IDENTITY OF THE CONTROLLER
The Controller of the personal data is the Head of the Office for Foreigners with its seat in Warsaw (00-564) at Koszykowa Street 16, mailing address: ul. Taborowa 33, 02-699 Warszawa.
CONTACT DETAILS OF THE CONTROLLER / DATA PROTECTION OFFICER
The Controller has appointed a Data Protection Officer. The Data Protection Officer can be contacted on all matters concerning the processing of personal data and the exercise of rights in relation to such processing. The data controller can be contacted via e-mail: iod@udsc.gov.pl, by telephone at 47 721 75 51, the Office's box on the EPUAP platform - /UDSC/SkrytkaESP or in writing to the address of the controller's registered office (seat).
PURPOSE OF PROCESSING/ LEGAL BASIS
The data processed through the MOS will be used by the Head of the Office for Foreigners to perform the statutory tasks set out, inter alia, in the Act of 12 December 2013 on foreigners and the Act of 13 June 2003 on granting protection to foreigners within the territory of the Republic of Poland, in particular with regard to filling out on-line application forms in cases of granting a foreigner a temporary residence permit and a permanent residence permit on the territory of the Republic of Poland. In addition, the MOS allows for the creation of Accounts for minors, which are subsequently operated by their legal guardians.
During the use of the Account, the Personal Data will be processed in order to fulfil the Controller’s legal obligation under the aforementioned Acts and to perform tasks carried out within the scope of public authority entrusted to the Controller (Art. 6(1)(c) and (e), Art. 9(2)(g) of the GDPR*).
Personal data may also be processed through the MOS for analytical and statistical purposes on the basis of Article 6(1)(a) of the GDPR. For this purpose, the Controller will collect information such as data from cookies, browser information or IP addresses. If the information is necessary for the proper operation of the MOS, it is processed on the basis of Article 6(1)(f) of the GDPR.
The Controller may process Personal Data in connection with the right to assert or defend against claims under Article 6(1)(f) of the GDPR. For this purpose, the Controller may process the Personal Data until the expiry of the limitation period in accordance with the applicable legislation.
THE PERIOD FOR WHICH THE DATA WILL BE KEPT
Your personal data will be processed until the purpose for which it was collected has been fulfilled and in accordance with the legislation on archiving.
DATA SUBJECTS' RIGHTS
You have the following rights:
- a right to access your personal data and obtain a copy of it,
- a right to supplement or correct your personal data,
- a right to erase your personal data,
- a right to request the restriction in the processing of your personal data,
- a right to object to the processing of your personal data under art. 6(1)(e) of the GDPR.
THE RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
You also have the right to lodge a complaint with the data protection supervisory authority in the Member State of your habitual residence, place of work/employment or the place where the alleged breach has been committed.
In Poland, the supervisory authority is the Polish Data Protection Commissioner (President of the Personal Data Protection Office, UODO), ul. Stawki 2, 00 - 193 Warszawa.
INFORMATION ON THE VOLUNTARY OR OBLIGATORY NATURE OF PROVIDING THE PERSONAL DATA AND ON THE POSSIBLE CONSEQUENCES OF FAILING TO PROVIDE SUCH DATA
When registering (creating an Account), it is mandatory to provide the following Personal Data:
name and surname,
date of birth,
gender,
citizenship,
e-mail address.
Failure to provide the information indicated above will prevent registration in the MOS, as it is necessary for submitting an application through the MOS.
AUTOMATED DECISION-MAKING
No decisions will be made about you by automated means.
* Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR)