”

SCHOLARSHIP APPLICATION FORMS AND SCHOLARSHIPS

We process the personal data you provide in our scholarship form primarily for the purpose of conducting the selection process and deciding whether or not to offer you a scholarship contract. Therefore, data processing is carried out for the implementation of pre-contractual measures that precede a contractually agreed business relationship. Data collection is thus necessary for the execution of your scholarship application (Art. 6 (1)(b) GDPR). For this purpose, in addition to your first and last name, we also
require an e-mail address in order to be able to categorize you and communicate with you. We also ask for information about your financial situation and, if applicable, any other forms of support in order to be able to determine whether you can be considered as a scholarship candidate. We also ask you to confirm that you have understood the fundamental principles of the scholarship and that the information you have provided is true.

We offer the possibility to leave further remarks in optional text fields. This processing is based on Art. 6 (1)(f) GDPR.
After a successful application, we may send you a scholarship contract. To this purpose, we request and process the data necessary for the fulfillment of the contractual obligations mentioned therein on the basis of Art. 6 (1)(b) GDPR, such as your bank data as well as actual evidence to substantiate a need for financial support as well as a copy of your rental contract.
Furthermore, it may be necessary to process your personal data to safeguard legitimate interests (Art. 6 (1)(f) GDPR). These legitimate interests are in particular the conclusion, processing and execution of the scholarship contract. This also includes, if necessary, random checks to ensure that the obligations stipulated in the scholarship contract are being complied with and, if necessary, a more in-depth examination if there are actual indications giving rise to a suspected breach of contract. Further legitimate interests include internal administrative purposes (e.g. accounting), ensuring IT security and IT operations, and enforcing, exercising or defending legal claims. In addition, we are subject to various legal obligations that may require us to process your personal data that you have provided to us as a (future) scholarship holder (Art. 6 (1)(c) GDPR).
These legal obligations may arise, for example, from tax law (e.g. to comply with retention periods in relation to the tax office), commercial and foreign trade law, or sanctions law. As part of the implementation of the scholarship contract, it may also be necessary for us to process your health data if you interrupt your studies for health reasons. The legal basis is your consent to the processing of health data in accordance with Art. 9 (2) a) GDPR. Within the scope of our business relationship, you must provide the personal data that is required for the decision to conclude, perform and
execute the scholarship contract and to fulfill the associated obligations arising from the contract. We are required by law to collect this personal data or are entitled to do so on the basis of our legitimate interests. Without this data, we will generally not be able to contact you.

GOOGLE ANALYTICS

For the design of our websites, we use the web analysis tool “Google Analytics” from Google Ireland Limited (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4). Google Analytics creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. This enables us to identify recurring visitors and register them as visitors.

Insofar as you have given your consent in accordance with Art. 6(1)(a) GDPR within the framework of the banner, we use cookies from Google Analytics to differentiate, identify and track visitors and to analyse user behaviour.

However, we have activated IP anonymisation on our websites, which means that, within the member states of the European Union, your IP address will be shortened before by Google.

NAME OF THE COOKIECATEGORY (E.G. GENERALLY REQUIRED, ANALYSIS, SOCIAL MEDIA, ADVERTISING)MANUFACTURER / PROVIDER (E.G. GOOGLE, FACEBOOK)PURPOSE / DESCRIPTION (WHAT ARE THE COOKIES USED FOR?)STORAGE DURATION
_gaanalysisGoogleVisitor tracking. The cookie collects anonymous information about how users use this website for analysis purposes.2 years
_gidanalysisGoogleThe cookie is used in conjunction with _ga to differentiate users.24 hours
_gatanalysisGoogleLimiting the query rate to increase the efficiency of network traffic10 minutes

You can revoke your consent at any time. Please follow this link and make the appropriate settings via our banner.

You can read more about how to prevent data transmissions to Google here:

You have the possibility to prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).

You can also prevent a detection by Google Analytics by clicking on the following link. An opt-out cookie is set, which permanently prevents the future collection of your data when visiting these websites:

<a href=”javascript:gaOptout()”> Click here to object to the processing of your data by Google Analytics </a>

Google’s terms of use: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html,  and the data protection declaration: http://www.google.de/intl/de/policies/privacy.

