PRIVACY AND COOKIES POLICY

1. Protecting the security and privacy of your personal information is of utmost importance to the JiM Foundation. The following provisions will provide information about what data we collect and for what purpose we use it, and to whom we may provide it. JiM Foundation uses only the data you have provided and only for the purpose for which you have contacted us, such as to answer a question, provide support, or share your Story. You have the full right to make decisions about your personal data. It is of utmost importance to the JiM Foundation that you trust us to protect the personal information you entrust to us.
2. The Privacy Policy defines the rules of processing personal data in the websites operated by JiM Foundation, based in Lodz, 105 Tatrzanska Street.

• The Cookies Policy defines the rules for storing and accessing data on the Devices of Users using the Services by the Administrator of the Website. In addition, the Cookies Policy also serves to indicate the period of functioning of these files and whether third parties can access such files.

 

• 1 DEFINITIONS

• Service - Internet services operating at https://www.jim.org;
• External service - the websites of the Administrator's partners, service providers or service recipients;
• Administrator - JiM Foundation with its registered office in Łódź, 105 Tatrzańska Street, registered in the register of associations, other social and professional organizations, foundations and independent public health care facilities, kept by the District Court for Łódź-Śródmieście in Łódź, XX Economic Division of the National Court Register under KRS number: 0000127075, NIP: 7282455613, as an entity operating the https://www.jim.org website and storing and accessing information in User's devices, using websites operating at https://www.jim.org;
• User - a natural person or legal entity for whom the Administrator provides electronic services through the Service;
• Device - an electronic device with software, through which the User accesses the Service;
• Cookies - text data collected in the form of files placed on the User's Device.

• 2 PERSONAL DATA - LEGAL GROUNDS, PURPOSES OF PROCESSING, RECIPIENTS OF DATA

The administrator of your personal data is JiM Foundation, based at 105 Tatrzańska Street, 93-279 Lodz. If you have any questions regarding the protection of your personal data, please contact us, which is possible via e-mail: iod@jim.org. The Administrator obtains and processes personal data on the following legal grounds and for the following purposes:

1. execution of a contract or taking actions necessary to conclude a contract (Article 6(1)(b) of the DPA) in connection with the execution of a donation, the operation of a sub-account;
2. legal obligation incumbent on the administrator (Article 6(1)(c) of the DPA) in connection with the performance of accounting and tax settlements;
3. realization of purposes arising from the legitimate interest of the administrator (Article 6(1)(f) RODO ) in the case of:

• the need to defend against or assert possible claims,
• To carry out its statutory objectives, i.e. to provide assistance and support to people with disabilities, especially those on the autism spectrum, especially children and young people with disabilities, their families and relatives, and to increase public awareness and knowledge of the problems of people with autism spectrum disorders;
• launching appeals concerning people with disabilities, people on the autism spectrum and their families in Poland, including primarily on issues that are the subject of the Foundation's statutory activities;
• maintaining public profiles on social networks Facebook, Instagram, Youtube, Twitter and LinkedIn. In this regard, the Administrator processes data that visitors to these profiles leave (including comments, likes, online IDs). The personal data of such individuals is processed in order to enable them to be active on the profiles, in order to run the profiles effectively by presenting information on initiatives and other activity to users of the portals, in connection with the promotion of various types of events, for statistical and analytical purposes, and for the purposes of claiming and defending against claims.

 

1. Consent of the data subject (Article 6(1)(a) RODO) in the case of:

• sending the newsletter because we allow you to subscribe to the list of recipients of our newsletter. If you have used this functionality, we process your personal data precisely for the purpose of sending the newsletter. The newsletter may contain informational or marketing content. The processing of this data is based on your consent. You have the right to revoke the consent you have given at any time, however, revoking your consent does not affect the legality of previous data processing.
• marketing information, which may occur as a result of profiling. This decision is made based on the activities you perform on the Service, and in particular on the pages you view. In practice, profiling supports the usability of our Service by allowing us to present you with content that may potentially be of interest to you. You have the right not to be subject to automated profiling, unless you have given your consent, which you can revoke at any time. Your data will then be processed until the consent you have given is withdrawn;
• to analyze and respond to the inquiry submitted via the contact form, chat tool or telephone contact, and in connection with social media activities.
• The recipients of your personal data will be only authorized employees of the JiMi Foundation, authorized persons cooperating with the Foundation, as well as entities acting on behalf of and on behalf of the Foundation, i.e. external entities providing and supporting ICT systems (general ICT infrastructure, e-mail, IT systems), payment operators (entities providing online payment systems) or entities implementing marketing campaigns. Recipients of the data may also be people visiting and using websites operated by the Foundation

 

• 3 TECHNICAL MEASURES

The Administrator protects personal data by using appropriate technical and organizational security measures to avoid accidental or intentional modification of such data, its loss, destruction or unauthorized access to it. From the moment you launch our website, in order to ensure the security of our services, we process such data as:

• The public IP address of the device from which the request came,
• browser type and language,
• date and time of inquiry,
• The number of bytes sent by the server,
• The URL of the previously visited page, in case the visit occurred using this link,
• information about errors that occurred in the execution of the request.

Our legitimate interest in this processing is to keep server event logs and protect the Service from potential hacking attacks and other abuses. Including, the ability to determine the IP address of a person performing an unauthorized activity in the Service area, such as attempting to breach security, or publishing prohibited content, or attempting unauthorized activities using our servers. The processing of this data is based on Article 6(1)(f) of the DPA. Personal data collected in accordance with the purposes specified in this Privacy Policy shall be processed for the period of time necessary to fulfill the purposes indicated above, including performance of the contract, fulfillment of a legal requirement. Recipients of your personal data, depending on the purpose of processing, may be: consulting and advisory companies, law firms, IT solution providers, banks, telecommunications providers, document disposal companies, authorized state authorities.  

• 4 RIGHTS OF DATA SUBJECTS

The processing of personal data gives you the rights specified below. The ability to exercise the rights below is independent of the legal basis for processing your personal data.

• Right of access to data

You have the right to obtain confirmation from us as to whether we are processing personal data concerning you. If we do, you have the right to obtain access to this data, as well as to receive additional information about: the purposes of the processing, the categories of data concerned, the recipients or categories of recipients to whom the data have been or will be disclosed, in particular recipients in third countries or international organizations, where possible the intended period of data retention and, where this is not possible, the criteria for determining this period, the right to request us to rectify, erasure or restriction of data processing, to object to such processing, as well as the right to lodge a complaint with a supervisory authority, the source of the data if your data was not collected from you, automated decision-making, including profiling, and the principles of such decision-making, as well as the significance and anticipated consequences of such processing for you. Upon receipt of such a request, we are required to provide a copy of the personal data subject to processing. If such a request is received by e-mail and if we do not receive another objection, we will also provide the information by e-mail.

• Right to rectify data

You have the right to request that we promptly correct personal data concerning you that is inaccurate. Taking into account the purposes of processing, you have the right to request the completion of incomplete personal data, including by providing an additional statement.

• The right to erasure (to be forgotten)

You have the right to request that we immediately delete personal data concerning you. We are then obliged to delete your personal data without undue delay if one of the following circumstances applies: you have withdrawn your consent to the processing of your personal data and we have no other basis for processing it, you have raised an effective objection to the processing of data concerning you, your personal data has been processed unlawfully, your personal data must be deleted in order to comply with a legal obligation, your data was collected in connection with the offering of information society services.

• Right to restrict processing

You have the right to request us to restrict processing in the following cases: when you question the accuracy of the data - for a period of time that allows us to check the accuracy of the data, the processing is unlawful and you object to the deletion of the data, requesting instead the restriction of its use, we no longer need the personal data for the purposes of processing, but they are needed by you to establish, assert or defend claims, you have objected to the processing of your data - until we determine whether the legitimate grounds on our side override the grounds for your objection.

• Automated decisions, including profiling

You have the right not to be subject to a decision that is based solely on automated processing, including profiling, and produces legal effects on you or similarly significantly affects you. The right does not apply if this decision: is necessary for the conclusion or performance of a contract between you and us, is permitted by Union or Republic of Poland law and which provides for appropriate measures to protect your rights, freedoms and legitimate interests, or is based on your explicit consent.

• The right to file a complaint

You have the right to lodge a complaint regarding the processing of your personal data, to the supervisory authority: President of the Office for Personal Data Protection, 2 Stawki Street, 00-193 Warsaw, tel. 22 531 03 00, fax. 22 531 03 01, e-mail: kancelaria@uodo.gov.pl.

• Right to withdraw consent to processing

In the event that we process your personal data on the basis of your consent to do so, you have the right to withdraw your consent at any time. Naturally, withdrawal of the granted consent does not affect the legality of earlier processing of personal data. The statement of withdrawal of consent should be sent to the mailing address of the JiM Foundation or by email to komunikacja@jim.org.

• Right to data portability

You have the right to receive your personal data provided to us, in a structured and commonly used machine-readable format. You also have the right to send this personal data to another controller without hindrance from us, if the processing is based on consent or under contract, and by automated means. In exercising your right to data portability, you have the right to request that we send the personal data directly to another controller, insofar as this is technically possible. This right must not adversely affect the rights and freedoms of others.

• Right to object

If we process your personal data on the basis of Article 6(1)(f) of the RODO, you have the right to object to the processing of such data, on grounds related to your particular situation. We are then no longer allowed to process this personal data, unless we demonstrate the existence: valid, legitimate grounds for processing, and these grounds must override your interests, rights and freedoms, or grounds for establishing, asserting or defending claims. Also, if you object to the processing of your personal data for direct marketing purposes, then we will not be able to process it for such purposes.

• 5 TYPES OF COOKIES

The Website of the Service uses cookies. These are commonly used, small files containing a string of characters that are sent to and stored on the end device (e.g. computer, laptop, tablet, smartphone) used when visiting the Website. The information is sent to the memory of the browser used, which sends it back the next time you visit the website. We can categorize cookies taking into account three methods of division.

• Internal cookies - files placed and read from the User's Device by the Service's data communications system;
• External cookies - files placed and read from the User's Device by data communications systems of external Services;
• Session cookies - files placed and read from the User Device by the Website during a single session of a given Device. When the session ends, the files are deleted from the User Device;
• Persistent Cookies - files placed and read from the User Device by the Website until they are manually deleted. The files are not deleted automatically after the end of the Device session unless the configuration of the User Device is set to delete cookies after the end of the Device session.

• 6 SECURITY

• Storage and Reading Mechanisms - The storage and reading mechanisms of Cookies do not allow the retrieval of any personal data or any confidential information from the User Device. It is virtually impossible to transfer viruses, Trojan horses and other worms to the User Device.
• Internal cookies - the internal cookies used by the Administrator are safe for the Users' Devices
• External cookies - the Administrator is not responsible for the security of cookies from the Website's partners. The list of partners is provided later in the Cookie Policy.

• 7 PURPOSES FOR WHICH COOKIES ARE USED

• Improving and facilitating access to the Service - The Administrator may store information about user preferences and settings regarding the Service in cookies to improve, enhance and expedite the provision of services on the Service. Cookies administered by us allow us to authenticate access, maintain your session after logging in, protect the Service from hacking attacks, "remember" by your browser the content of the fields of completed forms (optional), customize the content of the Service's web pages to your preferences.
• Statistical Data - The Administrator and External Services use Cookies to collect and process statistical data such as, for example, visitor statistics, statistics of User Devices or statistics of user behavior. These data are collected in order to analyze and improve the Website.
• Serving multimedia services - The Administrator and External Services use Cookies to serve Users with multimedia services.

• 8 EXTERNAL SERVICES

The use of third-party cookies is subject to the privacy and cookie policies of these entities. GOOGLE We use cookies administered by Google Inc. 1600 Amphitheatre Pkwy, Mountain View, CA 94043, United States as part of the service: Google Analytics - they allow us to evaluate the quality of advertising campaigns, implemented using the Google Ads service, as well as to study user behavior and traffic and to compile traffic statistics, Collected by Google Inc are anonymous and aggregate in nature. In particular, they do not contain identifying characteristics (understood as personal data) of the users of the Website. Using the aforementioned services, we collect such data as the sources of acquisition of users visiting the Website, as well as their behavior on the Website, information on the devices and browsers they use, IP address, domain, demographic data (age, gender), interests and geographic data. MS BING MS Bing search, uses data such as the search queries specified in the in the section Bing According to the MS privacy statement. The data is used to guarantee efficient operation and provide the user the best possible working environment. The types of data collected by the search engine depend on the functions used by the user, as well as the configurations and settings made by the user, but are mainly device and usage data. Customers can decide what they submit.  

• 9 THE ABILITY TO DETERMINE THE CONDITIONS FOR STORING AND ACCESSING ON YOUR DEVICES BY THE SERVICE

• The user can at any time, independently change the settings for storing, deleting and accessing the data of stored cookies;
• Information on how to disable cookies in the most popular computer browsers and mobile devices is available at: how to disable cookies;
• The User may, at any time, delete any Cookies stored to date using the tools of the User's Device through which the User accesses the Website's services;
• When you use the Service's website, we may automatically use the cache memory installed on your device. Within the local memory, it is possible to store data inter-sessionally, i.e. between successive visits to the Service website. The purpose of using the cache is to speed up the use of the Website, by eliminating the situation where the same data would be repeatedly downloaded from the Website, thereby overloading the user's Internet connection. The cache can also store data such as your login password.

• 10 SERVICE REQUIREMENTS

• Restricting the storage of and access to Cookies on the User's Device may result in the malfunction of some features of the Website.
• The Administrator shall not be held responsible for malfunctioning functions of the Website in case the User restricts in any way the ability to save and read Cookie files.

• 11 Changes to Cookie Policy

• The Administrator reserves the right to change this Privacy and Cookies Policy at any time without notifying the Users.
• Changes made to the Policy will always be published on this page.
• The changes made come into effect on the date of publication of the Privacy Policy and Cookies.