Privacy and security

Contact to the Data Protection Inspector of the Provincial Labor Office in Zielona Góra

Pursuant to the requirements of Article 37 paragraph 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR and Article 10 of the Act of 10 May 2018 on the Protection of Personal Data, a Data Protection Supervisor has been appointed at the Voivodeship Labor Office in Zielona Góra.

Data subjects may contact the Data Protection Officer on all matters relating to the processing of their personal data and the exercise of rights under the GDPR.

Contact details:

  • Electronically to the e-mail address: iod@wup.zgora.pl
  • In writing to the office address:
    Provincial Labor Office in Zielona Góra
    Wyspiańskiego 15, 65-036 Zielona Góra

Detailed information for data subjects about the principles of processing their personal data

Information clause of the Voivodeship Labor Office in Zielona Góra – project implementer no. FAMI.02.01-IZ.00-0020/24 entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners"

In connection with the implementation of the project entitled "Action - Migration. Lubuskie Centre for the Integration of Foreigners", co-financed by the Asylum, Migration and Integration Fund for 2021-2027 (hereinafter referred to as the "project"), on the basis of Article 13 paragraphs 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR, we would like to inform you that:

  1. The administrator of personal data is the Provincial Labor Office in Zielona Góra with its registered office at 15 Wyspiańskiego Street, 65-036 Zielona Góra, tel. /68/ 456 56 10, e-mail: wup@wup.zgora.pl.
  2. The Voivodeship Labor Office in Zielona Góra has appointed a Data Protection Officer (DPO), who can be contacted on all matters related to the processing of personal data and the exercise of rights under the GDPR. The DPO can be contacted via email at: iod@wup.zgora.pl or by post – to the office address.
  3. Personal data will be processed for the purpose of implementing the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners," including in particular: exercising rights and obligations arising from the financial agreement, conducting substantive activities of the project, financial settlement of the project as part of payment applications, conducting information and promotional activities (including using the social media platforms Facebook and Instagram), registering and storing project data in electronic form, reporting, monitoring, auditing/control, and fulfilling archiving obligations.
  4. Personal data will be processed on the basis of:
    • Article 6(1)(b) of the GDPR (processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract) – in the case of concluding a contract, e.g. with an external contractor of project activities;
    • Article 6(1)(c) of the GDPR (processing is necessary to fulfil a legal obligation incumbent on the controller) – the principles of project implementation result from the provisions of Community and national law;
    • Article 6(1)(e) of the GDPR (performance of a task carried out in the public interest or in the exercise of public authority vested in the controller) – the implemented project serves the public good and improves the quality of life of citizens;
    • Article 9(2)(g) and (j) of the GDPR – regarding the processing of special categories of data;
    • Regulation (EU) No 2021/1060 of the European Parliament and of the Council of 24 June 2021 laying down common provisions on the European Regional Development Fund, the European Social Fund Plus, the Cohesion Fund, the Just Transition Fund and the European Maritime, Fisheries and Aquaculture Fund and financial rules for those and for the Asylum, Migration and Integration Fund, the Internal Security Fund and the Instrument for financial support for border management and visa policy;
    • Act of 28 April 2022 on the principles of implementing tasks financed from European funds in the 2021-2027 financial perspective;
    • Act of 14 July 1983 on national archival resources and archives;
    • other specific provisions regulating the procedure for performing specific project tasks (e.g. the Act of 11 September 2019 – Public Procurement Law).
  5. The processing of personal data is not based on Article 6(1)(f) of the GDPR, i.e. it does not concern the legitimate interests pursued by the controller.
  6. The Controller and Meta Platforms Ireland Limited are joint controllers of personal data, pursuant to Article 26 of the GDPR, for the purpose of displaying statistics on the Controller's fan page activity on Facebook and Instagram, and for the processing of data for statistical and advertising purposes. Detailed information is available at: https://www.facebook.com/legal/terms/page_controller_addendum.
  7. Personal data will not be transferred to a third country/international organization, subject to the transnational nature of data flow within Facebook/Instagram, through which the project implementer disseminates information regarding the project. The owner of Facebook/Instagram (Meta Platforms Ireland Limited), as a joint controller of personal data within the meaning of Article 26 of the GDPR, may transfer data outside the European Economic Area.
  8. The recipients of personal data may be:
    • The Managing Authority (MA), referred to in Article 2, point 12) of the Implementation Act, which under the Asylum, Migration and Integration Fund for 2021-2027 (AMI 2021-2027), is the Department of European Funds of the Ministry of Interior and Administration;