Within the framework of Google Analytics, Google supports us as a processor in accordance with Art. 28 GDPR. The data processing can also take place outside the EU or the EEA. With regard to Google, an appropriate level of data protection can be assumed in accordance with Art. 46(2)(c) GDPR through the use of EU standard contract clauses.

GOOGLE TAG MANAGER

On our web pages we integrate the “Google Tag Manager” of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

In the European Union (EU) and European Economic Area (EEA), Google Tag Manager is offered as a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tag management system (TMS) that allows us to integrate and manage additional website content in JavaScript or HTML code.

In particular, it can be used to integrate and manage so-called tags into our website. Tags are small code fragments or markings (web beacons, tracking pixels or similar markings) that enable services for website analysis or user tracking to differentiate or identify users.

The analysis of website visits or user tracking is not carried out by the Google Tag Manager, but by the services used for these purposes, such as Google Analytics or other third-party solutions. Rather, the Google Tag Manager is only used to integrate and manage the markers necessary for analysis or tracking on our website.

As the Google Tag Manager is provided by Google and is reloaded from its servers when the page is called up, the usage data technically required for calling up the page is also transmitted. In this respect, Google also receives your IP address, which for technical purposes, is required to retrieve the content.

The data processing is based on Art. 6(1)(f) GDPR. The purpose and our legitimate interest is to make the administration of our website content efficient.

Data processing may also take place outside the EU or the EEA in third countries. We then take measures in accordance with Art. 44 GDPR to ensure an adequate level of data protection.

You can find further information on the handling of personal data by Google at https://policies.google.com/privacy?hl=de.

GOOGLE REMARKETING

We use Google remarketing technologies from Google so that targeted advertising can be displayed on other websites based on your visit to our website. The data processing takes place on the basis of your consent in accordance with 6(1)(a) GDPR.

If you give your consent, you allow Google to obtain recognition features for your browser or end device (e.g. to create a so-called browser fingerprint), to evaluate your IP address or to save a recognition feature in the form of a small text file on your end device (e.g. a so-called third-party cookie).  It is also possible that Google may link your visit to our website to one or more of these recognition features and store them in order to display our advertising to you on other pages on the Internet. The recognition features described above are designed as pseudonyms and can be used by Google to recognise your end device on other Internet pages. For example, if you visit a page that participates in Google’s display advertising network (i.e. displays advertising on behalf of Google), Google may recognise your end device and browser based on the above-mentioned features. We may also add so-called “remarketing tags” to our websites. This means that we can include keywords in our web pages that contain statements about the content of the page displayed (such as product or service categories). The keywords that we use do not contain any personal or sensitive information. Google receives and stores these keywords for the above-mentioned recognition features. This means that when you visit a page that we have tagged with a particular product category, Google stores that tag and associates it with your recognition features. This enables us to instruct Google to place advertisements on other websites based on the pages you visit on our site. So if you visit another website that is part of Google’s display advertising network, Google can use the recognition features and the keywords stored for these recognition features to determine whether and, if so, which of our ads should be displayed to you. For more information on how Google remarketing technologies work, please visit https://www.google.com/policies/technologies/ads/.

Data processing may also take place outside the EU or the EEA in third countries. We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

You have the option of selecting settings for advertising. You can object to this form of advertising at any time. To do so, please call up this page at https://support.google.com/ads/answer/2662922 and deactivate personalised advertising. Please note that these settings may not affect all end devices and browsers. Further information is also available at https://support.google.com/ads/answer/2662922.

MICROSOFT ADVERTISING

On our websites, we may integrate the “Microsoft Advertising” of Microsoft Corporation, One Microsoft Way, Redmond WA 94043, USA. In the European Union (EU) and the European Economic Area (EEA), Microsoft Advertising is offered as a service by Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. If an ad placed by us via Microsoft Advertising is displayed on other websites or if you click on it, these other websites store a Microsoft Advertising conversion tracking cookie with a pseudonym assigned to us in your terminal device on the basis of your consent given there.

