Enable Web Accessibility
 ELASTOMERY 2026

INFORMATION CLAUSE FOR THE CONFERENCE PARTICIPANT

INFORMATION CLAUSE FOR THE CONFERENCE PARTICIPANT
 

Pursuant to Articles 13(1) and (2) and Articles 14(1) and (2) of the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L 119 of 04.05.2016, p. 1, as amended) – hereinafter referred to as GDPR, we inform you that:

1. The personal data controller is:
Łukasiewicz Research Network – Institute of Polymer Materials with its registered office in Toruń at ul. Maria Skłodowska-Curie 55, (87-100 Toruń), using the abbreviated name "Łukasiewicz-IMPIB", which can be contacted:

  1. via email address: ;

  2. by mail to the registered office address: 87-100 Toruń, ul. Maria Skłodowska-Curie 55 or via the e-delivery box: AE:PL-69485-13407-CBVJH-24

  3. by phone: +48 (56) 650-00-44; fax number: +48 (56) 650-03-33, on weekdays between 7:00 AM and 3:00 PM.

    4.

2. Data Protection Officer contact details
The Controller has appointed a Data Protection Officer, who can be contacted via email: iod@impib.lukasiewicz.gov.pl or by mail to the Controller's address.
The Data Protection Officer can be contacted on all matters concerning the processing of personal data and the exercise of rights related to data processing.

3. Purposes and legal basis for processing
Your personal data will be processed based on:

  1. Article 6(1)(a) and (b) of the GDPR for the purpose of concluding and performing a contract – participation in the Elastomery 2026 Conference, after you have given your consent, i.e., accepted participation (paid or free) by completing the registration form for this conference;

  2. Article 6(1)(c) and (f) of the GDPR, for the purpose of fulfilling a legal obligation to which the Controller is subject (as a state legal entity – research institute), as indicated in particular in the Act of 21 February 2019 on the Łukasiewicz Research Network (Journal of Laws of 2024, item 925, as amended), the Act of 20 July 2018 Law on Higher Education and Science (Journal of Laws of 2024, item 1571, as amended), and the Act of 4 February 1994 on Copyright and Related Rights (Journal of Laws of 2025, item 24), and for the purpose of pursuing the Controller's legitimate interest in the form of asserting and defending against claims related to the contract;

  3. Article 6(1)(a) of the GDPR and Article 9(2)(a) of the GDPR, based on your consent. Consent is required when the right to process personal data does not arise directly from legal provisions, and you provide the Controller with more data on your own initiative than is necessary to handle your matter (so-called affirmative action).
    Providing personal data is voluntary, but necessary to participate in the Elastomery 2026 Conference organized by the Controller, which will be recorded using image and sound recording devices.
    If data is not provided, the aforementioned purpose cannot be achieved.
    Consent covers: (1) personal data specified in the registration form for participation in the Elastomery 2026 Conference; (2) data necessary for physical participation in this conference; (3) gratuitous dissemination of your image for informational and promotional purposes, in the form of photos and/or recordings, by publishing them on websites, social media, and other platforms (Article 81(1) of the Copyright and Related Rights Act).

    4.

4. Scope of personal data
In the case of:

  1. participants of the 19th International Conference ELASTOMERY 2026 invited to the Conference (standard participants, students/doctoral students, authors of publications /abstract and Book of abstract/, representatives of sponsors and organizers), it includes, in particular: first name(s), last name, title/scientific/professional degree, email address, contact phone number, position held, specialization, company/institution (affiliation), data necessary for issuing an invoice, in case of paid participation (full company/institution name, tax identification number (NIP), street and number, postal code, city and country), dietary preferences (standard, vegetarian, vegan, gluten-free, lactose-free) during participation in the optional gala dinner organized after the Conference, disability information, image;

  2. other Conference participants, it includes, in particular: first name(s) and last name, place of work and position, and image.

    3.

5. Recipients of data or categories of recipients of data
Your personal data may also be entrusted by the Controller to other entities for processing based on a personal data processing agreement or disclosed under the law. The scope of entrusted data is limited solely to the possibility of accessing this data in connection with the provided services, e.g., IT, OHS and Fire Protection, financial, insurance, marketing, auditing, courier and postal, personal and property protection, by entities with which the Controller cooperates. The processing of your data may only be entrusted if these entities ensure, using appropriate technical and organizational measures, adequate protection of your rights. These data recipients are bound by a confidentiality clause regarding any data obtained in such circumstances, including your personal data. Your personal data will be disclosed to the Controller's employees to the extent necessary for them to perform their duties and have the necessary authorizations. The Controller will disclose your personal data (to the extent and on the basis of authorization resulting from applicable law) to entities authorized to receive it under applicable law (e.g., courts, prosecution offices, Police, ABW, CBA, KAS, NIK, ZUS, etc.).

6. Data retention period
Your personal data will be processed until the purpose for which they were collected is fulfilled and as long as there is a basis for their processing, in accordance with the archiving period resulting from the internal regulations of the Controller developed on the basis of the Act of 14 July 1983 on the National Archives and Archives (Journal of Laws 2020, item 164, as amended), for the period necessary to establish and pursue claims or defend against them, in court, administrative, or other proceedings, both on our and your part, arising from the contract or law.

7. Rights of data subjects
In connection with the processing of your personal data by the Controller, you have the right:

  1. to access your personal data and to obtain a copy thereof, in accordance with Article 15 GDPR;

  2. to rectification and completion of data, in accordance with Article 16 GDPR;

  3. to erasure of data ("right to be forgotten"), in accordance with Article 17 GDPR;

  4. to restrict processing of data, in accordance with Article 18 GDPR;

  5. to be informed about the rectification or erasure of data or about the restriction of processing, in accordance with Article 19 GDPR;

  6. to data portability, in accordance with Article 20 GDPR;

  7. to object to the processing of your personal data, based on Article 6(1)(f) GDPR, including profiling, in accordance with Article 21 GDPR;

  8. to lodge a complaint with a supervisory authority, in accordance with Article 77 GDPR;

  9. to withdraw your consent to the processing of personal data, in accordance with Article 7 GDPR, to the extent that consent is the basis for such processing. Withdrawal of consent does not affect the lawfulness of processing carried out by the Controller before its withdrawal.

  10. The right referred to in Articles 15-16 and 18-21 of the GDPR is subject to limitations as described in Article 2 of the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws of 2019, item 1781) – i.e., in the case of editing, preparing, creating, or publishing press materials within the meaning of the Act of 26 January 1984 – Press Law (Journal of Laws of 2018, item 1914) and in the scope of literary or artistic activities or academic statements.

    11.

8. Profiling and automated decision-making
With regard to your personal data, we do not use automated decision-making in individual cases, including profiling, within the meaning of Articles 20 and 22 of the GDPR.

9. Information on the voluntary nature or obligation to provide data
Providing your personal data:

  1. is a requirement of the law on which the Controller operates; if you refuse to provide your data or provide incorrect data, the Controller will not be able to fulfill the purpose to which legal provisions oblige it;

  2. to the extent where consent is given, it is voluntary. Consent can be withdrawn at any time, however, withdrawal of consent does not affect the lawfulness of processing carried out on its basis before its withdrawal.

    3.

10. Source of data origin
Personal data has been obtained directly from you or from the entity you represent or with whom you cooperate.

11. Right to lodge a complaint with a supervisory authority
You also have the right to lodge a complaint with the supervisory authority – the President of the Personal Data Protection Office – at the address: 00-193 Warsaw, ul. Stawki 2, tel. 22 531 03 00, email: https://uodo.gov.pl/pl/p/kontakt – if you believe that the processing of your personal data violates the provisions of the General Data Protection Regulation – GDPR.

12. Information on the intention to transfer personal data to a recipient in a third country or international organization and on the finding or lack of finding by the European Commission of an adequate level of protection, or in the case of transfer referred to in Article 46, Article 47, or Article 49(1) second paragraph of the GDPR.
The transfer of your personal data to third countries is not currently practiced or planned by us, and therefore it will not be transferred to a third country (understood as a country outside the European Economic Area, EEA) or an international organization within the meaning of the GDPR, with the reservation that the Controller uses Microsoft 365 software and Active Directory to fulfill its purposes and tasks. Consequently, personal data is stored in the cloud, which may result in its transfer to a recipient in a third country. The regulations for the use of online services regarding Microsoft 365 and the commitments regarding the processing and security of user data and personal data by online services are specified in Microsoft's documentation, including in particular:

  • privacy statement – https://privacy.microsoft.com/pl-pl/privacystatement

  • Microsoft Services Agreement (MSA) – https://www.microsoft.com/pl-pl/servicesagreement/.
    Microsoft 365 complies with international standards for protection, as confirmed by the ISO/IEC 27001:2005 certificate. The service is also subject to regular audits. The service holds a certificate of compliance of its services with the cloud personal data protection standard ISO 27018, which means that data stored in the cloud will not be used for marketing purposes without the client's knowledge.

    •