Privacy policy

1. General provisions

This Privacy Policy contains general information regarding the manner the National Information Processing Institute (hereinafter referred to as ‘OPI PIB’) processes the personal data of the individuals:

  1. who visit websites, applications and online tools owned by OPI PIB, or use the Services they provide
  2. who participate in tendering procedures to select tenderers,
  3. who participate in implemented projects,
  4. whose data is processed as part of research and development works,
  5. who collaborate on contracted Services or tasks,
  6. whose data is processed in connection with the processes at OPI PIB,
  7. who contact OPI PIB in any matters, including those who send correspondence, request access to public information, submit offers, or provide their personal data to OPI PIB for any purpose.

The above instances of data processing are hereinafter jointly or individually referred to as ‘Services’.

Depending on the nature and the manner of data processing, a separate dedicated privacy policy may apply to some Services that necessitate data processing (security policy, protection policy).  If no separate policy has been established for a particular Service, this Policy shall apply.

We respect the privacy of individuals who use our Services. We make this Privacy Policy publically available, so that all users gain access to the information on the processing of their personal data and so that they can independently, freely and consciously decide if they wish to use the Services.

This Privacy Policy lays down, in general terms, how and to what extent OPI PIB gathers the personal data of individuals using the Services, the purposes for which the data is used, to whom the data is made available, and how the data is protected. The Privacy Policy also specifies the rights of the data subjects.

If, within the scope of the Services, individuals are redirected to other service providers or entities implementing specific tasks, they shall be bound by a privacy policy specified by such providers and entities.

This Policy is of a general nature and lays down the most important matters pertaining to personal data processing. This Policy is supplemented by the OPI PIB Personal Data Security Policy and relevant detailed rules or information clauses which individuals receive or accept at the moment their personal data is collected, including through newsletter subscription, contact forms, user accounts on a given website, participating in a public procurement procedure, and participating in a recruitment process.

The scope within which we use cookie files in the Internet or other data-gathering technologies is specified, for the OPI PIB main page, in item 13 below. In the case of other websites administered by OPI PIB, the rules regarding the use of cookies can be laid down in separately dedicated cookie policies.

All personal data we gather in connection with the use of Services is processed responsibly and diligently, and in line with legal requirements. The data is processed in a transparent procedure for the purposes it has been gathered, upholding the principle of data minimisation and storage restriction and ensuring control over data processing through making possible for every data subject to exercise their rights related to their data under GDPR.

2. Contact data

2.1 Personal data controller

The Personal Data Controller, as part of the Services, is the National Information Processing Institute headquartered in Warsaw at the following address: al. Niepodległości 188b, entered in the Register of Entrepreneurs maintained by the Regional Court for the capital city of Warsaw, Commercial Court, 16th Commercial Division of the National Court Register, under No. 0000127372, tax identification number (NIP): 525-000-91-40, business entity statistical number (REGON): 006746090.

Address: Ośrodek Przetwarzania Informacji – Państwowy Instytut Badawczy

Al. Niepodległości 188b

00-608 Warszawa

Website: www.opi.org.pl

E-mail: opi@opi.org.pl

Tel. +4822 570 14 00

2.2 Data Protection Officer

E-mail: iod@opi.org.pl

Correspondence address with a postscript ‘IOD‘:

Ośrodek Przetwarzania Informacji – Państwowy Instytut Badawczy

Al. Niepodległości 188b

00-608 Warszawa

3. Rules of law

The OPI PIB privacy policy is based on the following legal documents:

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L No. 119, p. 1) – hereinafter referred to as ‘GDPR’,
  2. Act of 10 May 2018 on Personal Data Protection (Polish Journal of Laws of 2018, item 1000),
  3. Telecommunications Act of 16 July 2004 (Polish Journal of Laws of 2017, item 1907, as amended),
  4. Electronic Services Act of 18 July 2002 (Polish Journal of Laws of 2017, item 1219, as amended),
  5. Act on Higher Education and Science of 20 July 2018 (Polish Journal of Laws of 2018, item 1668, as amended),
  6. Act on Research Centers of 30 April 2010 (Polish Journal of Laws of 2018, item 736).

4. Rules of personal data processing

As part of personal data processing of individuals using the Services of OPI PIB, particular attention is paid to ensuring the data is processed in a secure, diligent, legal and transparent manner for an individual to whom the data pertains.

These are the most important rules to which OPI PIB adheres when processing data:

  1. Personal data is collected only in a minimal scope, vital to meet the goals it has been collected for,
  2. The goals of gathering personal data are clearly specified and are supported by the law or statutory activities of the Institute; OPI PIB does not process data in a manner incompatible with said goals,
  3. OPI PIB ensures the up-to-date information and correct personal data of individuals using the Services and immediately reacts to any requests for clarification or data update, unless relevant laws stipulate otherwise,
  4. OPI PIB recognises the right of data subjects to access and correct their personal data, unless relevant laws stipulate otherwise,
  5. OPI PIB also recognizes, wherever applicable: the right of data subjects to have their personal data deleted, withdraw their consent, request to restrict the processing of their data, transfer their data, object to data processing, not to be subject to a decision based solely on automatised data processing, including profiling,
  6. OPI PIB restricts the storage of personal data in accordance with the law only to the period essential to meet the goals for which it is gathered, unless legitimate reasons exist to prolong the data storage period,
  7. OPI PIB protects personal data from loss, unauthorised access, accidental loss or change, as well as from other illegal forms of processing,
  8. Whenever personal data is made available to other entities, it is safely disclosed under contract and in accordance with applicable rules of law,
  9. Protection of natural persons in connection with the processing of their personal data is one of the basic rights of each data subject. OPI PIB pays particular attention to respecting the privacy of data subjects whose data is processed, regardless of whether the data has been acquired directly from a data subject or from other sources.

5. Rights of data subjects connected with processing

OPI PIB recognises the rights of data subjects connected with the processing of their personal data in the context of using the Services. Those rights stem from applicable personal data regulations, in particular from GDPR (Articles 16-21).  Enforcement of a right may be subject to exceptions resulting only from applicable laws, of which a person making a request shall be notified by the administrator.

A data subject whose personal data is processed as part of the Service, excluding the exceptions as stated in the rules of law, is entitled to:

  1. withdraw their consent to process their personal data at any time if the consent is the legal basis of data processing,
  2. access the data; the data subject has the right to receive information from OPI PIB confirming that their personal data has been processed by OPI PIB and stating the purpose for which it is processed, how it is processed and for how long it has been or will be processed,
  3. clarify out-of-date or incomplete personal data, as well as the right to complete it if it is incomplete,
  4. object to the processing of their personal data if OPI PIB processes their personal data based on the justified interest (e.g. for analytical, statistical, evidentiary or archiving purposes).  In the case of objection OPI PIB shall cease to process the data, unless OPI PIB demonstrates relevant, legitimate bases for processing which, objectively, ought to have priority over the interest of the data subject, or are essential to determine, assert or defend claims (e.g. for evidence purposes or assertion of claims),
  5. delete their personal data (‘the right to be forgotten’). As a rule,the controller can be requested to immediately delete the data of the applicant under Article 17 of the GDPR. However, there are exceptions to this rule (particularly in the case of determining, asserting or defending claims),
  6. restrict the processing of their personal data, which, in practice, may consist in temporarily blocking their access to the data or in transferring the data to another system,
  7. transfer the data; the data subject is entitled to receive backup copies they have provided to OPI PIB, if their data is processed on the basis of their consent, on the basis of a contract, or in an automated manner,
  8. submit a complaint to a supervisory body, i.e. to the President of the Personal Data Protection Office headquartered in Warsaw at the following address: ul. Stawki 2.

All applications and requests pertaining to the processing of personal data, including those pertaining to the enforcement of rights should be submitted by email to opi@opi.org.pl or iod@opi.org.pl, or by mail at: Ośrodek Przetwarzania Informacji – Państwowy Instytut Badawczy, al. Niepodległości 188b, 00-608 Warszawa

OPI PIB shall reply to applications/requests without unreasonable delay, but in no event later than within 30 days as from the moment of receiving the application/request.  The above deadline may be extended by another two months if a particular request proves complex or in case of a significant number of requests, of which the applicant shall be notified.

The applications/requests ought to include a name and surname of the applicant as well as contact details (telephone number, email address and, in the case of application/requests in writing, a correspondence address). If the applications/requests pertain to the use of websites, please provide an address of the website or information about the Service provided by our websites and additional clarifications supplementing the submitted application (in order to speed up the application handling process). In the case of handing some applications/requests, OPI PIB may ask for additional information to confirm the identity of the applicant.