If you subsequently visit our websites within the storage period of this cookie, this cookie will be read by Microsoft Advertising Conversion Tracking on our website. In this way, Microsoft can determine that you were shown an advertisement placed by us or that you clicked on it and subsequently visited our websites and, if applicable, how you subsequently used our websites. The conversion of an advertisement into an action by the website visitor is called a conversion. From this information, Microsoft compiles statistics for us from which we can see how many users have responded to our advertisements and in what way. Based on these statistics, we can optimize the effectiveness of our advertising and control our advertising strategy. The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit a GDPR, provided that you have given your consent via our Consent Banner.

Your consent is voluntary and can be freely revoked at any time with effect for the future pursuant to Art. 7 (3) GDPR. To do so, please click on “Open settings” and make the appropriate decisions via our banner at the very top of this privacy policy. The processing of your data may thereby also take place in states outside the European Union (EU) and the European Economic Area (EEA) in third countries without an adequate level of data protection, in particular in the USA. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and monitoring purposes without you being informed or being able to appeal.

In the context of Microsoft conversion tracking, Microsoft supports us as a processor in accordance with Art. 28 GDPR. With regard to Microsoft, an adequate level of data protection pursuant to Art. 46 (2) c) GDPR can be assumed through the use of EU standard contractual clauses. In principle, we have no influence on further data processing by the third-party provider. Further information on the handling of personal data by Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement.

REMARKETING – FACEBOOK PIXEL

Within our website, so-called “Facebook pixels” of the social network Facebook, which is operated by Facebook by Meta Platforms Ireland Limited if you are resident in the EU (“Facebook”), are used. However, this will only be done if you agree to this via the consent banner. In this case, the data processing associated with the pixel is based on your consent in accordance with Art. 6(1)(a) GDPR.

With the help of the Facebook pixel, Facebook is able to determine the visitors of our offering as a target group for the presentation of ads, so-called “Facebook ads”. Accordingly, we use the Facebook Pixel in order to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our internet offer. In other words, with the help of the Facebook Pixel we want to ensure that our Facebook-Ads correspond to the potential interest of the users and do not appear bothersome. The Facebook Pixel also enables us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users have been directed to our website after clicking on a Facebook ad.

The Facebook pixel is integrated directly by Facebook when you call up our websites and can store a cookie on your device. If you then log in to Facebook or visit Facebook when logged in, the visit to our offer will be noted in your profile. The data collected about you is anonymous to us, so we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. The processing of the data by Facebook is carried out within the framework of Facebook’s Data Usage Policy. Correspondingly, you can obtain further information from the third party provider on how the remarketing pixel works and generally on the display of Facebook Ads: https://www.facebook.com/policy.php.

Data processing may also take place outside the EU or the EEA in third countries. We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

You can revoke your consent to the collection of your personal data by the Facebook pixel and use of your data for the display of Facebook ads [here].

LINKEDIN INSIGHT-TAG

We use conversion tracking technology on our website and the retargeting feature of the LinkedIn Corporation. The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor’s browser and allows the following information to be collected for that cookie: metadata such as IP address, timestamp and page events (e.g., page views). However, this only takes place if you agree to it via the consent banner. In this case, the data processing associated with the pixel is based on your consent in accordance with Art. 6(1)(a) GDPR.

You can find further information on this at: https://www.linkedin.com/help/linkedin/answer/65521.

This technology allows visitors to this website to receive personalised advertisements on LinkedIn. It also provides the ability to generate anonymous reports on ad performance and website interaction information. LinkedIn Insight tag is embedded in this website, which connects to the LinkedIn server when you visit this website and are logged into your LinkedIn account.

Data processing may also take place outside the EU/EEA in third countries.

We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

Please refer to the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy for more information about data collection and use, and the choices and rights you have to protect your privacy. You can withdraw your consent to the collection of your personal information by using the Linkedin Insight tag [here].

LINKS

Our website may contain links to other websites over which we have no control. For example, there are links to Instagram, Facebook and Linkedin on various sub-pages. The link alone does not create a direct connection to your respective account.