    • other institutions and entities participating in the AMIF 2021-2027 implementation system, including the Intermediate Body (European Projects Service Centre of the Ministry of Interior and Administration) and the Plenipotentiary of the Minister of Interior and Administration for European Funds for Migration, Borders and Security in the Ministry of Interior and Administration;
    • members of the Monitoring Committee referred to in Chapter 5 of the Implementation Act;
    • The audit institution referred to in art. 2 item 9) of the Implementation Act, which is the Head of the National Revenue Administration (the tasks of the Audit Office are carried out with the help of employees employed in a separate unit of the Ministry of Finance - the Department of Audit of Public Funds);
    • project partners (Lubuski Voivodeship Office and Caritas of the Zielona Góra-Gorzów Diocese);
    • European Union institutions and other entities participating in the AMIF 2021-2027 implementation system;
    • persons or entities to whom documentation may be made available pursuant to Article 1, Section 1 of the Act of 6 September 2001 on Access to Public Information (taking into account the provisions of Article 5 of that Act);
    • entities authorized to handle postal deliveries;
    • entities providing delivery services using electronic means of communication (e.g. ePUAP, e-delivery);
    • banking institutions (in terms of providing financial resources for the implementation of the project);
    • administrator of the IT system supporting the implementation of the project – CST2021;
    • administrator of the "Competitiveness Database" platform;
    • The President of the Public Procurement Office as the administrator of data of e-procurement platform users;
    • provider of the Centralized System for Access to Public Information (SSDIP), which is used to provide access to the relevant BIP pages (minister responsible for digital affairs);
    • entity providing WUP e-mail hosting services;
    • contractor of a dedicated website;
    • contractors commissioned to provide services as part of the project (e.g. legal and psychological services, Polish language courses);
    • entities to which documentation containing personal data is transferred for the purpose of disposal (destruction);
    • State Archives – in the scope of archival materials stored permanently;
    • entities processing personal data on behalf of the controller on the basis of concluded contracts/agreements on entrusting the processing of personal data (including IT system providers);
    • bodies authorized to receive personal data on the basis of other legal provisions (control authorities, courts, law enforcement authorities);
    • the owner of the social networking site Facebook and Instagram in accordance with the rules available at: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0 https://help.instagram.com/833836199971426/?locale=pl_PL.
  9. Pursuant to Article 91 of the Implementation Act, personal data will be processed for the period necessary to achieve the project objectives and to comply with archiving obligations arising from the Act of 14 July 1983 on national archival resources and archives (taking into account the internal regulation on the establishment and introduction of the Office Instruction, the Uniform Material List of Files and the Instruction on the organization and scope of operation of the company archive at the Voivodeship Labor Office in Zielona Góra).
  10. In connection with the processing of personal data, you have certain rights, including:
    • the right to access the content of personal data and the right to receive a copy thereof;
    • the right to request rectification (correction) of personal data;
    • the right to request the restriction of the processing of personal data in the cases specified in Article 18 of the GDPR;
    • the right to object to the processing of personal data in the cases specified in Article 21 of the GDPR;
    • the right to lodge a complaint with the supervisory authority (the Personal Data Protection Office) if the processing of personal data violates the provisions of the GDPR.
  11. The processing of personal data is not based on previously granted consent to the processing of personal data – therefore, the right to withdraw consent at any time cannot be exercised without affecting the lawfulness of processing based on consent before its withdrawal.
  12. Providing personal data is voluntary.
  13. No automated decision-making, including profiling, will be used in relation to the personal data obtained.

Information about other controllers involved in the processing of personal data

Pursuant to the provisions of Article 88 of the Act of 28 April 2022 on the principles of implementing tasks financed from European funds in the 2021-2027 financial perspective and in the project financial agreement, entities participating in the European funds implementation system for 2021-2027 are controllers of personal data within the meaning of Article 4 point 7) of the GDPR. As part of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners", in addition to the Voivodeship Labor Office in Zielona Góra (project implementer), separate controllers of personal data are, among others:

  1. Project partners: Lubuskie Voivodeship Office with its registered office in Gorzów Wielkopolski at ul. Kazimierza Jagiellończyka 8 and Caritas of the Diocese of Zielona Góra-Gorzów with its registered office in Zielona Góra at ul. Generała Józefa Bema 32/34.
  2. Intermediate Body - European Projects Service Centre of the Ministry of Interior and Administration with its registered office in Warsaw, Zygmunt Modzelewski 77.
  3. Managing Authority - Department of European Funds of the Ministry of Interior and Administration, based in Warsaw at Aleja Jana Chrystiana Szucha 2/4.

Personal data may be made available to authorized entities that are separate controllers for the purpose of implementing the project, including conducting substantive activities, financial settlement, monitoring, reporting and control.

Website Privacy Policy

Privacy Policy for the website of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners"

The purpose of the website

The website of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners," implemented by the Voivodeship Labor Office in Zielona Góra (together with partners: the Lubuskie Voivodeship Office and Caritas of the Zielona Góra-Gorzów Diocese) under the Asylum, Migration and Integration Fund for 2021-2027 (FAMI 2021-2027), provides information about events (including meetings and conferences) organized as part of this project and their long-term results. It also allows for the publication of detailed guidelines for those interested in participating in project activities and establishing cooperation with our unit.

The purpose of preparing a privacy policy

The purpose of preparing the privacy policy is to ensure respect for the privacy of website users within the meaning of the provisions on personal data protection (in particular Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - General Data Protection Regulation), hereinafter referred to as: "GDPR".

Administrator identity

The administrator of the website you are visiting and the data (including personal data) obtained and collected in connection with your browsing of our website is the Provincial Labor Office in Zielona Góra, with its registered office at 15 Wyspiańskiego Street in Zielona Góra. You can contact the administrator by traditional mail at the office's address (15 Wyspiańskiego Street, 65-036 Zielona Góra), by telephone at /68/ 456 56 10, or by email: wup@wup.zgora.pl.

Types of information about website users that is processed

When browsing our website, certain technical information is automatically collected by the user's computer and recorded by the administrator. This data includes, in particular: first name, last name, email address (if using the contact form), computer IP address, data contained in cookies, browser type, data about the internet session, data about the device used (computer, smartphone), website activity, and location data. The types of data indicated above do not, on their own, identify the individual visiting the website; however, when combined with other user information, they may constitute personal data subject to protection under the GDPR.

Legal basis for processing personal data

  1. Article 6(1)(a) of the GDPR (“consent of the data subject”) – in the case of consent to cookies.
  2. Article 6(1)(c) of the GDPR (“processing is necessary to comply with a legal obligation to which the controller is subject”) – in order to provide the website service in accordance with the provisions on the provision of services by electronic means.

The purpose of processing personal data

The data is processed solely for the purpose of ensuring high-quality website services and ongoing improvement of its functionality to ensure comfortable use of the information published there.

Period of storage of personal data

We take reasonable measures to ensure that data is processed for the purposes indicated in the privacy policy for the shortest possible time. In accordance with the "storage limitation principle" referred to in Article 5(1)(e) of the GDPR, data is stored for no longer than necessary to achieve the objectives of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners."

Information about recipients of personal data

The Controller discloses website user data to processors under personal data processing agreements concluded to provide services to the Controller (e.g., website hosting and maintenance, IT services, email management). In justified cases arising from generally applicable laws, we may disclose collected data to authorized entities, for example, upon request from a court, prosecutor's office, or other authorized public administration body. If necessary to protect the vital interests of the data subject or another natural person, we may also grant access to this information in critical situations, for example, when there is a threat to the health or life of the data subject.

Information on the transfer of personal data to a third country or international organization

The Administrator does not intend to transfer the data of website users to a third country or an international organization.

Rights of data subjects

In connection with data processing, under the GDPR, you have certain rights:

  1. the right to information about data processing – the controller informs the data subject about the purposes and legal basis of processing, the scope of personal data obtained, the entities to which they are disclosed and the planned period of storage of personal data.
  2. the right to obtain a copy of the data – the controller provides the person making the request with a copy of the personal data concerning him/her.
  3. the right to rectify (correct) data – at the request of the data subject (data subject), the controller is obliged to correct data that is incorrect and to supplement any omissions.
  4. the right to delete data – in the cases specified in Article 17 of the GDPR.
  5. the right to restrict data processing – at the request of the data subject, the controller ceases to perform operations on personal data, in accordance with the requirements of Article 18 of the GDPR.
  6. the right to data portability – in the cases specified in Article 20 of the GDPR.
  7. right to object – the person whose personal data is processed may at any time object to the processing of personal data which is carried out on the basis of the legitimate interest of the controller.

