Personal data processing information

GDPR information clause for candidates taking part in recruitment process

1. Personal Data Controller

The Silesian University of Technology is the administrator of your personal data. You may contact the Personal Data Controller by:

  1. letter, to the address: 2A Akademicka St. 44-100 Gliwice
  2. e-mail: RR1@polsl.pl

2. Data Protection Officer

The Personal Data Controller has appointed a Data Protection Officer. You may contact the Data Protection Officer in all matters related to the processing of data protection and use of the rights related to data processing by:

  1. letter, to the address: 2A Akademicka St. 44-100 Gliwice
  2. e-mail: iod@polsl.pl

3. Purposes of processing of personal data and its’ legal basis

The administrator will process personal data in order to carry out recruitment for forms of education conducted by the Silesian University of Technology.
The legal basis for the processing of personal data is Article 6 section 1 letter c) – regulations of the European Parliament and Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - GDPR (processing is necessary to fulfil the legal obligation of the administrator), in connection with the Act of July 20, 2018 - Law on Higher Education and Science and implementing acts issued on its basis.

4. Retention period of personal data

The Administrator will store your personal data for a period of 12 months, from the date of completion of the recruitment process for studies. After this period, they will be deleted from our databases. Personal data placed on financial documents will be stored for a period consistent with the statutory retention time of accounting records.

5. Results of the recruitment process

The results of the recruitment process are public. The results are announced on the date specified in the schedule via information in the Online Recruitment System after logging in to your account.

6. Data recipients

Your data may be transferred by the Administrator to external entities and public authorities or entities authorized to obtain data on the basis of applicable law, e.g. to the ministry competent for higher education. The administrator may transfer your data to entities processing them on his behalf, e.g. entities servicing the maintenance of IT infrastructure and providing technical support services. If you apply for studies conducted under a double diploma agreement, personal data provided during the recruitment process will be transferred to the partner university.

7. Rights related to the processing of personal data

You have the following rights related to the processing of personal data:

  1. The right to access your personal data
  2. The right to request the correction of your personal data that is incorrect and to complete the incomplete personal data.
  3. The right to request the deletion of your personal data, if the circumstances specified in Article 17 GDPR occur;
  4. The right to request the restriction of the processing of your personal data in the cases specified in art. 18 GDPR;
  5. The right to lodge a complaint to the supervisory body dealing with the protection of personal data, i.e. the President of Personal Data Protection Office.

8. Automated decision making

Your data will not be subject to automated decision making, including profiling.

9. Information on the obligation to provide data

Providing personal data is a statutory obligation.

10. Transfer to third countries and international organizations

Personal data may be transferred to third countries. Depending on the country to which the data is transferred,  the basis for the transfer may be:

  1. Standard contractual clauses (Article 46(2)(c) GDPR)
  2. Consent of the person to which the data  relates (Article 49(1)(b) GDPR)
  3. The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person.