Personal data at Asseco Data Systems S.A. is processed on the basis of applicable laws, in particular the European Parliament and the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/EC (hereinafter: “RODO”) and the Law of May 10, 2018 on the Protection of Personal Data (hereinafter: “the Law”).
This Privacy Policy sets out the rules for the processing of personal data in Asseco Data Systems S.A., as well as the rules for the processing of data in the Websites operated by Asseco Data Systems S.A..
In connection with the provision of training services and contact with Asseco Data Systems S.A., the following personal data may be processed:
collect information regarding the manner in which the User makes use of the Website’s content (they contain a randomly generated, 18-digit unique identifier assigned to web browsers installed on specific User devices),
are used to store data of a logged-in User of the Website (active sessions), including, among others: the selected language of the Website, search filter settings, User data (login or username) used for logging into the Website, or an authorization token for the Website.
Asseco Data Systems, in its role as a controller of personal data, ensures that the rights of the persons whose data it processes can be realized. Requests arising from the rights of data subjects can be realized:
Asseco Data Systems S.A., as controller, provides each individual with information about the processing of his/her personal data. The Data Controller, upon the request of an individual, shall respond whether it processes his/her personal data. If he/she processes his/her data, he/she grants access to personal data and provides information about:
The information specified above is, in accordance with the implementation of the principle of transparency, provided to data subjects in information clauses.
Asseco Data Systems makes every effort to ensure that the data processed in its enterprise are protected to the highest standards. It conducts a risk analysis for the processing activities for which it is the administrator and for the processing of data it has been entrusted with in order to select optimal technical and organizational means by which to ensure confidentiality, integrity and availability of personal data.
The Personal Data Administrator will regularly test, measure and evaluate the effectiveness of technical and organizational measures to ensure the security of processing and adjust security measures according to the results of the measurements.
Asseco Data Systems regularly conducts internal audits and undergoes independent assessments by external auditing firms for standards: ISO 9001, ISO 27001, ISO 22301.