Privacy Policy defines the principles of processing and protection of personal data provided by users of the internet service www.intocongress.eu, hereinafter referred to as the "Service" or "Website."

GENERAL PROVISIONS
PURPOSE AND SCOPE OF DATA COLLECTION

1. Data provided or left by users during registration for services and products provided by the Administrator, as well as during the use of these services and products, is used for the following purposes: a. Providing access to the services and products of the Administrator; b. Registering participation in the European Congress INDUSTRY ON TRANSITION 2024 hereinafter referred to as the "Congress," creating individual accounts in the registration system, organizing the Congress and conducting it, communication, and providing information regarding participation in the Congress; c. Fulfilling the obligations incumbent on the Administrator in connection with the organization of the Congress, arising from applicable legal regulations; d. Information purposes and other activities related to the Administrator's activities on the website ekmsp.eu; e. Executing contracts and commercial processes; f. Marketing purposes (sending commercial information electronically and conducting telemarketing activities); g. Evaluating the organization of the Congress and conducting satisfaction surveys for Congress participants; h. Contacting and exchanging information and data.
2. The Administrator processes the following personal data of users: a. First name, last name, b. Email address, c. Company/institution/organization/university name, d. Number of employees, e. Industry, f. Job position/student, g. Education, h. Phone number, i. City, postal code, province, street, country.
3. Providing the personal data mentioned in point 2 is voluntary but necessary to use the electronic services provided by the Service Provider through the Service and to participate in the Congress.
4. Personal data may be disclosed to: a) Entities authorized under generally applicable laws, in particular institutions authorized to control the activities of the Administrator or obtain personal data based on legal provisions; b) Entities providing services to the Administrator in connection with the organization of the Congress, including entities handling the registration of participants and handling the Congress in the PR area; c) Business partners for direct marketing actions and providing services electronically; d) Entities providing outsourcing services for accounting processes, auditors, legal or tax advisors, and IT service providers to the Administrator.
5. Personal data will not be transferred to a third country or international organization.
6. Personal data will not be subject to automated processing or profiling.

    1. The data controller for personal data contained in the Service is the Regional Chamber of Commerce in Katowice, located at Opolska 15, 40-084 Katowice, registered under the National Court Register (KRS) number: 0000163418, Tax Identification Number (NIP): 6341006202, Statistical Identification Number (REGON): 003445317, email address: gabinet@rig.katowice.pl, phone number: 32 35 111 80, hereinafter referred to as the "Administrator."
    2.  Any individual visiting the website www.ekmsp.eu or using one or more services and/or products offered by the Administrator is considered a user of the Service.
    3. The internet service collects users' personal data entered into forms based on their express consent.
    4. Personal data is defined as any information relating to an identified or identifiable living individual, whose identity can be directly or indirectly determined, especially by reference to an identification number or one or more specific factors determining their physical, physiological, mental, economic, cultural, or social identity. Personal data includes the IP address of the device, location data, internet identifier, and information collected through cookies or similar technologies.
    5. User data is processed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).
    6. The Administrator takes special care to protect the interests of individuals whose data is processed. Specifically, they ensure that the data collected is:
    a. Processed lawfully;
    b. Collected for specified, lawful purposes and not further processed in a manner incompatible with those purposes;
    c. Accurate and adequate in relation to the purposes for which it is processed and stored in a form that allows the identification of the data subjects for no longer than is necessary for achieving the purpose of processing.

LEGAL BASIS FOR DATA PROCESSING AND RETENTION PERIOD

1. The use of the website, registration for services and products provided by the Administrator, and their use, which requires the provision of personal data, is entirely voluntary. The data subject decides whether they want to start using the services provided electronically by the Administrator.
2. Pursuant to the GDPR, personal data will be processed based on Art. 6(1)(a), (b), (c), (f) of the GDPR, meaning: • The data subject has given consent to the processing of their personal data; • Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract; • Processing is necessary for compliance with a legal obligation to which the Administrator is subject, or • Processing is necessary for the purposes of the legitimate interests pursued by the Administrator or a third party.
3. Processing of personal data by the Administrator always takes place within the permissible processing grounds listed in point 2.
4. Personal data will be processed for the period necessary to achieve the processing purposes. Regarding the fulfillment of a contract, data will be processed for the duration of the contract and then for the period required by law or to assert claims. For the purposes of legitimate interests of the Administrator, data will be processed until a positive consideration of the objection to data processing.
5. The Administrator ensures due diligence in appropriately securing the transferred personal data, especially against unauthorized access by third parties.

RIGHTS OF CONTROL, ACCESS TO PERSONAL DATA, AND THEIR CORRECTION

1. Users have the right to access their personal data and correct it.
2. Each person has the right to control the processing of data concerning them, contained in the Administrator's data set, especially the right to request supplementing, updating, correcting, temporarily or permanently suspending their processing, or deleting data if it is incomplete, outdated, untrue, collected in violation of the law, or no longer necessary for the purpose for which it was collected.
3. Each person has the right to object to the processing of data for marketing or other purposes without stating a reason.
4. To exercise the rights mentioned in points 1 and 2, users can send an email to the address: gabinet@rig.katowice.pl or by mail to the address specified in I. point 1.
5. User requests related to the mentioned rights should precisely specify the scope and purpose of the request.
6. Users have the right to file a complaint with the supervisory authority. In Poland, the supervisory authority is the President of the Personal Data Protection Office. Questions regarding the privacy policy should be directed to: komunikacja@rig.katowice.pl. The privacy policy is regularly reviewed and updated as necessary.