The rules of personal data processing

Due to Regulation 2016/679 of 27 April 2016 of the European Parliament and of the Council of Europe (EU) on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46 /EC (General Data Protection Regulation - hereinafter referred to as GDPR), the Main Library of Cracow University of Economics informing you that:

  1. The administrator of your personal data are processed in accordance with the regulations, is the Cracow University of Economics, Rakowicka 27, 31-510 Kraków.
  2. Cracow University of Economics has appointed a Data Protection Supervisor, which you can contact via e-mail: iod@uek.krakow.pl, phone (+48) 12 293-75-90
  3. Purposes and legal basis for the processing of your personal data:
    The Main Library of the CUE processes personal data for purposes resulting from the performance of its tasks, in particular: handling the loan process, including identification and contact with the user (notifying about the availability of ordered and reserved books, monitoring in the event of exceeding the deadline for returning books, contacting with the correct implementation of library services reported via forms available from the Main Library website), for training purposes, implementation of interlibrary orders, preparation of scans, submission of a book for purchase, assistance in the preparation of the Research Data Plan, applications to the Digital Library - based on the following legal bases:

    1. art. 6 sec. 1 lit. c) General Data Protection Regulation (GDPR) - the administrator's fulfillment of the legal obligation specified in the provisions of the Act of 20 July 2018 - Law on Higher Education and Science (Journal of Laws of 2018, item 1668) - art. 49 sec. 2 and §32 section 4 of the CUE Statute - app. to the Senate Resolution No. 44/2020 of November 23 2020;
    2. art. 6 sec. 1 lit. e) GDPR - performance by the administrator of a task carried out in the public interest, indicated in art. 11 sec. 1 point 9 of the Act of July 20, 2018 - Law on Higher Education and Science;
    3. art. 6 sec. 1 lit. f) GDPR - when the processing of personal data is necessary for the purposes of the legitimate interests pursued by the administrator or by a third party, in particular activities related to the pursuit of possible claims in the event of failure to settle the reader's obligations towards the Main Library.
  4. The recipients of your personal data will only be relevant external entities, in particular dealing with IT or legal services for the CUE, on the basis of contracts for entrusting the processing of personal data, or institutions authorized to control the activities of the CUE and to gain access to personal data on the basis of legal provisions.
  5. Your personal data will be processed for a period of 2 years from the date of the last activation of the library account or you submit a request to delete the data. This period may be extended if the user’s obligations towards the Main Library are not settled while the claims are being made.
  6. In connection with the processing of your personal data, you have the right to access your personal data, rectify it, delete or limit processing, object to processing - in the cases and on the terms specified in the provisions of the GDPR.
  7. You have the right to lodge a complaint with the President of the Personal Data Protection Office if you feel that the processing of your personal data violates the provisions of the GDPR.
  8. Providing personal data is voluntary, but it is a prerequisite to use the services of the Main Library. Failure to provide data will result in the inability to use these services.
  9. Your personal data will be partially processed in an automated manner, but will not be processed in the form of profiling.

Information on visual monotoring