I. Privacy Policy

General Information

This Privacy Policy has been issued by the International Institute of Molecular and Cell Biology in Warsaw and is addressed to all users (hereinafter: “Users”) of the following websites: https://www.iimcb.gov.pl; https://mosaic.iimcb.gov.pl/; https://pokrzywalab.com/; http://zdglab.iimcb.gov.pl/; http://genesilico.pl/;  (hereinafter: “Website”). Definitions used in this Policy are explained in Section XIII below.

The Administrator of the Personal Data obtained through the Website is the International Institute of Molecular and Cell Biology in Warsaw.  Administrator's contact information is provided in Section XI below.

This Privacy Policy may be amended and updated to take into account changes in the practices related to the processing of personal data by the Administrator or the revision of generally applicable laws. We encourage you to carefully review the content of this Privacy Policy and regularly monitor changes made by the Administrator.

II. Processing of Users' Personal Data

Personal Data Collection: The Administrator may obtain Users' Personal Data, such as: identification data (name, surname, posting address), contact data (phone number, email address), business data (position, company data). The Administrator may obtain Users' Personal Data, in particular, in the following cases:

• provision of Personal Data by Users (e.g., through a contact form, email or telephone contact);
• obtaining Personal Data from third parties (e.g., contractors, financial intermediaries, law enforcement entities, including administrative authorities or courts);
• solicit or ask Users to provide Personal Data about Users when Users visit the Administrator's Site or use any functions or resources available on or through the Website. When Users visit the Website, Users' devices and browsers may automatically share certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connection to the Site and other technical information regarding communication), some of which may constitute Personal Data. When visiting the Website, no Personal Data of Users will be stored by the Administrator, without Users' prior expressed consent. Temporary storage of log files and cookies facilitates the use of our Website. For this reason, Users are asked to agree to this on the Website. The granting of the aforementioned consent is optional and does not affect the ability to use the Website. In some cases, without giving such consent, the ability to use the Website may be .

Personal Data Processed: Categories of Personal Data of Users Processed by the Administrator may, in particular, include:

• Identifying information: first name(s), last name(s), first name used, gender;
• Contact information: company (employer) address, telephone number, fax number, email address;
• Message content: all communications, inquiries, statements, views and opinions about us, sent by Users or published on social

 

Processing Personal Data in Social Media: The Administrator uses Fanpage type profiles on social networks. Public data shared by social media Users may be used for:

• responding to private messages that are directed to us,
• conducting discussions within the comments under individual posts,
• sharing our posts with people who are watching our Fanpage,
• marketing to inform people about our services and ourselves through posts we make on our Fanpage, including sponsored posts that are displayed to a wider range of users,
• doing statistics by presenting data about the display of our posts, their reach, the number of interactions, the demographics of our observers; the data presented to us by the owners of social networks is statistical, but it is created based on the observation by this company of your behaviour on our Fanpage.

On our websites, we currently use redirects to the following social networks:

1. https://www.facebook.com/IIMCBinWarsaw
2. https://twitter.com/IIMCB_Poland
3. https://www.linkedin.com/company/international-institute-of-molecular-and-cell-biology-in-warsaw
4. https://www.youtube.com/channel/UCTGv1D2HHHvKZR6ciZp-eTQ

Legal Basis for Personal Data Processing: In processing Users' Personal Data for the purposes indicated herein, the Administrator may invoke one or more of the legal grounds, as applicable:

• processing is carried out on the basis of User's prior, voluntary, specific, informed, and unambiguous consent to the Processing;
• processing is necessary for the performance of the contract that the User has entered into or intends to enter into with the Administrator;
• processing is necessary to fulfil a legal obligation of the Administrator;
• processing is necessary to protect the vital interests of any individual;
• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
• the processing is necessary for the purpose of managing, conducting and promoting Administrator's business and does not cause prejudice to the interests or fundamental rights and freedoms of the User.

Purposes of Personal Data Processing: The purposes for which the Administrator may process Users' Personal Data are as follows:

• Administrator's Website: running and managing the Website, presenting its content; publishing information, communicating and interacting with Users, employees and contractors, as well as potential employees or collaborators, via the
• Offering Administrator's products and services to Users: presentation of the Website and other services, communication related to Administrator's services.
• Communication and IT operations: managing communication systems, acting for IT security purposes, and IT security audits.

III. Sharing Personal Data with Third Parties

The Administrator may share Users' Personal Data to:

• administrative or judicial authorities, at their request, in order to inform them of actual or suspected violations of applicable law;
• persons conducting audits, lawyers, PR agencies, contractors performing service activities, taking into account the obligation of confidentiality arising from the contract or charged to these entities by law;
• third parties processing the entrusted data on behalf of the Administratorregardless of where they are located, as required in Section III below;
• any entity competent for the prevention, investigation, detection or prosecution of criminal acts or the execution of criminal measures, including securing and countering threats to public safety;

Notwithstanding the above, the Website may use plug-ins or content presented by third parties. If Users choose to use them, Users' Personal Data may be shared with third parties or social media platforms. The Administrator hereby recommends reading the Privacy Policy of the third party before using its plug-ins or content.

If we engage a third party to Process Users' Personal Data pursuant to a Processing Entrustment Agreement with such third party, the Processing Entity shall be obligated to (i) process the Personal Data indicated in Administrator's prior written instructions; and (ii) apply all measures to protect the confidentiality and security of the Personal Data and ensure compliance with all other requirements of generally applicable law.

The entity processing Personal Data of Users obtained through the Website is the company perfekcyjneStrony.pl Łukasz Krzyżoszczak (NIP: 6991935805), being the creator of this Website, and also providing technical support services to the Administrator in connection with the use of the Website. This entity stores and processes Users' Personal Data acquired during Users' use of the Website. The entity processing Personal Data shall ensure the full security of Users' Personal Data through the use of innovative and adequate technical and organizational measures. The entity processing Personal Data may not use Users' Personal Data provided to it for purposes other than those for which it was entrusted to it by the Administrator. The Administrator has entered into an agreement with the entity processing Personal Data for the entrustment of the processing of Personal Data, on the basis of which the entity processing Personal Data has been obliged to comply with the requirements for the protection of Users' Personal Data.

IV. International Transfer of Personal Data

The Administrator does not transfer and does not intend to transfer any Users' Personal Data to third countries that are not members of the European Union or to international organizations. If necessary, this Privet Policy will be modified, and the transfer of Users' Personal Data will be allowed only on the basis of standard contractual provisions that the Administrator will implement before transferring such Personal Data. In this case, Users will be entitled to request a copy of the standard contractual terms and conditions applied by the Administrator, using the contact information indicated in Section XI below.

V. Data Protection

The Administrator informs that it has implemented appropriate technical and organizational security measures to protect Personal Data, in particular including safeguards against accidental or unlawful destruction, loss, alteration, unauthorized publication, unauthorized access and other unlawful and unauthorized forms of Processing, in accordance with applicable law.

The Administrator is not responsible for the actions or failures of Users. Users are responsible for making sure that all Personal Data is sent to the Administrator in a secure manner.

VI. Data Accuracy

The Administrator shall take all adequate measures to ensure that:

• all Users' Personal Data that the Administrator processes are accurate and, if necessary, up-to-date;
• all Users' Personal Data that are processed by the Administrator that are erroneous (given the purpose for which they are processed) will be deleted or corrected without undue delay.

The Administrator, at any time, may ask Users about the accuracy of the Processed Personal Data.

VII. Minimizing the Scope of Data

The Administrator shall take all adequate measures to ensure that the scope of Users' Personal Data that it processes is limited to Personal Data adequately required for the purposes indicated in this Privet Policy.

VIII. Data Storage

The criteria determining the duration of the period for which the Administrator stores Users' Personal Data are as follows: The Administrator shall keep copies of Users' Personal Data in an identifiable form only until it is necessary to achieve the purposes indicated herein, unless a longer retention period is required by generally applicable law. The Administrator may, in particular, keep Users' Personal Data for the entire period necessary to establish, exercise or defend its claims.

IX. Users' Rights

In accordance with the provisions of the General Data Protection Regulation, with respect to Users' Personal Data that is Processed by the Administrator, Users have the following rights:

• the right to access personal data;
• the right to rectify personal data;
• the right to delete personal data;
• the right to restrict the processing of personal data;
• the right to portability of personal data;
• the right to object to the processing of personal data;
• the right not to be subject to a decision based on automated.

If the Processing of Personal Data is carried out on the basis of Users' consent, Users have the right to withdraw their consent at any time without affecting the legality of the Processing carried out on the basis of consent before its withdrawal. For this purpose, please contact the designated Data Protection Officer at email This email address is being protected from spambots. You need JavaScript enabled to view it. or via telephone: 502 431 288

In case of improper Processing of Personal Data, Users have the right to lodge a complaint to the state supervisory authority for data protection, i.e., the President of the Office for Personal Data Protection (2 Stawki Street, 00-193 Warsaw).

The above provisions do not affect the rights of Users under laws or other generally applicable regulations.

To exercise one or more of your rights or to inquire about these rights or any other provision of this Policy or the Processing of your Personal Data, please contact us using the contact information set forth in Section XII below.

X. Cookies

The Administrator uses the following Websites:

• https://www.iimcb.gov.pl/;
• https://mosaic.iimcb.gov.pl/;
• https://pokrzywalab.com/;
• http://zdglab.iimcb.gov.pl/;
• http://genesilico.pl/;

When you use the Website, data about you are automatically collected. These data include IP address, domain name, browser type, operating system type. These data may be collected by cookies, Google Analytics, and may be recorded in server logs.

Cookies are text files of small size sent to your computer or other terminal device when you browse the Website. Cookies remember user's preferences, which makes it possible to improve the quality of the services provided, improve search results and the relevance of the information displayed and personalize the website, create website statistics.

The Administrator of cookies is the International Institute of Molecular and Cell Biology in Warsaw.

You may opt out of cookies (or apply the appropriate setting of preferences for their use by the web browser you are using) by selecting the appropriate settings in the web browser you are using.

You give your consent for the Service Provider to store or access cookies by reading the message about the use of cookies during your first visit to the Website, selecting consent for all cookies or selected cookies. The user can change the use of cookies at any time through the settings of the browser installed on user's device.

The Administrator uses the types of cookies listed below:

1. Technical files – files that are critical, enabling users to navigate the Website and use its features, such as accessing secure areas on the Website.
2. Performance files – files that collect information about how users use the Website, which parts of the Website they visit most often.
3. Functional files – files that record choices made by users (such as username, language, or the region in which users reside).

Third-party social media (e.g., Facebook, Twitter, LinkedIn) may record information about you, for example, when you click on the “Add” or “Like” button for a particular social network while on the Website. The service provider does not control third-party sites or their activities. Information on social media sites is available on their sites.

Data provided by the user or collected automatically are used by the Administrator for the following purposes:

1. proper operation, configuration, security and reliability of the Website,
2. session status monitoring,
3. customize the information displayed to user's preferences,
4. analysis, statistics, research and audit of Website's impressions.

If you have any additional questions about the use of cookies, please contact us at the following email address This email address is being protected from spambots. You need JavaScript enabled to view it.. The rules set forth in the Cookie Policy are governed by Polish law.

 

XI. Contact Information

If you have any questions, concerns or comments regarding the information contained in this Policy or any other issues related to Administrator's Processing of Users' Personal Data, including for the purpose of exercising the rights referred to in Section IX of this Policy, please contact:

Personal Data Administrator: International Institute of Molecular and CellBiology in Warsaw, based at 4 Księcia Trojdena St., 02-109 Warsaw, Poland (hereinafter PDA).

Data Protection Inspector: Ms. Karolina Sybilska; email This email address is being protected from spambots. You need JavaScript enabled to view it.; telephone: 502 431 288.

XII. Definitions

• Administrator means the entity that decides how and for what purposes Personal Data are processed. The Administrator is responsible for the compliance of the processing with the applicable law on the protection.
• Personal Data mean any information about any identified natural person or an individual who is identifiable. Examples of Personal Data that the Administrator may process are listed in Section II above.
• Process or Processed means any action with respect to Personal Data, whether or not performed by automated means, such as acquiring, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, making available by transmission, disseminating or otherwise making available, organizing or combining, restricting,
• Entity Processing Personal Data means any person or entity that Processes Personal Data on behalf of the Administrator (other than an employee of the Administrator).