6. Personal data security

OPI PIB undertakes technical and organisational measures to protect personal data from illegal or unauthorized access or use, as well as from accidental destruction, loss, or privacy breach. The rule of ensuring security is implemented at every stage of data processing and in every area of OPI PIB activity. The safety procedures include in particular: access security, backup copy system, monitoring, maintenance and upkeep, security incident management.

In order to ensure data processing security, OPI PIB is obliged to include the rules of:

  1. confidentiality, i.e. protection of data from accidental disclosure to third parties,
  2. integrity, i.e. protection of data from unauthorised modifications,
  3. accessibility, i.e. ensuring access to data to authorised persons, if the need arises.

Personal data may be processed by third parties only if the subject commits to providing proper technical and organisational measures guaranteeing that personal data processing is secure, as well as maintaining its confidentiality. Each person having access to personal data that is processed at OPI PIB is duly authorised and obliged to keep it confidential.

Personal data which data subjects provide on our websites is encrypted and protected by the SSL certificate.

7. How we process personal data

7.1 For what purpose and on what basis does OPI PIB process the data of persons using the Services?

OPI PIB processes personal data only for specified, explicit and legitimate purposes.

The purpose and the legal basis of personal data processing is at any one time stated in a separate notice issued by OPI PIB and dedicated to specific Services, projects, research, development works, contracts, tendering procedures, public orders, etc. within the scope of which personal data is processed.

Listed below are various legal bases and purposes for which OPI PIB can process personal data (as part of a single data processing procedure, personal data can be processed for several different purposes and on the basis of various legal bases):

Consent of a data subject. Consent can be given by submitting a declaration of will or by express confirmation actions, or by other actions of data subjects, including by providing data and sending out a form, or by being obligated to tick a checkbox, for example. In both cases, the legal basis shall be Article 6 item 1 letter (a) of GDPR. In any case, after giving his/her consent, the data subject may withdraw his/her consent in the manner specified in the information on the processing of personal data dedicated to a given Service. The consent forms a legal basis if, including but not limited to, the data subjects:

  1. freely provide OPI PIB with their data and request that OPI PIB, for example, issues a report or provides Services offered by OPI PIB,
  2. reach out with a contract request,
  3. send any kind of email to an address in the opi.org.pl domain,
  4. subscribe to a newsletter,
  5. send queries or comments with the use of the appropriate contact forms,
  6. gather information about fairs, exhibitions, conferences and other science events organised by entities in the scientific community.

In the case of queries addressed to OPI PIB regarding the possibility of providing specific Services, the legal basis for personal data protection, should such Services be accepted, shall change to steps needed to enter into a contract or to a contract (Article 6 item1 litter (b) of GDPR).

Performance of a contract or steps needed to enter into a contract
(Article 6 item 1 letter (b) of GDPR)

The legal basis in the form of a contract or in the form of steps needed to enter into a contract shall apply, including but not limited to, if OPI PIB processes personal data within the scope of Services provided by OPI PIB websites, e.g. BWNP, Inventorum or Navoica, as it is necessary to perform a contract entered into by OPI PIB by accepting the terms of electronic services available in said websites and for the purposes specified therein.

This legal basis is also applied to the processing of data of contractors providing Services to OPI PIB as natural persons.

In some cases, the processing of personal data may be based on compliance with a legal obligation imposed on the controller (Article 6 item 1 letter (c) of GDPR).

This applies in particular to the obligations imposed on OPI PIB resulting from legal regulations, specifically tax or labor law regulations, but also industry regulations concerning OPI PIB as an entity having the status of a research institute (reporting obligations arising from the Act on Research Institutes or the Act on Higher Education and Science). Personal data shall be processed on the basis of the premise resulting from legal regulations also in the case of performance of public orders announced by OPI PIB and requests for proposal carried out under by-laws drafted on the basis of such regulations.

Based on the premise of fulfilling legal obligation, OPI PIB processes personal data for archiving purposes, which results from the Act of 14 July 1983 on National Archival Collections and Archives; under said regulations a public entity is obliged to archive documents within the scope of which personal data is processed in accordance with an adopted office procedure.

Performance of a task conducted in the public interest (Article 6 item 1 letter (e) of GDPR)

OPI PIB processes personal data because it is necessary for the performance of a task conducted in the public interest, which includes: supporting the processes of organising and financing scientific research; dissemination of knowledge about science, scientific research and development work; preparation of analyses, opinions and expert reports on conducted scientific research, acquisition and development of aggregate, comprehensive and synthetic information concerning scientific research and development work, including for statistical purposes and support for the scientific and academic community.

