Skip to main content
Innoglobal
Welcome to Innoglobal Cluster

Privacy Policy o Global Innovation Cluster sp z o.o.

Updated: 21.03.2025

§ 1: General Provisions

  1. This privacy policy for the website innoglobal.org, hereinafter referred to as the "Privacy Policy", is informational in nature, which means it does not create obligations for individuals who provide their personal data (hereinafter referred to as "Users").

  2. The controller of personal data collected via the website innoglobal.org is Global Innovation Cluster Sp. z o.o. with its registered office in Warsaw, Plac Konesera 2, 03-736 Warsaw, entered into the Register of Entrepreneurs of the National Court Register under KRS number: 0000987654, NIP (Tax Identification Number): 1234567890, REGON (National Business Registry Number): 987654321; email address: communication@innoglobal.org – hereinafter referred to as the "Data Controller".

  3. Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter "GDPR"), the Act of 10 May 2018 on the Protection of Personal Data, and the Act of 18 July 2002 on Providing Services by Electronic Means.

  4. The Data Controller takes special care to protect the interests of data subjects, and, in particular, ensures that the data is:

    • processed lawfully, fairly, and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

    • collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);

    • adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

    • accurate and, where necessary, kept up to date; the Controller takes every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

    • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);

    • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

  5. The Data Controller operates in the deep-tech sector, supporting startups and technology companies in their development in Poland, particularly in the bio-tech, med-tech, robotics, AI, and ed-tech industries. As part of its activities, the Cluster organizes events, supports networking, conducts educational and promotional activities, and manages relationships with Cluster Members and Partners.

§ 2: Method of Collecting Personal Data on the Website

  1. Users' personal data is collected on the innoglobal.org website in the following ways:

    • Through the provision of personal data in contact forms, including in connection with the desire to participate in Global Innovation Cluster projects.

    • Through direct email contact at communication@innoglobal.org.

    • Through registration for events organized by the Data Controller.

    • Through signing up for the newsletter to receive marketing information.

    • Through the collection of data via cookies and other analytical technologies placed on the User's device, provided the User consents to the use of such technologies.

  2. Providing personal data through forms is voluntary; however, failure to provide data indicated as necessary prevents the processing of the request regarding participation in Cluster projects, responding to an inquiry, registering for an event, or sending the newsletter.

  3. The Data Controller may also collect personal data within the framework of cooperation with Cluster Members and Partners.

§ 3: Information on the Scope of Personal Data Processing

  1. Information on the type of data collected, the purposes of processing, and the legal basis for processing User data is contained in the table below:

Type of data

Purpose of processing

Legal basis

First name and surname, company name, email address, phone number, delivery address (optional), other data provided in the form

Performance of activities related to the request for participation in Global Innovation Cluster projects

Art. 6(1)(b) GDPR (performance of a contract or taking steps prior to entering into a contract)

First name and surname, company name, email address, phone number, billing information

Fulfilment of legal obligations incumbent on the Controller, including issuing and storing invoices and accounting documents

Art. 6(1)(c) GDPR (legal obligation)

First name and surname, company name, email address, phone number

Establishment, defense, or pursuit of claims

Art. 6(1)(f) GDPR (legitimate interest of the Controller)

Data provided in contact forms or correspondence

Responding to questions contained in the contact form or correspondence

Art. 6(1)(f) GDPR (legitimate interest of the Controller)

Email address

Direct marketing

Art. 6(1)(a) GDPR (User's consent)

Analytical data

Statistical analysis and website optimization

Art. 6(1)(a) GDPR (consent for cookies)

  1. Data recipients: Personal data may be shared for the purpose of processing requests for participation in Cluster projects, responding to inquiries, organizing events, or concluding contracts, with the following categories of entities:

    • Postal operators and courier companies.

    • Payment intermediaries.

    • Providers of IT or programming services, including hosting services, website support, tools, and scripts used on the site.

    • Entities providing legal, tax, or accounting services to the Data Controller.

    • Cluster Partners as part of cooperation on technology projects or events, solely to the extent necessary to carry out joint activities.

  2. Data retention period: Personal data will be processed for the period necessary to achieve the purpose, including:

    • Until consent is withdrawn – in the case of processing for marketing purposes.

    • Analytical data is stored for the period indicated in the settings of the analytical tools.

§ 4: Cookies and Operational Data

  1. Cookies are small pieces of text information in the form of text files, sent by a server and saved on the side of the website User (e.g., on the hard drive of a computer, laptop, or smartphone's memory card – depending on the device used).

  2. The Data Controller may process data contained in cookies when Users use the website for the following purposes:

    • Adapting the website content to the User's individual preferences.

    • Optimizing the use of the website.

    • Conducting anonymous statistics showing how the website is used (using Zoho and Google Analytics).

  3. The Data Controller uses the following analytical tools:

    • Google Analytics: Used for analyzing website traffic and User behavior.

    • Zoho: Used for data analysis within user relationship management.

  4. By default, most web browsers accept the saving of cookies. The User has the ability to define the conditions for using cookies through their own browser settings, including partially or completely disabling the saving of cookies. However, disabling cookies may affect some functionalities of the website.

  5. Browser settings regarding cookies are important from the perspective of consent for their use – according to regulations, such consent can be expressed through browser settings. If consent is not given, the User should change their browser settings accordingly.

  6. The Data Controller also processes anonymized operational data related to the use of the website (e.g., IP address, domain) to generate statistics helpful in administering the site. This data is aggregate and anonymous, i.e., it does not contain features identifying persons visiting the site and is not disclosed to third parties.

  7. Detailed information about the cookies used, including the possibility of managing consents, can be found in the [document/tool available on the website].

§ 5: Rights of Data Subjects

  1. Every person whose personal data is processed by the Data Controller has the following rights:

Right

Legal basis

Essence of the right

Right of access to data

Art. 15 GDPR

The User has the right to obtain confirmation as to whether their data is being processed, and access to information about the processing.

Right to rectification

Art. 16 GDPR

The User has the right to request the rectification of inaccurate data or completion of incomplete data.

Right to erasure ('right to be forgotten')

Art. 17 GDPR

The User has the right to request the erasure of data if it is no longer necessary for the purposes for which it was collected, or in other cases provided for by the GDPR.

Right to restriction of processing

Art. 18 GDPR

The User has the right to request the restriction of data processing in specific cases.

Right to data portability

Art. 20 GDPR

The User has the right to receive their data in a structured, commonly used and readable format and to transmit it to another controller.

Right to object

Art. 21 GDPR

The User has the right to object to the processing of data based on the legitimate interest of the Controller.

2. If data is processed based on consent, the User has the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

3. To exercise the above rights, the User may contact the Data Controller by sending a message to the email address: communication@innoglobal.org or in writing to the Data Controller's registered office address: Global Innovation Cluster Sp. z o.o., Plac Konesera 2, 03-736 Warsaw.

§ 6: Objection to Data Processing for Marketing Purposes

  1. Where personal data is processed for direct marketing purposes, the User has the right to object at any time to such processing. Upon objection, the Controller will cease processing data for this purpose.

  2. The User can withdraw consent to receive the newsletter by clicking the 'Unsubscribe' link found in every email message or by contacting the Controller at communication@innoglobal.org.

§ 7: Security Measures

  1. The Data Controller applies technical and organizational measures ensuring the protection of processed personal data, appropriate to the risks and category of data being protected, including:

    • Encryption of data transmitted electronically.

    • Securing data sets against unauthorized access.

    • Regular updates of software and IT systems.

    • Staff training in the field of personal data protection.

  2. The Data Controller ensures that access to personal data is granted only to authorized persons who have been appropriately trained and are obliged to maintain confidentiality.

§ 8: Final Provisions

  1. The innoglobal.org website may contain links to other websites. The Data Controller recommends that upon navigating to other websites, users familiarize themselves with the privacy policies established there. This Privacy Policy applies solely to the innoglobal.org website.

  2. If it is considered that personal data is processed unlawfully, the User has the right to lodge a complaint with the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych).

  3. The Data Controller reserves the right to introduce changes to the Privacy Policy. Changes come into effect upon their publication on the innoglobal.org website.