STORAGE PERIOD

Unless we have already informed you in detail about the storage period, we delete personal data if they are no longer required for the aforementioned processing purposes and no legal storage obligations prevent deletion.

YOUR RIGHTS AS A DATA SUBJECT

When processing your personal data, the GDPR grants you, as a data subject, certain rights:

Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to request immediately the rectification of incorrect personal data concerning you and, if necessary, the completion of incomplete data.

Right to erasure (Art. 17 GDPR)

You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to demand that the processing be restricted if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have lodged an objection to the processing, for the duration of the examination by the controller.

Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transfer of such data to a third party.

Right of withdrawal (Art. 7(3) GDPR)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7(3) GDPR. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6(1)(f) GDPR (data processing to safeguard legitimate interests) or on the basis of Art. 6(1)(e) GDPR (data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority) you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of data concerning you is in breach of the GDPR. The right of complaint may be asserted in particular before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.

For 42 Warsaw supervisory authority is the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, whom you may contact if you consider that during the processing of your personal data we have breached the provisions of GDPR.

Should you have any concerns regarding the way in which we process your data, please contact us in the first instance electronically via the e-mail address: iod@perfectinfo.pl or at the postal address of our office.

In case of dispute concerning the processing of your personal data by Association 42, you may file a claim with “Commission Nationale Informatique et Libertés” (CNIL): www.cnil.fr, which is appropriate authority for France.

Exercise of your rights

Unless described otherwise above, please contact the department stated in the imprint to exercise your rights.

Data processing by 42 warsaw in partnership with association 42

In order to have a clear vision on the whole processing of your personal data done by us as part of 42 Network we invite you to take a few minutes and read this document entirely.

What personal data is processed and when is it collected?

In accordance with applicable law, we only collect adequate, pertinent and non-excessive personal data in scope of the purposes for which they are collected.

The nature of the collected personal data varies according to your profile and the requested services.

In all cases, we will inform you that we will collect personal data concerning you by indicating at least the identity of the DPO, the objectives and your rights on your personal data.

For example, when you apply to 42 on the site apply.42warsaw.pl we are susceptible to collect the following personal data:

  • Email
  • First name
  • Last name
  • Date and place of birth
  • Postal address
  • Sex
  • Nationality
  • Phone number
  • Emergency contact information (phone number, last name, first name, affiliation)
  • Incident tickets
  • Test results

In addition to personal data that you directly communicate to us, we are also susceptible to collect personal data without direct communication from you. This is the case when you browse our sites 42warsaw.pl on which your IP address is automatically collected for the security of our services and the infrastructure of the site.

For what reasons you processes my personal data?

All personal data processed are collected for determined, explicit and legitimate purposes and will not be subject to further processing which is not compatible with these purposes.

The purposes of processing are the objectives sought by the controller while collecting personal data.

These purposes vary according to the relevant processing.

For example, when we collect your email address during registration, the purpose is to be able to contact you for your registration or your curriculum. Unless agreed upon beforehand, we will never use this email address to send you newsletters by email in the future, because this purpose is incompatible with the initial purpose.

When we process your projects or your school results, the purpose of this processing is the follow-up of your educational path.

In general, we collect and process your personal data for the following purposes:

  • Applications to 42;
  • Admission tests in 42;
  • Registration to 42;
  • Making statistics;
  • Educational follow-up of students;
  • Administrative management of students;
  • Evaluation of students;
  • Management of emails addressed within the school framework;
  • Management of food payments within 42 and social security payments;
  • Management of events organized within 42;
  • Management of publications on the site events.42.fr;
  • Management of videos put online on the site tv.42.fr;
  • Attribution and management of access rights;
  • Management of applications on the websites of 42;
  • Management of identifications on the websites of 42;
  • Management of connections via the intranet of 42;
  • Management of job postings published on the intranet of 42;
  • Management of legal declarations to Social Security organizations;
  • Sending information to the Economy and Finance Department for obtaining the label “Grande école du Numérique”;
  • Surveys and statistics on the integration rate of graduates;
  • Management of alumni requests;
  • Activities of the alumni network;
  • Giving teaching tools to students;
  • Management of teaching tools;
  • Process requests to exercise rights by individuals on their personal data and providing adequate answers;
  • Analysis of visits on the site 42warsaw.pl;
  • Optimization of site 42warsaw.pl;
  • Process requests sent to us via the contact form;
  • Process information requests sent to us;
  • Provide an adequate answer to contact requests;
  • Security of sites and respect of legal obligations;
  • Ensure the security of individuals and goods present in 42.