W związku z powyższym OPI PIB przetwarza dane osobowe w następujących celach:

  1. promote and publish information regarding scientific, research, development and expertise activity of persons registered in the bases managed by OPI PIB,
  2. promote and present scientific achievements,
  3. provide comprehensive information on scientific, research, development and expertise activity at the request of entities operating within the scope of scientific community as well as at the request of public administration bodies and entities, and of any other interested persons,
  4. use gathered data to create analyses and statistics for Polish science, the Polish scientific community, and scientific research,
  5. inform the entities interested in transferring knowledge and technology from the science sector to the business sector,
  6. store and manage archival data for the public interest,
  7. carry out scientific and research study tasks,
  8. perform statistics-related tasks,
  9. organize trainings.

Legitimate interests (except where OPI PIB interests are overridden by the interests or fundamental rights and freedoms of the data subject) (Article 6 item 1 letter (f) of GDPR)

Basing on the principle of legitimate interests, OPI PIB processes personal data, among other things:

  1. to monitor publicly available traffic routes,
  2. for the purpose of financial settlements,
  3. to prevent and detect fraud,
  4. for evidence and archival purposes, as well as protecting the information in case of a legal need to determine facts or to determine, assert or defend against claims;
  5. for analytical and statistical purposes to ensure the quality of services provided to optimise operation processes. In this case aggregate data is the result of the processing,
  6. in connection with performance of Services provided electronically to ensure their security,
  7. to handle the complaint procedure,
  8. to exercise the rights of data subjects, specifically the right to data accuracy, the right to withdraw the consent, and the right to store requests and proofs necessary to serve the data subjects,
  9. to ensure data security, in particular to ensure that data is integral, accurate and up-to-date,
  10. to enter into and perform contracts representing a business partner or individuals appointed as contact persons.

Manner of data collection

As part of the use of Services, OPI PIB collects personal data of persons when they fill in forms on OPI PIB websites, contact OPI PIB by phone, ask questions or send messages with the use of websites or online tools belonging to OPI PIB, and automatically collects data included in system logs and cookies.

Personal data is also collected from persons entering into contracts, sending offers, submitting inquiries in any way, filing applications in the public information access mode, participating in tender procedures, offering cooperation, and participating in training courses.

Personal data is provided to OPI PIB also from science centres in which the data subject is employed as a researcher or academic teacher, or conducts scientific activities in that centre.

OPI PIB also obtains data for scientific and research, analytical or statistical purposes from publicly available sources, such as public databases.

What data can we process and where do we get it from?

Personal data may cover a different range of data, depending on the category of the data subject, on the Services he/she uses, and on the purpose for which the data is collected.

At any one time OPI PIB processes only the necessary data range.

Within the scope of Services, personal data processed by OPI PIB include: identification data (e.g. name, surname), contact data (e.g. telephone number, email address, address of residence), data concerning inquiries, orders, complaints, data concerning scientific and research activities, data concerning publications, data concerning the place of employment. In the case of economic operators, data also includes the company name, tax identification number, and contact person details (position).

If data is collected in connection with the fulfillment of obligations under legal regulations, we process only the data that is required by such regulations.

As far as using the Services is concerned, in which case data processing is not based on legal regulations, providing personal data is voluntary, but often necessary to be able to use the Services; in all other cases, the data is collected because of applicable legal regulations, of which the data controller shall notify the data subjects in relevant information clauses dedicated to particular Services.

In connection with the use of OPI PIB websites we also collect data through cookies or other similar technologies (e.g. tags, pixels). The range of data recorded in connection with the use of cookies is detailed in point 13.

Forms intended to collect personal data within the Services must be filled in by adults only. In view of the above, OPI PIB does not intentionally process any personal data of any individuals under 16 years of age. Consent shall be legally valid only if given by persons aged 16 and over. No person using the Services who is under 16 years of age should provide OPI PIB with any information. Should OPI PIB become aware that a person under 16 years of age has provided us with personal data without a verifiable parental consent, OPI PIB shall not process such data and access to the Services shall be blocked.

8. Consent. Withdrawal of consent.

Withdrawal of consent shall make it no longer be possible for a person to use certain Services: he/she shall not receive any newsletters, answers, invitations to events, conferences, and his/her scientific activity will cease to be promoted.

Withdrawal of consent shall not affect the lawfulness of the processing of personal data conducted before the consent was withdrawn.

The consent withdrawal request shall be considered immediately after it has been received. After the request has been considered, OPI PIB shall cease to process personal data for the purposes to which the data subject agreed in the consent. However, until the application is considered, a person may receive information from which he/she has resigned after withdrawing his or her consent, due to the time needed to consider the application in the OPI PIB systems.

If OPI PIB processes the data of persons for purposes other than those for the processing of which the consent was given (e.g. performance of contracts, services, demonstration of evidence, assertion of claims), it may continue to process it for such purposes, but on a different legal basis.

Detailed information regarding management of consent to install and use cookies can be found in a separate Cookies Policy.

In any case, consents given may be withdrawn at any time without giving any further explanation. Consents may be withdrawn by sending an email to opi@opi.org.pl, iod@opi.org.pl, by submitting a contact form, by calling at +48 22 570 14 00 or by sending a request to the address of OPI PIB’s registered seat.

If a request to withdraw the consent is made on the phone, further verification may be required to confirm the identity of the caller.

9. Storage of data

Data will be stored for as long as it is necessary to achieve the purposes for which it has been collected. If possible, OPI PIB shall specify the data storage period in the information clauses dedicated to particular Services.

If the data is processed on the basis of consent, the data will be stored until the expiry date of that consent or until the consent is withdrawn.

However, the storage period may change, i.e. personal data may be stored longer if required by law, or if it is necessary to determine, assert or defend against claims (e.g. until the end of the statutory limitation period for claims, we may keep proof of a user’s consent), or shorter, e.g. after data has been deleted upon request.

The period of storage of personal data is determined in accordance with the applicable legal regulations. The data subject has the right to request information from OPI PIB about the planned and likely duration of storage of personal data.

Listed below are the usual basic data storage periods for particular Services:

  1. newsletter subscription – until a user decides to unsubscribe,
  2. in the case of data processing connected with the implementation of a task in the public interest – until the purpose of the processing ceases or until an objection connected with a specific situation of the data subject is made, unless it proves vital to further process the data,
  3. in the case of correspondence sent via a contact form – until either an objection is raised, the consent is withdrawn, or the purpose of the processing ceases, but for no longer than 3 years,
  4. provision of services by electronic means or in connection with contracts concluded – for the duration of the contract, but for not longer than until the end of the statutory limitation period for claims,
  5. in the case of the purposes based on legitimate interests – for the period of validity of those purposes or until an objection is raised, but in no event for any longer than 5 years, unless it is necessary to store the data for a longer period, provided that such an obligation arises from legal regulations or that it proves necessary to determine, defend or assert claims,
  6. for the purposes connected with public procurement procedures – for a period of 5 years,
  7. for purposes connected with the settlement of public law receivables – for a period of 5 years,
  8. for archival purposes – for the period specified in an adopted office procedure and a uniform itemised list of files for a given document.

10. Recipients of data. Making data available to other entities.

The following data recipients may have access to personal data:

  1. authorised employees of OPI PIB
  2. employees of the entity supervising the activities of OPI PIB,
  3. employees of public administration bodies or entities, in connection with their tasks resulting from legal regulations
  4. service providers and their authorised employees who, under an agreement, have been entrusted with the processing of personal data for the purpose of providing services to OPI PIB in connection with performance of their own services, in particular entities operating IT systems, providing consulting, legal, auditing and other services.

If possible, OPI PIB shall specify the actual recipients of the data in information clauses, and, should it prove impossible, OPI PIB shall specify the category of recipients.

Depending on the type of Service used (e.g. databases kept for the purpose of promoting the scientific activity of persons), data may also be made available to all entities interested in obtaining information on the state of Polish science and higher education, wishing to conduct scientific research, scientific works, or are interested in the commercialisation of scientific research results, seeking contact with experts from particular fields or disciplines of science, willing to conduct development works in their enterprises and those interested in contact with an expert from a particular field/discipline of science, to all entities interested in scientific, research and development activity in order to make contact with other individuals or entities or to conduct research.

Personal data may also be made available to other recipients which act as processing entities providing services ordered by and performed on behalf of OPI PIB and which were commissioned to carry out tasks requiring data processing in connection with personal data processing, in particular within the scope of IT services, archiving, correspondence, e.g. to auditors and professional advisors. In some cases, external entities providing services on behalf of OPI PIB may act as independent administrators, e.g. Poczta Polska or other postal operators.

In justified cases, personal data may also be made available to public administration bodies (e.g. prosecutor’s office, police, city guard, public offices) and courts.

