Information on the processing of personal data (GDPR)



Carrying out the information obligation pursuant to art. 13 section 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC, hereinafter referred to as : GDPR, I am informing you that:

  1. The administrator of your personal data is the AGH University of Science and Technology,  al. A. Mickiewicza 30, 30-059 Kraków;
  2. Contact with Data Protection Offices at the AGH University of Science and Technology: mgr Tomasz Józefko, e-mail: iodo[at][dot]pl, tel.: 12 617 53 25;
  3. The following personal data are the subject of processing: name and surname, PESEL number, contact details, place of employment or study;
  4. Legal basis for processing:
      a. Act of 20 July 2018 – Prawo o szkolnictwie wyższym i nauce (Dz.U. of 2018, item 1668) – art. 49 point. 2*;
      b. AGH statute of 26 June 2019 – §38 point 5**;
  5. The recipient of your personal data will be employees of the AGH University Main Library and branch libraries (when the application for the creation or activation of a library account concerns a combined account for the Main Library and a branch library). The recipient of your personal data will also be other employees authorized by the AGH University to carry out activities related to the pursuit of possible claims in the event of failure to settle the obligations of the reader in relation to the Main Library or a branch library;
  6. Your personal data will be processed by the Administrator for the purpose of identification and contact (notification of the availability of ordered and reserved books, monitoring in the event of exceeding the deadline for returning books, contacting in matters related to the proper implementation of library services), for training purposes, as well as in the purpose of possible redress in the event of non-payment of the reader's obligations towards the Main Library or a branch library;
  7. Your personal data will be processed for a period of 6 years from the date of the last activation of the library account or until you submit a request to delete the data. This period may be extended if the reader's obligations towards the Main Library or a branch library are not settled while the claims are being made;
  8. You have the right to request the Administrator to enable you to access your data, the right to rectify it and the right to have it deleted;
  9. You have the right to lodge a complaint with the President of the Personal Data Protection Office if you feel that the processing of your personal data violates the provisions of the GDPR;
  10. Your personal data will be partially processed in an automated manner, but will not be processed in the form of profiling;
  11. Providing by you the data specified in point 3 is voluntary, but it is a prerequisite for using the services of the Main Library and branch libraries and does not require an additional consent.

* Art. 49 point 2 of the Act of 20 July 2018 – Prawo o szkolnictwie wyższym i nauce: „W uczelni działa system biblioteczno-informacyjny, którego podstawę stanowi biblioteka. Uczelnia może przetwarzać określone w jej statucie dane osobowe osób korzystających z tego systemu”. (The university has a library and information system which basis is the library. The university may process personal data of persons using this system, specified in its statute. 

** §38

5 The university processes the personal data of people using the library and information system in the scope of: name and surname, Pesel number, home address, information about the place of study, education or employment, contact details including phone number and e-mail address, library card number..