We will never process your personal data for other purposes without informing you beforehand and, possibly, asking for your consent.

What are the legal foundations of processing my personal data?

Regulation demands that any processing of personal data must rest on a legal foundation. It is the existence of a legal foundation that will condition the lawfulness of personal data processing.

Regulation predicts several legal foundations to justify the processing of personal data, such as the consent of the subject, the necessity of processing for contractual execution or the respect of a legal obligation.

At 42, processing your personal data rests on the following foundations:

  • The necessity of processing for the execution of the contract between you and Association 42 or relevant pre-contract measures;
  • Respect a a legal obligation;
  • Your expressed and prior consent;
  • The existence of a legitimate interest of Association 42.

The legal foundation of processing your personal data varies with the processing at stake.

For example, the processing of your email address in order to contact you is necessary for the execution of the contract made with Association 42, whereas the video surveillance used inside 42 rests on the legitimate interest of Association 42 in ensuring the security of individuals and goods. To know the legal basis for each personal data processing done by Association 42, please consult the list in the introduction of the present document.

Am I obligated to give my personal data?

In general, we will never force you to communicate your personal data.

However, communication of certain personal data is necessary for the service we offer.

This data can be identified by the presence of an asterisk “*”.

If you do not wish to communicate this essential data, we cannot guarantee access to the services offered.

How do I manage my preferences in terms of cookies?

On our website 42warsaw.pl we use cookies to measure the audience of our sites.

A cookie is a small text file put on the hard disk of the user by the site server or by a third party server.

We will never use cookies for audience measurement without your consent. You have the possibility to activate or deactivate these cookies by clicking the “cookies policy” tab on the relevant sites.

If you wish to find more information on this subject, you can access the list of our legal documents then select the document concerning Cookies.

Am I susceptible to be the object of an automated decision?

An automated decision can be defined by a decision on an individual by way of algorithms applied to his personal data, without any human interference in the process.

When you apply for 42 using our website apply.42warsaw.pl some of your personal data can be used automatically by an algorithm to validate the various tests accomplished.

As such, we use a first algorithm to validate the logic and memory scores of candidates so that they can continue the application process.

Candidates that have failed these tests cannot continue the application process.

We also use a second algorithm after the “piscine” (pool) periods to determine the possible candidates that can be admitted to 42.

Candidates that have failed these tests cannot continue the application process.

In certain specific cases, after these tests, the teaching team can meet to make a definitive decision on a candidate.

You can obtain more information on the algorithms used to validate the above application test as well as their underlying logic below:

  • The algorithm of games on the platform evaluates the levels achieved on various games to determine if the candidate has shown enough competence to go further in the selection process. It is based only on the test results and simply evaluates the levels achieved.
  • The selection algorithm at the end of the “piscine” is based on several criteria such as, for example, competence, motivation and engagement shown by the candidate. Candidates that have reached the minimum prerequisites defined by the algorithm are simply admitted.

How long will my personal data be retained?

We are committed to retain your personal data only for the period necessary for the purposes of the relevant processing.

This retention period will necessarily vary with the type of data and processing at hand.

Some legal dispositions also force us to retain your personal data for a minimum duration.

Below, you will find, for each processing, the retention period of the data.

At the end of this period, unless you indicated otherwise, we will delete your personal data or anonymize it for statistics purposes.

ProcessingData typesRetention period
Management of admission tests in 42ID data (last name, first name, date and place of birth, etc.), contact information (email, phone), emergency contact, test results3 years starting at the last connection to the application site or deleted weekly, every monday, in case the tests were failed
Management of registration of 42ID data (last name, first name, date and place of birth, etc.), contact information (email, phone), emergency contact, test results3 years starting at the last connection to the application site or deleted weekly, every monday, in case the tests were failed
Production of statisticsTest results3 years starting at the last connection to the application site or deleted weekly, every monday, in case the tests were failed
Educational follow-up of studentsID data, contact information, schoolwork, school results3 years starting at the last connection to the intranet
Administrative student managementID data, social security number, contact information3 years starting at the last student’s connection to the intranet
Student evaluationContact information, schoolwork, test results3 years starting at the last connection to the intranet
Management of emails sent in the school frameworkContact information3 years starting at the last connection to the intranet
Management of emails sent in the internships frameworkID data and contact information in the company for internships management3 years starting at the last connection to the intranet
Management of food payments within 42Email address, credit card encrypted data, data relevant to transaction1 month starting at payment
Management of social security payments within 42Email address, credit card encrypted data, data relevant to transaction1 month starting at payment
Management of events within 42ID data, contact information, information pertaining to the events1 year starting at the event request
Management of publications on the siteID data, contact information, information pertaining to the events1 year starting at the event request
Management of online videos on the siteID data, contact information, information pertaining to the video3 years starting at the last connection to the intranet
Attribution and management of access rightsIP, connection logs1 year
Management of registrations on the websites of 42IP, connection logs1 year
Management of identifications on the websites of 42IP, connection logs1 year
Management of connections via the intranet of 42IP, connection logs1 year
Management of job postings published on the intranet of 42ID data, contact information, Resume3 years starting at the last connection to the intranet
Management of legal declarations to Social Security organizationsID data, social security number3 years starting at the last connection to the intranet
Sending documents to the Economy and Finance Department for obtaining the “Grande école du Numérique” labelStatistics on entrance and exit volumes, prior diplomas of students, social and economic features3 years starting at the last connection to the intranet
Surveys and statistics on the integration rate of graduatesStatistics on entrance and exit volumes, prior diplomas of students, social and economic features3 years starting at the last connection to the intranet
Management of alumni requestsStatistics on entrance and exit volumes, prior diplomas of students, social and economic features3 years starting at the last connection to the intranet
Management of alumni networkStatistics on entrance and exit volumes, prior diplomas of students, social and economic features3 years starting at the last connection to the intranet
Providing students with teaching toolsID data, contact information, account identification,work done within 423 years starting at the last connection to the intranet
Management of teaching toolsID data, contact information, account identification,work done within 423 years starting at the last connection to the intranet
Processing requests to exercise rights of subjects pertaining to their personal data and providing an adequate answerID data, contact information, credentials, personal data pertaining to the request4 months after the closure of the case
Analysis of visits to the sitesIP address, browser used, device used, browsing data13 months
Optimization of sitesIP address, browser used, device used, browsing data13 months
Processing requests sent to Association 42 via the contact formContact information4 months after the closure of the case
Processing information requests sent to Association 42Contact information4 months after the closure of the case
Provide an adequate answer to contact requestsContact information4 months after the closure of the case
Site security and respect of legal obligationsIP addresses, connection logs1 year
Ensuring the security of individuals and goods present in 42Images from the video surveillance system, email, company, last name, first name, badge number, badge code pin, connection logs, date and time of access, door accessed15 days for video surveillance, 1 year starting at the last connection to the intranet, contact and badge information, 3 months for access control logs

Is my personal data secure?

We take the security of your personal data seriously. This is why we have adopted internal measures to ensure as much as possible the integrity and privacy of your data, such as:

  • Setting up a strict policy in terms of creation and renewal of passwords granting access to your personal data;
  • Access to personal data restricted to the individuals directly concerned by the purpose of processing;
  • Use of firewalls and secured connections;
  • Encryption of your password;
  • Security of access to our offices (video surveillance, access control, etc.)

If you wish to obtain more information on the security measures of 42 Warsaw to protect your personal data, you can send a request to the following address: iod@perfectinfo.pl

If you wish to obtain more information on the security measures of Association 42 to protect your personal data, you can send a request to the following address: dpo@42.fr.

Where is my personal data stored?

Your personal data is mostly stored in the databases located inside the European Union.

However, because 42 Warsaw and Association 42 are part of an international network of establishments in various countries, some of your personal data can be transferred to countries located outside the European Union.

