top of page



    1. The administrator of personal data collected through the website  is  the Polish Chess Foundation, hereinafter referred to as the "Administrator". Contact with the Administrator is possible

    2. The Controller is not obliged and has not appointed a Personal Data Protection Officer.

    3. Personal data collected by the Controller through the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as GDPR and the Personal Data Protection Act of 10 May 2018.


    1. PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes personal data obtained through the website  in order to:

      1. use of the contact form by the user. Personal data is processed on the basis of consent pursuant to Article 6(1)(a) of the GDPR

      2. conducting marketing of own services by the Administrator. Personal data is processed on the basis of Article 6(1)(f) of the GDPR as part of the legitimate interest of the Controller

      3. sending the Newsletter. Personal data is processed with a separate consent, pursuant to Article 6(1)(a) of the GDPR

    2. THE TYPE OF PERSONAL DATA PROCESSED. The Controller processes the following categories of personal data of the user:

      1. Name and surname,

      2. Adres e-mail,

      3. Numer by phone.

    3. PERIOD OF ARCHIVING PERSONAL DATA. Users' personal data are stored by the Administrator:

      1. if the basis for data processing is the performance of a contract, for as long as it is necessary for the performance of the contract, and after that time for the period corresponding to the period of limitation of claims. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to the conduct of business activity – three years.

      2. if the basis for data processing is consent, as long as the consent is not revoked, and after the consent is withdrawn for a period of time corresponding to the period of limitation of claims that the Administrator may raise and that may be raised against him. Unless a specific provision provides otherwise, the limitation period is six years, and for claims for periodic benefits and claims related to the conduct of business activity – three years.

      3. Legitimate interest of the controller – until the interest ceases to exist + information about the right to object.

    4. When using the website, additional information may be collected, in particular: the IP address assigned to the user's computer or the external IP address of the Internet provider, the domain name, the type of browser, the time of access, the type of operating system.

    5. Navigational data may also be collected from you, including information about the links you choose to click on or other actions you take on the website. The legal basis for this type of activity is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consisting in facilitating the use of services provided electronically and improving the functionality of these services.

    6. Providing personal data by the user is voluntary.

    7. Personal data will also be processed by automated means in the form of profiling, provided that the user has given his consent to this on the basis of Article 6(1)(a) of the GDPR. The consequence of profiling will be the assignment of a profile to a given person in order to make decisions concerning him/her or to analyse or predict his/her preferences, behaviours and attitudes.

    8. The Controller shall exercise special care in order to protect the interests of data subjects, and in particular shall ensure that the data collected by it are:

      1. processed in accordance with the law,

      2. collected for specified, lawful purposes and not subjected to further processing incompatible with those purposes,

      3. substantively correct and adequate in relation to the purposes for which they are processed and stored in a form that allows the identification of the data subjects, no longer than is necessary to achieve the purpose of processing.


    1. Users' personal data are transferred to service providers used by the Administrator to run the website. The service providers to whom the personal data are transferred, depending on the contractual arrangements and circumstances, are either subject to the instructions of the Controller as to the purposes and means of the processing of such data (processors) or independently determine the purposes and means of their processing (controllers).

    2. Your personal data is processed only within the European Economic Area (EEA) and is not transferred outside the EEA.


    1. The data subject has the right to access their personal data and the right to rectify, delete, limit processing, the right to transfer data, the right to object, the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

    2. Legal Basis for Your Request:

      1. Access to data – Article 15 of the GDPR

      2. Rectification of data – Article 16 of the GDPR.

      3. Deletion of data (the so-called right to be forgotten) – Article 17 of the GDPR.

      4. Restriction of processing – Article 18 of the GDPR.

      5. Data portability – Article 20 of the GDPR.

      6. Objection – Art. 21 GDPR

      7. Withdrawal of consent – Article 7(3) of the GDPR.

    3. In order to exercise the rights referred to in point 2, you may send an appropriate e-mail to the following address:

    4. In the event that the user fulfils the right resulting from the above rights, the Administrator shall comply with the request or refuse to comply with it immediately, but not later than within one month after receiving it. If, however, due to the complexity of the request or the number of requests, the Administrator is unable to comply with the request within one month, it will comply with it within the next two months, informing the user in advance within one month of receipt of the request about the intended extension of the deadline and the reasons for it.

    5. If it is found that the processing of personal data violates the provisions of the GDPR, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.


    1. The Polish Chess Foundation does not automatically collect any information, except for the information contained in cookies.

    2. Cookies are IT data, primarily text files, stored on the Foundation's User's end device and intended for the use of the Foundation's websites. They usually contain the name of the website from which they originate, the time of storage on the end device and a unique number.

    3. The entity placing cookies on the Foundation's User's end device and gaining access to them is the operator of the Polish Chess Foundation's website.

    4. Cookies are used to:

  2. adapt the content of the Foundation's websites to the User's preferences and optimize the use of the websites; allow to recognize the Foundation's User's device and properly display the website, tailored to their needs;

  3. creating statistics that help to understand how Users use the Foundation's websites, which allows us to improve their structure and content.

    1. The Foundation's website uses two types of cookies: "session" (temporary) and "persistent". "Session" cookies are stored until you leave the website or close your browser. "Persistent" cookies are stored for the period of time specified in the cookie parameters or until they are deleted by the User.

    2. Types of cookies used by the Foundation:

  4. "necessary" cookies, enabling the use of services available on the Foundation's website;

  5. cookies used to ensure security, e.g. fraud detection;

  6. "performance" cookies, collecting information about the use of the Foundation's websites;

  7. "functional" cookies, enabling "remembering" the User's settings and personalizing the interface;

  8. "advertising" cookies, providing advertising content tailored to the User's interests.

    1. Users can change their cookie settings at any time, blocking their automatic use in the browser or informing about their placement. Detailed information on the use of cookies is available in the browser settings.

    2. Restrictions on the use of cookies may affect the functionalities available on the Foundation's websites.

    3. Cookies may also be used by partners cooperating with the Foundation.

    4. More information about cookies is available on the or in the "Help" section of your web browser's menu.


    1. The Controller applies technical and organizational measures to ensure the protection of the processed personal data appropriate to the threats and categories of data protected, and in particular protects the data against unauthorized access, taking by an unauthorized person, processing in violation of applicable regulations, and change, loss, damage or destruction.

    2. The Administrator shall provide appropriate technical means to prevent unauthorized persons from obtaining and modifying personal data sent electronically.

    3. In matters not covered by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.

bottom of page