In order to exercise the above-mentioned rights, the data subject should read the "Procedure for the exercise of the rights of data subjects indicated in Articles 15-21 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)", posted in the Public Information Bulletin of the Provincial Labor Office in Zielona Góra at the following address: https://wupzielonagora.bip.gov.pl/realizacja-praw-osob-ktorych-dane-osobowe-dotycza/realizacja-praw-osob-ktorych-dane-osobowe-dotycza.html.

The right to lodge a complaint with the supervisory authority

In cases where the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the supervisory authority (the Office for Personal Data Protection).

Automated decision making

The Administrator does not subject the collected data to automated decision-making processes, including profiling.

Copyright

The content of this website (articles and other texts, graphics, photos, and any other information provided in any form) is protected under the provisions of the Act of 4 February 1994 on Copyright and Related Rights. Copying the content of this website for personal use without the administrator's consent is prohibited; we permit linking to article content. We strive to ensure that the information published is accurate, current, and helpful. We are not responsible for the consequences of third parties using the content of our website for illegal purposes.

Links to other sites

Our website may contain links to other websites. The privacy policies applicable to those websites are determined by their administrators. We suggest that after visiting other websites, you review their privacy policies. This privacy policy applies only to the website of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners."

Rules for introducing changes to the privacy policy

The privacy policy may be amended or supplemented according to the administrator's current needs. Changes to the privacy policy are intended to provide users with reliable information about all conditions for the processing of their data. The privacy policy takes effect on the date it is published on the website.

Cookie Policy

Cookie Policy for the website of the project entitled "Action - Migration. Lubuskie Center for the Integration of Foreigners"

Administrator identity

The entity that places information on the user's end device (e.g. computer, tablet, smartphone) in the form of cookies (so-called "cookies") and simultaneously gains access to them is the Voivodeship Labor Office in Zielona Góra, with its registered office at ul. Wyspiańskiego 15 in Zielona Góra. You can contact the administrator by traditional mail to the office's address (ul. Wyspiańskiego 15, 65-036 Zielona Góra), by phone at /68/ 456 56 10, or via email: wup@wup.zgora.plWe limit the information we collect and use about users to the minimum necessary to provide the appropriate level of service.

Legal basis

When using cookies, two legal acts should be taken into account:

  1. The Act of 16 July 2004 - Telecommunications Law (consolidated text: Journal of Laws of 2024, item 34, as amended) - in particular Article 173 of the Act implementing Article 5(3) of Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
  2. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – GDPR.

Types of cookies used

Our website uses cookies that contain information that helps improve the website's performance and analyze website traffic. We use cookies to: collect anonymous statistics (which allow us to analyze user preferences and modify the site's functionality to make it more user-friendly), ensure the website's proper functioning, and optimize its graphic design (including adapting the site to various devices).

What are cookies?

Cookies are IT data—small text files stored on a user's computer or other mobile device (smartphone, tablet) when using websites. These files are used to access various functions on a website or to indicate that the user has viewed specific content on the website. Cookies collect data such as the name of the website they originate from, the cookie's "lifespan" (how long the cookie is stored on the user's device), and a unique number generated to identify the web browser the user is using to connect to the website. Cookies often store information necessary for the website to function properly. More details about cookies can be found on the website: www.wszystkoociasteczkach.pl or in the web browser menu in the "Help" section.

Types of cookies used

We use "persistent" and "session" cookies on our website:

  • "constantly" – they exist on the user’s device for as long as their activity has been programmed or until they are manually deleted (they enable the identification of new and returning website users).
  • "session" – these are temporary files stored in the browser's memory and remain on the user's device until the user leaves the page being viewed.

Cookies are not linked to other information about the user, in particular personal data that allows for the identification of the user's identity.

Changing cookie settings

If you do not consent to the use of cookies or wish to limit their use, you can modify your browser settings at any time. However, please note that limiting or disabling cookies may affect some website functionality or cause it to malfunction. More information on changing cookie settings can be found in the "Help" section of your browser menu.

Further information on how cookies work in the most popular web browsers can be found at:

Cybersecurity

In fulfilling the obligation arising from Article 22 paragraph 1 point 4) of the Act of 5 July 2018 on the national cybersecurity system, we provide you with information to help you understand cybersecurity threats and tips on how to protect yourself against these threats.