This is notably the case of personal data collected on site admissions.42.us.org dedicated to our partner establishment in the United States, and this data is stored by necessity in the United States.

This is also the case concerning personal data collected on the internal site of 42 intra.42.fr, which is accessible from all campuses of Association 42, namely:

  • USA
  • Russia
  • Ukraine
  • Moldavia
  • Morocco
  • South Africa

In those cases, we guarantee that these transfers are destined to countries ensuring a protection level equivalent to that of the European Union or constrained by restriction tools that can meet the demands of applicable regulations.

These guarantees can be constraining company rules, standard contractual clauses, adoption of a code of conduct or a certification.

At any moment, you can ask Association 42 how the transfers of personal data outside the European Union are supervised and consult the documents relevant to the above guarantees by sending your request to: dpo@42.fr.

Furthermore, as elaborated below, we strictly supervise the communication of your personal data to our service providers to ensure its integrity and privacy.

Who are the recipients of my personal data?

A recipient is defined as any individual authorized to obtain data because of his/her role.

The recipients of your personal data are:

  • The teaching staff of 42 Warsaw and Association 42;
  • The IT staff of 42 Warsaw and Association 42;
  • The administrative staff of 42 Warsaw and Association 42;
  • The teaching, IT and administrative staff of our partner campuses.

Evolution of the present Privacy Policy

42 Warsaw has the right to modify the present privacy policy at any moment. If the present Privacy Policy is modified, we commit to publish the new version on our website. The date of the last update of the present Privacy Policy will always be mentioned at the end of the present document.

We will inform you of any modification by email, and if possible before it takes effect. If you do not agree with the new terms, you have the possibility to ask for the erasure of your personal data.

Last updated: 26 June 2023

INFORMATION CLAUSE – RECIPIENTS OF ELECTRONIC CORRESPONDENCE

We hereby inform you that we process your personal data in accordance with the Regulation (EU) 2016/679
of the European Parliament and of the Council of 27 April 2016 (“GDPR”). Details are given below.

  1.  The controller of your personal data is &quot;FREEDOM OF CHOICE” Foundation with its registered office in Lublin National Court Register No 0000428743 („Foundation”).
  2. The Data Controller has appointed for 42 Warsaw a Data Protection Officer (“DPO”), with whom you may contact in all matters related to the processing of your personal data, by e-mail iod@perfectinfo.pl
  3. Your personal data in the form of your e-mail address and possibly other data that you provide to us in the course of correspondence shall be processed for the purposes:
    a) resulting from legitimate interests of Foundation, which is handling the notification, conducting electronic correspondence with you, including answering questions and providing relevant information, evidence purposes, monitoring of the quality of service, determination and investigation of claims or defence against claims (the basis of Article 6 (1) (f) of the GDPR), b) performance or endeavour to conclude a contract (the basis of Article 6 (1) (b) of the GDPR).
  4. Your personal data may be made available to:
    a) authorised employees and associates of the Data Controller,
    b) entities cooperating with us, in particular IT systems and services providers supplying
    Foundation with technical, IT and organisational solutions necessary for 42 Warsaw upkeep,
    functionality as part of 42 Network, in particular e-mail and hosting providers as well as
    software providers for company management and technical assistance, entities providing
    services and tools in the field of customer service, suppliers of the opinion poll system and
    providers of accounting, legal and advisory services where such entities process data in
    accordance with concluded contracts for entrusting the processing of personal data,
    c) entities duly authorised to do so under universally applicable provisions of law.
  5. Retention period of your personal data depends on the purpose for which the data is processed:
    a) when data processing is necessary to conclude a civil law contract, we will process the data until the expiry of any possible limitation periods for claims under the contract,
    b) for purposes based on our legitimate interest – as long as purposes are valid or until you object.
  6. Under the GDPR you shall have the right to: access the content of your data, request rectification of data, erase the data or restrict the processing thereof in cases provided by law, obtain copies of data, object at any time to the processing of your personal data insofar as the basis for the processing of personal data is our legitimate interest, including due to your particular situation, lodge a complaint to a supervisory authority, i.e. President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, if you consider that during the processing of your personal data we have breached the provisions of the GDPR.
  7. Your personal data may be subject to automated decision-making. Your personal data may be transferred to entities established outside the EEA or to international organisations. Details can be found in our Privacy Policy and in Privacy Policy of 42 Network.
  8. Providing personal data necessary to conduct communication (in particular your e-mail address) is voluntary, but necessary to handle the correspondence and provide you with an answer.

