Gdynia Maritime University GMU

The Controller of your personal data is Gdynia Maritime University (81-87 Morska Street, Gdynia). The Data Controller has designated a Data Protection Inspector (email: iod [at] umg.edu.pl).

Your personal data is processed on the basis of Article 6(1)(a), (b), (c), (e) and (f) of the European Parliament and of the Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR), i.e.:

• Processing is necessary for the performance of tasks carried out in the public interest, in particular as defined in the Act on Higher Education and Science of 20 July 2018 and the Act on the National Archival Resource and Archives of 14 July 1983, as well as on the basis of executive acts issued;
• Processing is in certain cases necessary for the performance of a contract to which you are a party or have been named as a contact person;
• In certain cases, the legal basis for processing your personal data shall be your consent to the processing of personal data for a specific purpose. You may withdraw your consent to processing at any time. The withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.

The processing of the aforementioned data is also necessary for the fulfilment of legal obligations binding on Gdynia Maritime University under currently applicable national legislation, inter alia, in tax and social security law, in order to fulfil statutory tasks as a payer relating to employment as employees, contractors and subcontractors, as well as in connection with scholarship payments and other benefits related to the calculation and collection of taxes or other public law liabilities.

The sole recipients of your personal data are the entities authorised to have access to it in accordance with the rules and the scope provided for by the relevant laws or other relevant provisions, in particular the competent tax authority, the social security office or the state labour inspectorate.

The personal data processed by Gdynia Maritime University as data controller falls into the category of ordinary personal data. In the cases strictly defined in Article 9(2) of the GDPR, special categories of data may be processed.

The provision of your personal data is voluntary. However, the requirement for processing results from the obligations of public law binding on Gdynia Maritime University or, in some cases, results from the conclusion of a contract. Refusal to provide your personal data will result in you being unable to complete the application process - a requirement for enrolment on 1st-cycle, 2nd-cycle, combined bachelor’s and master’s and doctoral degree programmes, in accordance with the statutory rights of Gdynia Maritime University. Refusal to provide data in the event of a contract being concluded will result in the early termination of the contract or will hinder its fulfilment.

Your personal data will be kept for the period provided for in current legislation, will not be processed by automated means or be subject to profiling.

You have the right to access and rectify your personal data. The right to request the deletion or restriction of processing of your data, and to object to the processing of such data provided for in the GDPR is subject to the limitations of the abovementioned Acts and other provisions of law that require Gdynia Maritime University to retain certain data for a legally defined period of time.

You are entitled to lodge a complaint with the President of the Personal Data Protection Office in Warsaw if the processing of your personal data violates applicable laws.