Fundacja Independent UA, Krakow, 05/20/2022
The INDEPENDENT UA Foundation is a non-profit non-governmental organization which is raising funds to help the Ukrainian people oppose the russian invasion.
In carrying out our activities, we collect and process users’ the personal data in order to effectively implement our mission.
We want to familiarize you with the regulations that are currently in force so as to give you full knowledge and a sense of security while cooperating with the Foundation.
From May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals about the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC applies (commonly referred to as “GDPR”).
The GDPR will apply to the same extent in all European Union countries, including Poland, and introduces a number of changes in the rules governing the processing of personal data that will affect the performance of the organizations and associations, including our Foundation. In addition to the GDPR, within the Polish legal system also the Act of May 10, 2018 on the protection of personal data (i.e. Journal of Laws of 2019, item 1781) applies, which clarifies some of the principles of personal data protection.
In the information below, we present a summary of the most important issues regarding the processing of your personal data that will take place after May 25, 2018 in connection with the use of our services.
What is personal data?
According to the GDPR, personal data is information about an identified or identifiable natural person. Such data are, for example: name and surname, address, telephone number, Internet ID, health status, marital status, economic situation, legal situation.
Administrators – Who processes the data?
The administrator of personal data is the Independent UA foundation, with its registered office at ul. Jana Kasprowicza 8A/1, 31-523, Kraków, Poland, entered into the National Court Register under the number 0000967002.
Why do we collect personal data? – The basis and purpose of the processing
The processing of personal data requires a legal basis. The GDPR provides for several types of such legal grounds for data processing. The Foundation’s activities will, as a rule, include four of them:
– Necessity of processing to conclude or perform a contract to which you are a party. In our case, the contract consists of regulations and contracts with employees, associates, volunteers, and scholarship holders.
– Necessity of processing the data for purposes resulting from legitimate interests pursued by the administrator, that is to say, the Foundation. This basis for processing applies to cases where the processing of personal data is justified due to our justified needs, which includes the implementation of the Foundation’s goals, such as, for example, promoting our mission in the society, which is to ensure a happy, violence-free childhood for every child and raising funds for the implementation of this mission.
– Your free consent. In our case, it is a consent to the provision of interdisciplinary help (psychological, legal, medical, social) for an ECF’s client or their parent / legal guardian. Using the Foundation’s support is not possible without consenting to the processing of personal data. Your other rights resulting from the consent are described below.
– Legal obligations, in our case it is, for example: providing materials at the request of an authorized body, ex. a court.
How do we process personal data? – Principles of data processing
Your data will be processed by the Foundation only if we have one of the legal bases permitted by the GDPR and only for the purpose adapted to the given basis, as described above. Your data will be processed until there is a basis for their processing – i.e. in the case of granting a consent until its withdrawal, restriction or other actions on your part limiting this consent, if the data is necessary for the performance of the agreement – for the duration of its performance, and if the basis for data processing is the legitimate interest of the administrator – as long as this legitimate interest exists. Personal data will not be processed in an automated manner, apart from being classified in the form of an electronic database.
Do we share Your data with someone else? – Data transfer
Your data will be transferred to other recipients only to the extent necessary: state and local government institutions authorized to request them based on legal provisions, grant providers, in accordance with the provisions of the agreement, and subcontractors to provide the service. In any case, the transfer of data does not release us from responsibility for their processing. We control especially our subcontractors and conclude appropriate agreements in this regard.
What are my rights? – Rights of the person – owner of the data or their legal guardian
Pursuant to the GDPR, you have defined rights over your data and its processing by us. In the event that we process the child’s personal data, the following rights are exercised by the parent or legal guardian.
If you have given your consent to the processing of data, you can withdraw it at any time.
You also have the right to:
– access to your personal data,
– rectify your personal data,
– delete your personal data,
– restrict the processing of your personal data
– object to the processing of your personal data,
– transfer your personal data.
– make a complaint to the supervisory body – currently it is the President of the Personal Data Protection Office
You are also entitled to the above rights if the data is processed correctly by the administrator. Remember that the withdrawal of consent to the processing of personal data or objection to the processing, as well as the request to limit the scope of data processing or their removal does not affect the lawfulness of the processing carried out earlier.
If I still have questions?
Sending an e-mail to: firstname.lastname@example.org you can ask a question or comment on the data processing and your rights