PRIVACY NOTICE NEWSLETTER SUBCRIBERS
We hereby would like to inform you that we process your personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”). Details are given below.

1. Data controller is the „Freedom of Choice” Foundation with its registered office in Warsaw Poland. Contact details: al. Solidarności 171B
00-877 Warsaw e-mail contact@42warsaw.pl.

2. We have appointed a Data Protection Officer whom you may contact directly in all matters related to the processing of your personal data via e-mail: iod@perfectinfo.pl

3. Purpose and legal basis for personal data processing Your personal data in the form of your e-mail address shall be processed
for the purpose of sending you our newsletter based on your consent (pursuant to art. 6 (1) point (a) of the GDPR). As part of the newsletter registration, we store additional data beyond the data already mentioned, insofar as this is necessary for us to prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation email sent by us. The corresponding data processing is based on art. 6 (1) point (a) of the GDPR and is done in the interest of being able to account for the legality of the newsletter dispatch.

4. Your personal data may be transferred to and processed by:
4.1.authorised employees and associates of the Data Controller;
4.2. service providers supplying us with technical organizational solutions that enable us to pursue business activity, including electronic services (in particular e-mail and hosting providers and providers of systems for automation and management of newsletter service;
4.3. entities duly authorized to do so under universally applicable provisions of law.

5. Transfer of personal data to third countries or international organizations

We kindly inform you that we currently use services of MailChimp to send out our newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Thus whenever you enter data for the purpose of subscribing to a newsletter the information is stored on MailChimp servers in the United States. A standard clause agreement with MailChimp regarding data protection according to the GDPR is in place that aims to warrant the compliance with European data protection standards in the United States. accordance with art. 46 sec. 2 GDPR. The text of the agreement is available here.

6. Automated decision-taking, including profiling
With the assistance of MailChimp tool we can analyze the performance of our newsletter campaigns. If you open an e-mail that has been sent through MailChimp tool, a file that has been integrated into the e-mail (a so-called web-beacon) connects to MailChimp’s servers. As a result, it can be determined whether a newsletter message has been opened and which links the recipient possibly clicked on. Technical information is also recorded at that time (e.g. the time of access, the IP address, type of
browser and operating system). This information cannot be allocated to the respective newsletter recipient. Their sole purpose is the performance of statistical analyses of newsletter campaigns. The results of such analyses can be used to tailor future newsletters to the interests of their recipients more effectively. For more details, please consult the Privacy Policies of MailChimp.

7. Data retention period – data you provide us for the purpose of the newsletter subscription shall be processed by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data shall be deleted. This shall not affect data we have been archiving for other purposes. Consent to the processing of personal data may be withdrawn at any time by clicking the link that allows to unsubscribe that can be found in the footer of every newsletter e-mail.

8. Submission of data is fully voluntary but necessary for the purpose stated purpose, and the consequence of failing to provide the data will be our inability to send you the newsletter.

9. You have the right to access your data and obtain copy of it, the right to request that they be rectified or erased, the right to restrict their processing, the right to data portability and the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal, right to object at any time to the processing of your
personal data insofar as the basis for the processing of personal data is our legitimate interest. You are entitled to these rights in the scope provided for in generally applicable provisions of law. You have the right to lodge a complaint with the supervisory authority in charge of personal data protection in the Member State of your habitual residence, place of work, or
place of the alleged infringement if the processing of personal data violates personal data protection laws. In Poland supervisory authority is President of the Personal Data Protection Office Stawki 2, 00-193 Warsaw, ph.: +48 22 531 03 00. Should you have any concerns regarding the way in which we process your data, please contact us in first via the e-mail address:
iod@perfectinfo.pl or at the postal address of our office.