Privacy Policy Sano-Centre for Computational Personalised Medicine International Research Foundation

Table of contents:

3. Principles of personal data processing. 3

4. Types of personal data processed. 3

5. Purpose of personal data processing. 4

6. Legal bases for the processing of personal data**. 4

7. Sharing of personal data. 4

8. Users’ rights. 4

9. Security Measures. 6

10. Contact. 6

11. Changes to the Privacy Policy. 6

12. Information clauses database. 6

13. Cookie Policy. 6

1. Policy objective

This Privacy Policy aims to explain how we process and protect the personal data of our website visitors, in accordance with the provisions of the GDPR. We want to ensure that any personal data you provide to us is secure and processed in accordance with the highest standards of data protection.

The purpose of this policy is to:

– Informing users about what personal data is collected when they use our website.

– Explaining how and why we process this data.

– To present your rights in relation to your personal data.

– Describe the security measures we have in place to protect your personal information.

– To ensure that the processing of personal data is carried out in accordance with applicable law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)

– indication of specific requirements for data processing in connection with cookies.

Are you a Sano Contractor, or maybe a conference participant or representatives of an entity that is starting scientific cooperation with Sano? Detailed information can be found in the Clause Database.

2. Definitions

To make this Privacy Policy easier to understand, the following are the key definitions:

– **Personal Data Controller**: Means the entity which, alone or jointly with others, determines the purposes and means of the processing of personal data. In the context of this policy, the Controller of personal data is Sano – Centre for Computational Personalised Medicine – International Research Foundation, 35/ C5 Czarnowiejska Street, 30-054 Kraków, entered into the Register of Entrepreneurs and the Register of Associations, other social and professional organisations, foundations and independent public health care institutions of the National Court Register by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under KRS 0000797490, NIP 6772446472, REGON: 384298430;, hereinafter referred to as “Sano”

– **Personal Data**: Means information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

– **Processing**: Means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

– **Processor**: Means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

– **Consent**: Means the freely given, specific, informed and unambiguous indication of the data subject’s wishes, by which he or she consents, by a statement or by a clear affirmative action, to the processing of personal data concerning him/her.

Detailed information on the processing of personal data can be found in the text of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), which is called GDPR for short. The full text of the GDPR can be found at https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng

3. Principles of personal data processing

We use the following principles for processing personal data to ensure compliance with the law and to protect your privacy:

– **Lawfulness, fairness and transparency**: We process personal data in a lawful, fair and transparent manner for the data subject. We inform you about the ways in which your data is processed and your rights.

– **Purpose Limitation**: We collect personal data for clearly defined and legitimate purposes and then do not process it in a manner that is incompatible with those purposes. Examples of purposes are to provide services, communicate with users, marketing (with users’ consent) and analyse website traffic.

– **Data minimization**: We only process data that is adequate, relevant and limited to what is necessary to fulfill the purposes for which it is processed. We do not collect redundant data.

– **Accuracy of data**: We make sure that personal data is accurate and updated where necessary. Users have the right to request the rectification of incorrect data.

– **Storage limitation**: We store personal data in a form that permits identification of the data subjects for no longer than is necessary for the purposes for which the data is processed. After this time, the data is deleted or anonymized.

– **Integrity and confidentiality**: We process personal data in a manner that ensures appropriate data security, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical or organisational measures.

– **Accountability**: We are able to demonstrate compliance with the principles described above, which means maintaining appropriate documentation and records of the processing of personal data.

4. Types of personal data processed

As part of your use of our website, we may collect and process the following categories of personal data:

– **Contact information**: Name, surname, email address, phone number – collected when registering, filling out contact forms or subscribing to the newsletter.

– **Data collected automatically**: IP address, browser type, device type, time of visit, pages visited – collected through cookies and other analytical tools. This data helps us to better understand how users use our website, which allows us to optimize it.

– **Payment related data**: If our services involve financial transactions, we may process information necessary to complete those transactions, such as your credit card number or other payment details. This data is processed in accordance with the highest security standards.

– **Website activity data**: Information about your activity on our website, such as clicks, time spent on different pages, search history. The collection and processing of the above data is aimed at enabling the effective provision of services, improving the quality of service, adapting the offer to the individual needs of users and ensuring the safety of using our website. If you have any further questions or concerns regarding the processing of your personal data, please contact us at: iod@sanocience.org

5. Purpose of personal data processing

– **Provision of services**: To enable you to use our services and website functionality.

– **Communication**: Responding to inquiries and contacting users. – **Marketing**: To send you information about our services and offers, with your consent.

– **Analytics**: Analyzing website activity to improve it.

6. Legal bases for the processing of personal data**

The processing of personal data is carried out on the basis of:

– User consents.

– Contract performance.

– Legal obligations.

– The legitimate interests of the data controller.

7. Sharing of personal data

We do not share personal data with other entities, except when it is necessary to fulfill the purposes of the processing or required by law. Szcz

8. Users’ rights

a. Access to personal information

Users have the right to access their personal data processed by the Controller. This means that you can:

Ask for information about what personal data the controller processes about them, including:

Categories of personal data processed
Purposes of data processing
Recipients of personal data
Period of storage of personal data
Your rights
Possibility to lodge a complaint with the supervisory authority
Obtain a copy of your personal data.
Be informed of any changes in the processing of your personal data.

To exercise the right to access personal data, the user may contact the data controller using the contact details provided in the security policy.

b. Rectification of data

Users have the right to request the rectification of incorrect personal data. This means that you can:

Request correction of inaccurate personal information.
Complete incomplete personal information.
The data controller should immediately rectify incorrect personal data.

c. Deletion of data (right to be forgotten)

Users have the right to request the deletion of their personal data. This means that you can:

Request that we delete your personal data where there are no longer any grounds for us to process it.
Request the deletion of your personal data if it is processed by the controller for marketing purposes.
Request the deletion of your personal data, if it is processed by the controller based on their consent.

The data controller is not obliged to delete personal data if their processing is necessary for:

Comply with legal obligations.
Protection of the rights of others.
Implementation of public objectives in the field of public health.

d.Restriction of data processing

Users have the right to request the restriction of the processing of their personal data. This means that you can:

Request the restriction of the processing of your personal data until your request for rectification, erasure or objection to the processing of your data has been dealt with.
Request the restriction of processing of your personal data where the processing is unlawful.

The data controller should immediately restrict the processing of personal data.

e Data transfer

Users have the right to request the transfer of their personal data to another controller. This means that you can:

Obtain your personal data in a structured, commonly used and machine-readable form.
Transfer your personal data to another controller.

The controller should immediately transfer the personal data to another controller, if this is technically feasible.

f. Objection to data processing

Users have the right to object to the processing of their personal data for marketing purposes. This means that you can:

Prohibit the controller from processing their personal data for marketing purposes.
Prohibit the controller from processing their personal data for the purpose of creating profiles.

The Data Controller should immediately stop processing personal data for marketing purposes after the user objects.

Please note that the above information is only a general overview of your rights. Detailed information on your rights in relation to the processing of your personal data can be found in the GDPR (https://eur-lex.europa.eu/legal-content/PL/TXT/?uri=celex%3A32016R0679).

9. Security Measures

We use appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, destruction or damage.

10. Contact

If you have any questions regarding the processing of your personal data, please contact us at: [iod@sanoscience.orgl].

11. Changes to the Privacy Policy

We reserve the right to make changes to this Privacy Policy. Any changes will be posted on this page.

12. Information clauses database

Sano has prepared detailed information on personal data depending on the type of legal relationship in which your personal data is processed. More detailed information can be found at (link)

13. Cookie Policy

This Cookie Policy (the “Policy”) sets out the rules regarding cookies and similar technologies (“Cookies”) used on Sano’s website available at https://sano.science (the “Website”).

1. What are cookies?

Cookies are small text files that are stored on your end device (e.g. computer, smartphone) when you visit the Website. They contain information about your visit to the Website, such as:

Your device’s IP address
date and time of the visit,
the subpages you have visited,
searches you have performed,
web browser and operating system used.

Cookies can be used for a variety of purposes, including:

ensure the proper functioning of the Website,
analysis of traffic on the Website,
Deliver targeted advertising
remember your preferences,
Facilitate sign-in.

2. What cookies do we use?

We use the following types of cookies on the Website:

Our website uses cookies to ensure proper operation, optimize performance, analyze traffic and protect against spam. Below you will find detailed information about the cookies used, their functions and the storage period.

a. Functional cookies

These cookies are necessary for the proper functioning of certain functions on the website, such as contact forms or integrations with external services.

Contact Form 7

wp-contact-form-7_ – saves the status of the contact form submission.

Purpose: Informs the user when a message is sent successfully or unsuccessfully.
Storage period: Session (deleted when the browser is closed).
Legal basis: Necessary for the operation of the website (Article 6(1)(f) of the GDPR).

WP Rocket

wpr_logged_in – Detects if a user is logged in to exclude them from the cache.

wpr_cache – stores cache data to speed up page loading.

Goal: Optimize performance and reduce page load times.
Storage period: Up to 1 month.
Legal basis: Your consent (Art. 6 (1) (a) GDPR).

b. Analytics cookies

Analytics cookies help us understand how users use our website so that we can optimise it.

Yoast SEO and Yoast SEO Premium

yst_last_seen – saves the date of the user’s last visit to the website.

yst_last_sitemap_load – stores information about the last time the sitemap was loaded by the user.

Goal: Analyze website traffic and improve search engine indexing.
Shelf life: 30 days.
Legal basis: Your consent (Art. 6 (1) (a) GDPR).

c. Marketing cookies

Marketing cookies allow you to track your actions in order to personalize marketing content and integrate with external tools.

Contact Form 7 Extension for Mailchimp

mailchimp_landing_site – saves the page on which the user subscribed to the newsletter.

AVESTA_ENVIRONMENT – identifies the Mailchimp environment.

Goal: Integrate contact forms with Mailchimp and personalize marketing content.
Shelf life: Up to 1 year.
Legal basis: Your consent (Art. 6 (1) (a) GDPR).

d. Security cookies

Security cookies help us protect the website from spam and malicious traffic.

reCAPTCHA v2 for Contact Form 7 (Google reCAPTCHA)

rc::a, rc::b, rc::c – used by Google to distinguish humans from bots.

Goal: Prevent spam in contact forms.
Storage period: Permanent (up to 6 months).
Legal basis: Your consent (Art. 6 (1) (a) GDPR).

Data Sharing: Google LLC, USA (in accordance with Google’s privacy policy)

3. Consent to the installation of cookies

When you first visit our website, you will see a banner informing you about the use of cookies. By clicking on the “Accept” option, you accept all cookies used on our website, as well as confirm that you have read the information about their purposes and the cases in which the collected data is transferred to our partners.

Please note that in the case of cookies necessary for the proper functioning of the website, the user’s consent is not required. These files ensure the stability and full functionality of the website and are exempt from the obligation to obtain consent in accordance with the provisions of the Electronic Communications Law.

The full text of the act can be found https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20240001221

4. Not allowing cookies to be installed

If you do not agree to the storage of cookies on your device, you can select the “Reject” option. By choosing this option, you will block all cookies except those that are necessary for the website to function properly.

6. Managing cookie settings

You can adjust your cookie preferences by selecting “View Options” on the cookie banner that appears. This option allows you to specify in detail which categories of cookies you want to be active.

7. Managing cookies

Most web browsers allow you to control cookies. You:

disable all cookies,
disable only certain types of cookies,
select websites on which cookies may be stored,
delete stored cookies.

The way you manage cookies varies depending on the web browser you use. For more information on how to manage cookies, please refer to the user manual of your web browser.

8. Changes to the Policy

This Policy may change in the future. We will inform you of any change to the Policy on the Website.

9. Contact

If you have questions about this Policy, please contact us at [iod@sanoscince.org].

10. Additional Information

You can find more information about cookies on websites such as: https://pl.wikipedia.org/wiki/HTTP_cookie

This Cookie Policy (hereinafter “Policy”) sets out the rules regarding cookies and similar technologies (“Cookies”) used on Sano’s website accessible at https://sano.science

– **Personal Data Controller**: Means the entity which, alone or jointly with others, determines the purposes and means of the processing of personal data. In the context of this policy, the Controller of personal data is Sano – Centre for Computational Personalised Medicine – International Research Foundation, 35/ C5 Czarnowiejska Street, 30-054 Kraków, entered into the Register of Entrepreneurs and the Register of Associations, other social and professional organisations, foundations and independent public health care institutions of the National Court Register by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under KRS 0000797490, NIP 6772446472, REGON: 384298430;, hereinafter referred to as “Sano”

– **Processor**: Means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

1. What are cookies?

Cookies are small text files that are stored on your end device (e.g. computer, smartphone) when you visit the Website. They contain information about your visit to the Website, such as:

• Your device’s IP address

• date and time of the visit,

• the subpages you have visited,

• searches you have performed,

• web browser and operating system used.

Cookies can be used for a variety of purposes, including:

• ensure the proper functioning of the Website,

• analysis of traffic on the Website,

• Deliver targeted advertising

• remember your preferences,

• Facilitate sign-in.

2. What cookies do we use?

We use the following types of cookies on the Website: Our website uses cookies to ensure proper operation, to optimize performance, to analyse traffic and to protect against spam. Below you will find detailed information about the cookies used, their functions and the storage period.

a. Functional cookies

These cookies are essential for certain features on the website to function properly, such as managing cookie consent.

moove_gdpr_popup – saves information about the user’s consent to the use of cookies.

• Purpose: Informs about the user’s consent to the use of cookies on the website.

• Storage period: 1 year.

• Legal basis: Necessary for the operation of the website (Article 6(1)(f) of the GDPR).

b. Analytics cookies

Analytics cookies help us understand how users use our website so that we can optimise it.

_ga – saves a unique user ID for traffic analysis.

• Objective: Analysis of website traffic.

• Shelf life: 2 years.

• Legal basis: Your consent (Art. 6 (1) (a) GDPR).

_gid – saves a unique user ID for traffic analysis.

• Objective: Analysis of website traffic.

• Shelf life: 24 hours.

• Legal basis: Your consent (Art. 6 (1) (a) GDPR).

c. Marketing cookies

Marketing cookies allow you to track your actions in order to personalize marketing content and integrate with external tools.

_fbp – saves a unique user ID to personalize ads.

• Purpose: Personalization of marketing content.

• Shelf life: 3 months.

• Legal basis: Your consent (Art. 6 (1) (a) GDPR).

_gcl_au – saves a unique user identifier to personalize ads.

• Purpose: Personalization of marketing content.

• Shelf life: 3 months.

• Legal basis: Your consent (Art. 6 (1) (a) GDPR).

3. Consent to the installation of cookies

The full text of the act can be found https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20240001221

4. Not allowing cookies to be installed

6. Managing cookie settings

7. Managing cookies

Most web browsers allow you to control cookies. You:

• disable all cookies,

• disable only certain types of cookies,

• select websites on which cookies may be stored,

• delete stored cookies.

The way you manage cookies varies depending on the web browser you use. For more information on how to manage cookies, please refer to the user manual of your web browser.

8. Changes to the Policy

This Policy may change in the future. We will inform you of any change to the Policy on the Website.

9. Contact

If you have questions about this Policy, please contact us at [iod@sanoscince.org].

10. Additional Information

You can find more information about cookies on websites such as:

https://pl.wikipedia.org/wiki/HTTP_cookie

Privacy Policy

1. Policy objective

2. Definitions

3. Principles of personal data processing

4. Types of personal data processed

5. Purpose of personal data processing

6. Legal bases for the processing of personal data**

7. Sharing of personal data

8. Users’ rights

9. Security Measures

10. Contact

11. Changes to the Privacy Policy

12. Information clauses database

13. Cookie Policy

Polityka prywatności i Ciasteczka

Subscribe to our Newsletter