If data recipients process personal data of data subjects in their own capacity and on their own behalf, e.g. offer products and services through their own channels without involving OPI PIB, or provide services on their own behalf, they shall become independent data controllers and, in that respect, they shall be solely liable for the processing of such personal data and shall not be bound by the Privacy Policy of OPI PIB.

Services provided by OPI PIB may include links to other websites, social networking sites or websites of cooperating entities. Whenever a person accesses a third party website, he or she will be subject to a separate privacy and data protection policy for that website. In that case, it is necessary to read the privacy and personal data protection policies for each of the websites.

11. Transfer of data to countries from outside the EEA

As part of its Services, OPI PIB does not transfer personal data to countries from outside the European Economic Area, except for data that is publicly available on the Internet, if it is available outside the EEA.

12. Automatic processing (including profiling) of personal data

As far as particular Services are concerned, personal data may undergo automatic processing (including profiling), but that shall not have any legal effect on persons or significantly affect their situation.

Personal data profiling at OPI PIB consists of the automatic processing of data by using it to evaluate some information about individuals included in databases and, in particular, to analyse the domains or disciplines in which a given individual specialises.

13. Data processing with the use of cookies and other internet technologies

Whenever an individual uses OPI PIB websites, we collect data contained in system logs and cookies or other similar internet technologies. More information on the use of cookies and other internet technologies can be found in the separate cookie policies dedicated to each of the websites. As far as www.opi.org.pl main page is concerned, detailed information on cookies and analytical tools used on the website is included in Appendix No. 1 to this Policy.

14. Amendments to the Privacy policy

OPI PIB reserves the right to amend this Policy, which may result from the need to adapt to changes in legal regulations or in applicable privacy standards. In view of the above, OPI PIB shall notify the public of any amendment by publishing a relevant notice on its website.

Appendix No. 1 – information regarding cookies for the page https://www.opi.org.pl and used analytical tools

  1. The website with the URL https://www.opi.org.pl (hereinafter referred to as ‘the Website’) automatically gathers information in two ways: by using the Google Analytics tool and through cookie files.
  2. The cookie files (also referred to as ‘cookies’) constitute IT data, including text files, which are stored in the terminal device of the Website user and designated for using the webpages of the website. The cookies usually contain the page name, from where they originate, the time of their storage on the terminal device, as well as a unique number.
  3. The entity saving cookie files on the terminal device of the user and gaining access to such files is the Website operator: Ośrodek Przetwarzania Informacji – Państwowy Instytut Badawczy (National Information Processing Institute) headquartered at the following address: al. Niepodległości 188b, 00-608 Warszawa.
  4. Cookie files are used to:
    1. adjust content stored on the pages of the website to user preferences and to optimize the use of pages; in particular, the files allow the device of the user to be recognized and to properly display a page, adjusted to user’s individual needs,
    2. create statistics which can help understand how the users of the Website use the pages, which makes it possible to improve their structure and content.
  5. The Website uses two basic cookie files: the ‘session cookies’ and the ‘persistent cookies’. ‘Session’ cookies are temporary files which are stored on the final device of the user until the user logs out, leaves a website or closes the software (web browser).  ‘Persistent’ cookie files are stored on the final device of the user for a specified time as indicated in the parameters of cookie files or until they are deleted by the user.
  6. The Website uses the following types of cookie files:
    1. ‘strictly necessary’ cookie files, allowing to use the Services on the Website, e.g. authenticating cookie files used in the Services requiring authentication on the Website;
    2. cookie files, used to ensure security, e.g. used in detection of unauthorised authentication to the Website;
    3. ‘performance’ cookie files allowing to collect information on how the pages of the Website are used;
    4. ‘functional’ cookie files, allowing to ‘remember’ the settings chosen by the user and to personalize the user interface, e.g. within the range of a chosen language or region, from which the user originates, font size, website layout and design, etc.
  7. In many cases, software used for browsing websites (internet browser) allows the cookie files to be stored on the user terminal device by default. Service Users can change the cookie settings at any time. Those settings can be changed; specifically, the user may decide to block the automatic control of cookies in the settings of their web browser or to be informed at any one time about a cookie being saved on their device.  Detailed information on the possibilities and ways to control cookie files can be found in the software (web browser) settings.
  8. The Website operator informs users that the limitations in using cookie files may impact some of the functionalities available on the webpages of the Website.
  9. Cookie files stored on the terminal device of the Website user may be used by advertisers and partners collaborating with the Website operator.