Privacy policy

INFORMATION ON DATA PROCESSING FOR LIBRARY USERS

Due to the applicable provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation “RODO”), the Medical University of Lodz informs you that:

  1. The administrator of your personal data is the Medical University of Lodz, Al. Kościuszki 4, postal code: 90-419 Lodz, tel.: 422725803, NIP: 725 18 43 739, REGON: 473 073 308. Contact with the Administrator is possible via the contact details and through the electronic mailbox at: umed@umed.lodz.pl
  • Contact with the Data Protection Officer is possible via e-mail address: iod@umed.lodz.pl.
  • The Administrator processes the personal data of library users for the purposes and on the basis of:
  • User services and also for statistical purposes in order to fulfil public tasks on the basis of Article 6(1)(e) RODO in accordance with the Library Act of 27 June 1997;
  • in connection with the fulfilment of legal obligations imposed on the controller, in particular on the basis of legal provisions, inter alia the Law on Libraries, the Law on Higher Education and Science, on the basis of Article 6(1)(c) RODO;
  • the data may be processed for the purposes of possible investigation or redress of claims arising from the use of library resources on the basis of. 6(1)(f) RODO;
  • personal data may also be processed in connection with the conduct of internal activities related to the activities of the controller on the basis of Article 6(1)(f) RODO.
  • The provision of personal data is voluntary but necessary to enable the use of library resources.
  • Personal data are not subject to automated processing, including profiling.
  • Personal data will be processed for the duration of the validity of the library card and, after the expiry of the card, for the time prescribed by applicable law or until the statute of limitations for mutual claims.
  • Recipients of personal data will be: entities providing and supporting IT systems used by the Administrator and entities providing services related to the day-to-day activities of the Administrator – under relevant personal data entrustment agreements and with the assurance of the application by the above entities of adequate technical and organisational measures ensuring data protection. Personal data may also be made available to entities authorised on the basis of applicable laws.
  • Personal data will not be transferred to a third country or international organisation, unless required by applicable law. However, in this case, the Data Controller will ensure that the legal basis and the appropriate level of data security are ensured, guaranteeing that the conditions set out in Chapter V of the RODO are met.
  • To the extent required by law, each data subject has the right of access to his/her data and the right to rectification, erasure, restriction of processing and the right to object to the processing.
  • In case of doubts related to the processing of personal data, any person may request information from the Controller.
  • Notwithstanding the above, each person has the right to lodge a complaint with the supervisory authority – the President of the Office for Personal Data Protection.

The University of Lodz Medical School’s privacy policy is available at the link: PRIVACY POLICY

Share: