This Privacy Policy aims to provide information about the processing of personal data in connection with the use of the website X National Symposium and Workshops EUS & Endo Live 2025 https://endoeus.conf.medvc.eu/, owned by the Organizer, in fulfillment of information obligations in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR").

This Privacy Policy applies to all cases where personal data of Users of the Website or Participants of the Event are processed and includes data processing by the Organizer and by the Organizer acting as a data processor.

§ 1 DEFINITIONS

Within this Privacy Policy, the following definitions are introduced:

  1. Personal Data Administrator or Organizer - medVC.eu sp. z o.o. based in Poznań, registered in the Register of Entrepreneurs of the National Court Register under the number KRS 0000606384, whose registration files are kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register, NIP: 7792440757, REGON: 363969151, being the organizer of the Event;
  2. Website – the website at https://endoeus.conf.medvc.eu/, owned by the Organizer;
  3. Event – the X National Symposium and Workshops EUS & Endo Live 2025 conference/broadcast organized online by the Organizer via the Website;
  4. Event Participant – an individual or legal entity who has registered for the Event, declaring the intent to participate;
  5. User – any person using the Website.

§ 2 PERSONAL DATA ADMINISTRATOR

  1. The Personal Data Administrator within the meaning of Art. 4 point 7 of the GDPR is medVC.eu sp. z o.o. based in Poznań, registered in the Register of Entrepreneurs of the National Court Register under the number KRS 0000606384, whose registration files are kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, VIII Commercial Division of the National Court Register, NIP: 7792440757, REGON: 363969151, being the organizer of the Event and the owner of the Website;
  2. For all matters related to the processing of personal data by the Personal Data Administrator and related to the protection of such data, please contact the Administrator via email or telephone.

§ 3 PROCESSING OF PERSONAL DATA

  1. In connection with participation in the Event, the Administrator processes the following personal data of Event Participants:
    1. first and last name;
    2. email address;
    3. residential address, company name, tax identification number (NIP), bank account number, data regarding the payment made for participation in the Event—in specific cases where providing this data is necessary for making the payment and participating in the Event.
  2. The Administrator also processes, for technical purposes related to the servers on which the Website is maintained and for statistical purposes, data such as:
    1. IP address of the person visiting the Website;
    2. data regarding the use of the Website and participation in the Event, such as User activity on the Website, time of participation in the Event, time spent using the Website.
  3. Personal data are processed by the Administrator for the purpose of:
    1. registering the User for the Event;
    2. issuing an invoice for the fee paid for participating in the Event for which the Participant registered;
    3. providing the Event Participant with a login and password authorizing access to the conference platform;
    4. technical support of the Event;
    5. preparing a certificate confirming participation in the Event;
    6. responding to inquiries sent via email and conducting further correspondence and other actions in this matter;
    7. promoting other events organized by the Administrator or institutions with which it cooperates.
  4. Providing personal data by Event Participants is voluntary, but failure to provide them may prevent participation in the Event. Personal data of Event Participants may be collected directly by the Personal Data Administrator or by the Organizer on behalf of the Personal Data Administrator, via the registration form available on the site https://endoeus.conf.medvc.eu/. The legal basis for the Administrator's processing of personal data is:
    1. Art. 6(1)(a) GDPR – the data subject's consent to the processing (particularly concerning marketing and promotional activities);
    2. Art. 6(1)(b) GDPR – processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract (particularly to enable the Participant to participate in the Event, register for the Event, process payments, issue a participation certificate);
    3. Art. 6(1)(c) GDPR – processing is necessary for compliance with a legal obligation to which the Administrator is subject (particularly processing data necessary to fulfill the Organizer's tax and accounting obligations);
    4. Art. 6(1)(f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the Administrator (particularly concerning the pursuit of claims and defense against claims, conducting direct marketing).
  5. The recipient of the personal data of Users and Event Participants is the Organizer, who processes personal data received from the Administrator or directly from the data subjects (particularly via the registration system/registration form) in connection with the realization and technical support of the Event, based on a data processing agreement concluded with the Administrator, in accordance with applicable GDPR regulations. The Administrator provides the Technological Partner only with the personal data necessary for the realization and support of the Event.
  6. The Organizer, as a data processor responsible for the technical support of the Event, processes personal data only within the scope defined by the data processing agreement and to fulfill the contract concluded with the Organizer. In situations where the Organizer separately requests a User or Event Participant to consent to the provision of commercial information and conduct promotional activities, it becomes a separate data controller and will independently fulfill the associated information obligations towards such a person.
  7. Personal data are generally processed by the Administrator or Organizer for the duration of the Event for which the User registered, and after that period, as long as there is a justified legal interest of the Administrator that is the basis for data processing or until the person whose data is concerned objects to the data processing or withdraws the given consent if the data were processed on that basis and there is no other legal basis for processing. Personal data may be processed for a longer period if such an obligation results from applicable law, particularly tax or accounting obligations.
  8. Personal data may be transferred to entities and state bodies authorized to receive such data under the law, as well as to third parties to the extent necessary for the realization of the Event. In particular, recipients of personal data may include, besides the Technological Partner:
    1. entities providing accounting or legal services to the Administrator or Organizer;
    2. banks and payment operators;
    3. entities cooperating with the Organizer or Technological Partner in organizing the Event;
    4. entities providing hosting services to the Data Administrator or Organizer;
    5. Google LLC—regarding the IP address of the User or Event Participant, transmitted in an anonymized (encrypted) form for statistics generation purposes.
  9. Personal data will not be transferred to third countries. The Administrator declares that data transferred to Google LLC, whose servers may be located in third countries, will include only anonymized data that does not allow the identification of the User or Event Participant. In situations where personal data would be transferred to third countries, the Administrator will make such a transfer only to entities that guarantee the processing of personal data in compliance with GDPR regulations. In particular, if an entity is headquartered in a country not covered by a European Commission decision on ensuring an adequate level of personal data protection compliant with EEA standards, the Administrator will enter into data processing agreements containing standard contractual clauses issued by the European Commission with these entities.
  10. Personal data may be processed automatically but are not profiled and are not used to make decisions that would have legal effects for the User or Event Participant or otherwise significantly affect their situation.