Cybersecurity (as defined in the Act on the National Cybersecurity System) is the resistance of information systems to activities that violate the confidentiality, integrity, availability and authenticity of processed data or related services offered by these systems.

Any events that have or may have an adverse impact on maintaining cybersecurity attributes (confidentiality, integrity, availability and authenticity) are called incidents.

The most common threats and ways to protect against them:

Phishing

This is one of the most common types of email or text message attacks. Phishing relies on social engineering, a technique whereby cybercriminals attempt to deceive you and induce you to act in accordance with their intentions. Cybercriminals, posing as courier companies, public administration offices, telecommunications operators, or even our friends, attempt to obtain login details for things like bank accounts, social media accounts, or IT systems. Phishing messages are crafted to appear authentic, but are in fact fake. They may attempt to trick you into revealing confidential information, contain a link to a website distributing malware (criminals often use similar website names), or contain an infected attachment.

How to avoid threats?
Carefully verify the website address before logging in. Don't enter your username and password on suspicious websites. Don't provide your online banking or social media login details until you're sure you're on the right website. Don't open links or attachments in emails or text messages from unknown email addresses or phone numbers.

Vishing (voice phishing)

A type of phishing scam involving phone calls. Criminals impersonate bank or other company representatives, the police, or even family and friends in order to obtain personal information, logins, passwords, and credit card details.

How to avoid threats?
Do not make any hasty decisions and do not act under the influence of emotions, hang up and verify the caller, dial the number of the institution sending the message on the keypad and call, or visit its branch, pay attention to any inaccuracies and ambiguities in messages or questions that seem suspicious or contain language errors, do not give anyone logins, passwords or authorization codes.

Ransomware

This program belongs to a family of malware. It causes files on the device to be locked or encrypted.

How to avoid threats?
Regularly back up the data stored on your computer, secure your devices with antivirus software, regularly update your software – some attacks exploit existing software vulnerabilities, be vigilant when using the Internet – do not download attachments from unknown email addresses, do not click on suspicious links or install software from an unreliable source, and use public Wi-Fi networks with caution.

Malware

Malicious software, or malicious software, refers to any program that has harmful effects on a computer system or its user.

How to avoid threats?
Do not open suspicious messages and attachments, because if malware is installed on your device, hackers can take over access to, for example, your bank account, block all files on your computer, making it impossible to open them.

Adware

This virus is one of the most frequently detected by antivirus programs. Adware is a type of malware that, regardless of the recipient's consent, disrupts computer use by displaying intrusive and unwanted advertisements.

How to avoid threats?
Do not install free software, read the terms and conditions carefully before installing the software, beware of false links displayed on the websites you visit, which, when clicked, may redirect you to download adware, install a program that blocks appearing ads such as AdBlock, install an antivirus program.

Worms (computer worms)

A computer worm is a type of malware that can replicate itself on a computer system without infecting specific files. Computer worms operate by spreading across computer networks. Once inside a system, a worm can perform various actions, such as corrupting system files, stealing data, or transforming the infected computer, which can then be used to attack other systems.

How to avoid threats?
The most effective method of protection against computer worms is to install an antivirus program, which is designed to scan your system for malware and block any infection attempts.

Keylogger

This is a type of malware that is used to steal passwords and other data.

How to avoid threats?
The most effective protection method is to install an antivirus program that scans your system for malware and blocks any infection attempts.

Good practices:

  • The principle of limited trust - increased caution allows you to reduce the risk of your computer being infected or data being lost.
  • Keep your antivirus programs up to date – make sure you have malware protection installed and updated.
  • Use only legal software.
  • Do not log in to banking or email services from public networks.
  • Do not open suspicious emails and attachments, pay attention to files with multiple extensions, e.g. fakta.pdf.zip.
  • Avoid sites without a valid certificate (no https) unless you are sure about their security.
  • Do not leave your personal data on unverified websites, always read regulations and policies.
  • Do not email confidential data without encryption.
  • Please remember that hospitals, banks and offices do not send emails asking for passwords or logins.
  • Download applications only from official sources.
  • Enable your device to lock its screen after a period of inactivity.
  • Do not share your login and password with anyone.
  • Avoid simple passwords, do not write them down in visible places, use different passwords for different systems.

Cybersecurity information sources: