Privacy Policy

Muzeum Rynek Staromiejski

Privacy Policy

I. General Provisions

1. This Privacy Policy defines how Users' personal data necessary for the provision of electronic services via the website www.muzeum-stargard.pl (hereinafter: the Service) is collected, processed, and stored.

2. The Service collects only the personal data necessary for the provision and development of the services offered within it.

3. Personal data collected through the Service is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter GDPR), as well as the Personal Data Protection Act of May 10, 2018.

II. Data Controller

The controller of personal data collected through the Service is the Archaeological and Historical Museum, located at Rynek Staromiejski 2-4, Stargard (postal code: 73-110), phone: +48 91 578 38 35, email: info@muzeum-stargard.pl (hereinafter: the Controller).

III. Purpose of Collecting Personal Data

Personal data collected through the contact form on our website is processed for the following purposes:
- Enabling communication with website users and responding to their inquiries, requests for information, or applications.
- Ensuring an appropriate level of customer service and technical support.
- The scope of personal data collected through the contact form includes: surname, email address, inquiry, and any additional voluntarily provided data such as a phone number and information included by the user in the message content.
- The legal basis for processing personal data is the user’s consent given when filling out the contact form (Article 6(1)(a) of the GDPR) or the legitimate interest of the data controller in responding to user inquiries (Article 6(1)(f) of the GDPR).
- Personal data will be stored for the period necessary to respond to the inquiry and for the period required by law.
- Personal data may be shared with third parties, such as IT service providers, solely to fulfill the above purposes and in accordance with applicable legal regulations.
- Users have the right to access their personal data, rectify it, delete it, restrict its processing, transfer data, and object to data processing.

We take all necessary measures to protect users' personal data from unauthorized access, disclosure, alteration, or destruction by implementing appropriate technical and organizational safeguards.

IV. Type of Processed Personal Data

The Controller may process the User’s standard personal data, such as name, email address, and phone number.

V. Period of Personal Data Processing

Users' personal data is processed until consent is withdrawn. After withdrawal, the data will be retained until the expiration of claims or until an effective objection to data processing is submitted in cases where the legal basis for processing is the Controller’s legitimate interest.

In both cases, the limitation period is 6 years, while for claims related to periodic benefits and business activities, it is 3 years (unless a specific legal provision states otherwise).

VI. Sharing of Personal Data

1. Users' personal data will be disclosed to external entities, including, in particular, IT service providers, to ensure the proper functioning of the Service.

2. Users' personal data will not/will be transferred outside the European Economic Area (EEA).

VII. Users' Rights

1. A User of the Service has the right to: access their personal data, rectify it, delete it, restrict its processing, object to its processing, and withdraw consent at any time (withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal).

2. A request to exercise any of these rights should be sent to info@muzeum-stargard.pl.

3. The Controller will fulfill or refuse the request without delay—within a maximum of one month from its receipt.

4. The User has the right to file a complaint with the President of the Personal Data Protection Office if they believe that the processing of their data violates their rights and freedoms (GDPR).

VIII. Cookies

1. Our website uses cookies to improve service quality and analyze website traffic. Below is a detailed list of cookies used by Google Analytics:

_ga: - Used to distinguish users. Default expiration time: 2 years.

_gid: - Used to distinguish users. Default expiration time: 24 hours.

_gat: - Used to limit the number of requests. Default expiration time: 1 minute.

2. Users can manage cookies through their web browser settings. They can also consent to or refuse the use of cookies by adjusting their browser settings accordingly.

3. How to manage cookies:

Most web browsers allow users to control cookies through browser settings. You can configure your browser to block cookies or notify you when they are being used. However, please note that disabling cookies may affect the functionality of our website.

For more information on managing cookies, visit the help section of your web browser.

IX. Automated Decision-Making and Profiling

1. Users' data will not be processed in an automated manner that could result in any decisions affecting them.

2. Users' data may be subject to profiling to tailor content and personalize offers, but only after they have given their consent.

X. Final Provisions

1. The Controller reserves the right to make changes to the Privacy Policy, provided that Users' rights will not be restricted.

2. Information about any changes will be made available as a notice on the Service.

3. In matters not regulated by this Privacy Policy, the provisions of the GDPR and Polish law shall apply.



Data Protection Officer: Damian Szmit – iod@data.pl