§ 4 RIGHTS OF DATA SUBJECTS

  1. Users and Event Participants have, in particular, the following rights under GDPR:
    1. the right to information about the processing of personal data;
    2. the right to obtain a copy of personal data;
    3. the right to object to the processing of personal data;
    4. the right to request the deletion of personal data;
    5. the right to rectify or change personal data;
    6. the right to data portability;
    7. the right to restrict processing;
    8. the right to withdraw consent to the processing of personal data;
      These rights can be exercised by contacting the Administrator using the contact details provided in § 1 point 2 of this Privacy Policy.
  2. Every person whose data is processed has the right to lodge a complaint with the supervisory authority—the President of the Personal Data Protection Office at the address: ul. Stawki 2, 00-193 Warsaw.

§ 5 SECURITY OF PERSONAL DATA PROCESSING

  1. The Administrator and Organizer process personal data with the utmost care and in compliance with applicable laws, particularly GDPR, and in a way that secures access to personal data by unauthorized persons, using technical, programming, and organizational security methods.
  2. The Administrator limits the collection and use of personal data of Users and Event Participants to the necessary minimum.
  3. The Administrator transfers personal data to the Technological Partner and other third parties based on concluded agreements, particularly data processing agreements that meet the requirements specified in GDPR regulations.

§ 6 COOKIES

  1. To a limited extent, the Personal Data Administrator or Organizer acting on behalf of the Personal Data Administrator may collect personal data automatically via cookies associated with the Website.
  2. Cookies are IT data, especially small text files saved on the User's computer or other mobile device when they use websites, in which the User's settings are stored. These files are used, among others, to use various functions provided on a given website or to confirm that a given user has seen specific content from a particular website. Cookies are created by the User's web browser each time they use the Website and usually contain the name of the website they come from, the time they are stored on the end device, and a unique number. Some of them may remain on the device after closing the browser. On the next visit from the same device, the browser can check if a corresponding cookie is saved on the device and send the data contained in it back to the site that saved the cookie. This allows recognizing that a given user has visited it in the past and, in some cases, adjusting the presented content to the recipient.
  3. The entity placing cookies on the user's end device is the Organizer, the owner of the Website.
  4. Cookies are used to:
    1. adapt the content of the Website to the User's preferences and optimize the use of the Website; in particular, these files allow recognizing the User's device and appropriately displaying the website, tailored to their individual needs;
    2. create statistics that help understand how users use the Website, which enables improving its structure and content.
  5. The Website uses two basic types of cookies: "session" (session cookies) and "persistent" (persistent cookies). Session cookies are temporary files stored on the User's end device until logging out, leaving the Website, or turning off the web browser. Persistent cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.
  6. Among cookies, those necessary for the operation of the Website can be distinguished. Cookies belonging to this category are used, among others, to ensure:
    1. maintenance of the User's session;
    2. saving the User's session state;
    3. authentication of the User within the Website.
  7. Another category of cookies is those that are not necessary to use the Website but make it easier to use. Among them, in particular, are:
    1. cookies used to ensure security, e.g., used to detect authentication abuses within the website;
    2. cookies enabling the collection of information about how the Website is used, such as monitoring traffic on the Website, collecting anonymous, aggregate statistics that allow understanding how users use the Website and enable improving services, determining the number of anonymous Users of the Website, controlling how often selected content is shown to users, controlling how often Users choose a given service;
    3. cookies enabling remembering the settings chosen by a given User and personalizing the User interface—for example, in terms of language, region, font size, Website appearance;
    4. cookies enabling delivering advertising content more tailored to Users' interests.
  8. No cookies used on the Website collect information that allows the User's identity to be determined.
  9. In many cases, software used for browsing websites (web browser) by default allows storing cookies on the User's end device. The User can change how the browser uses cookies, including blocking or deleting those that come from the Website. To do this, change the browser settings. Most browsers provide the ability to accept or reject all cookies, accept only certain types, or notify the User each time a website tries to save them. The User also has the option to delete cookies already saved by the browser. Managing and deleting cookies differs depending on the browser used, and detailed information on this topic can be obtained using the Help function in your browser.
  10. Blocking or deleting all cookies from the Website may cause difficulties in operation or completely prevent the use of some of its functionalities.
  11. Cookies may be placed on the User's end device and used by the Administrator, Organizer, or other partners cooperating with these entities.

§ 7 CHANGES TO THE PRIVACY POLICY

  1. This Privacy Policy may change if it becomes necessary or desirable, particularly due to changes in law, new guidelines from authorities responsible for supervising personal data protection processes, or changes in technology used by the Administrator or Organizer to process personal data.
  2. Changes to the Privacy Policy take effect for the future from the date the change is implemented.
  3. Changes to the Privacy Policy will be made by publishing it on the Website.