Privacy policy

As of 25.05.2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter: RODO) is in force. Its provisions concern the privacy of processed data and aim to strengthen the security and protection of personal data in the EU and replace the European Privacy Directive and national legislation, respectively.
The RODO enables all residents and customers within the EU, to have greater control over the use of their data and how it is obtained and contacted by the data subject. The changes will also enable better protection of personal data.

We are committed to effective privacy protection 
We process all data in compliance with data protection laws and with appropriate safeguards. Transparency in terms of how we collect, process and use data provided by our partners and stakeholders is of great importance to us. Our website uses only the necessary information contained in cookies to properly display the content of the website.

Data Administrator 
The Administrator of personal data is the Institute for Sports Development and Education (hereinafter: the Institute) with its registered office in Warsaw (00-116) at Świętokrzyska Street No. 30 premises 63, registered in the Register of Associations of the National Court Register, XII Economic Department of the District Court in Warsaw under the number 0000391653 on September 08, 2011, NIP 7010327427.

Data Protection Inspector
The Institute has not appointed a Data Protection Inspector due to the lack of prerequisites for the appointment of such an Inspector as stipulated in Article 37 para. 1 lit. b and c of the RODO. In matters related to data protection, the Data Controller can be directly contacted by e-mail at: This email address is being protected from spambots. You need JavaScript enabled to view it. or in writing to its registered address indicated above.

From what sources do we obtain personal data? 
We process personal data that comes from correspondence with our partners and stakeholders through the contact form, among others. We then inform you of the necessary and mandatory data we need for mutual communication. The second source is information we obtain from public sources, such as public address registries, or obtained from partners and stakeholders with whom we work.

For what purposes do we process personal data?
We process personal data only for the following purposes:

  • Managing relationships with partners and stakeholders,
  • Management and monitoring of contracts and services,
  • Financial settlements,
  • Transmission of data to public authorities under applicable laws.

Legal bases for data processing
Our processing of personal data is based on:

  • the consent given, which is the legal basis for data processing; 
  • the relevant contract concluded with the Institute, which obliges us to comply with the provisions contained therein;
  • the provisions of law (e.g., the obligation to retain certain data for a certain period of time); 
  • the pursuit of our legitimate interests, including the purposes listed above.

Automated decision-making
The Institute does not make any decisions using automated decision-making systems.

How long do we keep personal data?
We keep personal data in identifiable form for no longer than is necessary for the purposes for which the data are processed. As a general rule, personal data is retained for the duration of the customer relationship, as well as for a maximum of 6 years after the relationship ends. Retention periods may vary depending on the category of data. The Institute determines and regularly reviews retention periods for specific types of data. When personal data is no longer necessary, it is deleted or anonymized as soon as possible.

Who processes your personal data?
Your data is processed by our employees and associates who need to access the data to perform their duties and trusted entities that cooperate with us if necessary to perform our services, such as: couriers, banks, insurers, law firms, correspondence service providers, IT service providers, HR and payroll company. These entities process personal data in accordance with applicable privacy laws.
When an entity processes data on our behalf, the process is always carried out under a contract that ensures that the processing is carried out securely and in accordance with privacy laws and best data processing practices.
We may additionally disclose personal data to public administration or judicial authorities if we are required to do so by law.

Does the Institute transfer personal data to other countries?
The Institute does not transfer personal data outside the European Union or the European Economic Area (EEA). However, if personal data is transferred outside the EU or EEA, this will be done in accordance with data protection laws, in particular based on a decision of the European Commission or using other tools to adequately safeguard data, such as binding corporate rules, standard data protection clauses adopted by the European Commission, standard data protection clauses adopted by a supervisory authority, or contractual clauses authorized by a supervisory authority.

How is personal data protected? 
The Institute provides the necessary technical and organizational measures to ensure an adequate degree of data protection. These measures include, but are not limited to: monitoring access rights so that only authorized persons process personal data, pseudonymization of data, detailed instructions and procedures, training for those responsible for data protection to increase awareness of data security, limited access to premises, implementation of appropriate documentation for data processing processes, updating contracts for compliance with data protection regulations, and careful selection of our service providers who process personal data on our behalf.

How do we obtain personal data through IP addresses, cookies and similar technologies? 
The Institute may collect data from website visitors through cookies and other similar techniques that:

  • allow us to remember your visits to the website and your preferences regarding the website (e.g., content placement); 
  • allow us to create anonymous statistics about visits to our websites. 

It is possible to block the use of cookies by changing the settings in your web browser, however, this may affect the correct display of the content of our website.

What rights do you have in connection with data processing?

  • Right of access - the ability to confirm whether personal data is being processed at the Institute, and if it is, there is the possibility of receiving a copy of that data and information about the processing being carried out.
  • The right to data portability - in order to transfer personal data, they may be transferred in a structured, commonly used machine-readable format or transmitted in that format directly to another controller.
  • Right to rectification - the ability to correct and complete your data if it is incorrect or outdated.
  • Right to be forgotten - the ability to request the deletion of personal data if:

o the data are no longer needed for the purposes for which they were processed;
o the consent for processing has been withdrawn, thus depriving the Institute of the legal basis for processing the data,
o the data are processed in an unlawful manner, or
o the processing of the data is not necessary to comply with applicable legal requirements or to assert or defend against claims or for statistical or archiving purposes. 

  • Right to withdraw consent - the ability to withdraw consent given for processing for a specific purpose.
  • Right to object to the processing of personal data - you can object to the processing of data if it is done on the basis of legitimate interests of the Institute or a third party. Unless the Institute provides legitimate reasons for the processing, further processing will not be possible.
  • Right to object for direct marketing - you can object to the processing of personal data for direct marketing at any time.
  • Right to restrict processing - it is possible to request the Institute to restrict the processing of personal data, including when the accuracy of personal data is questioned or when an objection to processing has been raised - until it is determined whether the legitimate grounds on the part of the Administrator override the grounds for the objection.
  • The right to request not to be subjected to an automated decision - if a decision would have been made entirely by automated means and the decision has legal consequences, you can request that such decision be reviewed on a new and individual assessment basis. This applies if the Institute cannot prove that the automated decision is necessary for the conclusion or performance of the contract.

To exercise the above rights, send a request to the contact address listed at the end of this Privacy Policy.

  • The right to lodge a complaint to the supervisory authority - it is possible to lodge a complaint to the supervisory authority - the President of the Office for the Protection of Personal Data, if personal data is processed in a manner inconsistent with applicable regulations.

Changes to Privacy Policy
The Institute reserves the right to make changes to this Privacy Policy. Updates may be necessary due to, for example, the development of our services or changes in legislation. Please send questions, comments and requests related to this Privacy Policy by email to: This email address is being protected from spambots. You need JavaScript enabled to view it.