Who we are

The address of our website is: https://strefapmi.pl. The entity responsible is:

PMI Poland Chapter
ul. Domaniewska 47/10
02-672 Warszawa
NIP: 525-227-89-73

A. Privacy Policy

This policy has been prepared by the Project Management Institute Poland Chapter (in this policy also referred to as PMI Poland Chapter, PMI PC, we, us, or our) and is intended for entities outside our organization with whom we interact, including: visitors to our websites, association members, and participants of our events (hereinafter referred to as “you”, “your”, or “yours”).

Section N provides definitions of terms used throughout this policy. For the purposes of this Privacy Policy, PMI PC is considered the data controller.

This policy may be amended or updated to reflect changes in the way we process personal data or to comply with applicable law. We encourage you to read it carefully and to check regularly for updates that we may introduce in accordance with this Policy.

B. Processing of your personal data

Collection of Personal Data

We may collect information about you such as your name, surname, address, and contact details.
Below are examples of sources from which we may collect personal data:

  • We may obtain your personal data when you provide it to us directly, for example, during an in-person conversation, by phone, by email, or through other means of communication.
  • We may collect your personal data in the course of establishing or maintaining business relationships (e.g., if you purchase a product or service from us).
  • We may obtain your personal data from members of the PMI Network, to the extent that those members make such information available.
  • We may collect your personal data that you have clearly made publicly available (e.g., information from your public social media profiles).
  • We may obtain your personal data when you visit our websites, use available functionalities, or access resources on our site. When you visit our site, your browser or device may automatically share certain information (e.g., device type, operating system, browser information, IP address, language settings, time of connection, and other technical data), some of which may constitute personal data.

Creation of Personal Data

We may also create records of personal data about you, such as details regarding your membership with PMI PC.

Personal Data of Other Individuals Provided by You

In some cases, you may share with us the personal data of other individuals (for example, when participating in events or providing feedback).
Whenever you provide us with someone else’s personal data, we assume that you have a legitimate legal basis to do so, and that your action complies with applicable law and this Policy.
If this is not the case, please refrain from sharing such personal data with us.

Categories of Personal Data

Below are the categories of personal data that may be processed:

  • Personal details: name, surname, gender, photo.
  • Membership details: status and type of membership, assigned Chapter information, territorial branch affiliation, membership start date, renewal dates, details of your pmi.org account including login information, and data provided in your application to the association (e.g., university information for student members).
  • Payment details: billing address, bank account or credit card number, cardholder name, card number, and expiration date.
  • Contact details: home and business address, phone number, email address, and social media profile information.
  • Professional experience: current and previous positions, job responsibilities, industry information, and education details.
  • Views and opinions: feedback or opinions expressed in surveys or shared directly with us.
  • Mentoring program details: information provided in mentor or mentee application forms.
  • Event participation: information about attendance at PMI PC events, including professional certification details.

Legal Basis for Processing Personal Data

When processing your personal data for the purposes described in this Policy, we may rely on one of the following legal bases (depending on the specific situation):

  • You have given your consent for us to process your personal data (only for voluntary data processing).
  • The processing is necessary for the performance of a contract you have entered into or intend to enter into with us.
  • The processing is required by applicable law.
  • The processing is necessary to protect your vital interests.
  • We have a legitimate interest in promoting, managing, and conducting our operations, and such interest does not override your fundamental rights or freedoms.

Processing of Sensitive Data

We strive not to collect or otherwise process your sensitive data, except where:

  • The processing is necessary to comply with legal obligations (e.g., diversity reporting).
  • The processing is necessary for the detection or prevention of crime.
  • The processing is necessary for legal defense.
  • We have obtained your explicit consent (in accordance with legal requirements) to process such data.

Purposes for Processing Personal Data

The purposes for which we may process your personal data include:

  • Providing services to you: membership and related services, access to our websites, delivery of informational materials, invitations to relevant events, and related communications.
  • Managing member relationships: maintaining relationships with our members and between members, ensuring compliance with the association’s statutes, resolving disputes, and performing membership-related administrative tasks.
  • Website management: maintaining and administering our websites, providing content, displaying advertisements and information, and communicating or interacting with you through our websites.
  • Marketing communications: contacting you by any means (including email, phone, SMS, social media, mail, or in person) with messages and information that may be of interest to you (in compliance with applicable law).
  • Managing and maintaining IT systems: ensuring IT system security, conducting audits, and protecting data integrity.
  • Financial management: sales, finance, corporate audits, and supplier management.
  • Surveys and questionnaires: engaging with you to learn your views and opinions about our activities.
  • Improving our products and services: identifying issues with existing services, planning improvements, and developing new offerings.

C. Disclosure of Personal Data to Third Parties

MWe may disclose your personal data to other members of the PMI network for legitimate business purposes (including the provision of services and the operation of our websites), in accordance with applicable law. Additionally, we may share your personal data with:

  • Relevant authorities, upon their request or in connection with the need to report violations of the law or suspected violations, as required by applicable regulations.
  • Accountants, auditors, lawyers, and other professional advisors to the PMI network, from whom we require confidentiality commitments through appropriate agreements.
  • Data processors (e.g., payment service providers), who may be located anywhere in the world. In such cases, the requirements described at the end of this section (C) will be met.
  • Appropriate parties if it is related to the prevention, investigation, or detection of criminal offenses or the enforcement of criminal penalties, as well as to protect public safety.

Our websites may contain plugins or active content from third parties (e.g., Facebook, Twitter, Google+, and LinkedIn). If you choose to use these third-party plugins, your personal data may be transferred to those entities. Please make sure you are familiar with their privacy policies before doing so.

If we decide to engage a third party to process your personal data, that party will be contractually obliged to:
(i) process the personal data only in accordance with our instructions;
(ii) use appropriate measures to ensure the confidentiality and security of the personal data; and
(iii) comply with all other applicable legal requirements.

D. Transfer of Data Abroad

Due to the international nature of our operations, we may transfer your personal data to other organizations within the PMI network and to third parties mentioned in section (C) above. As a result, your personal data may be transferred to other countries that may have different data protection laws and legal requirements than those of the country in which you are located.

Where data is transferred to third countries, such transfers are carried out based on standard contractual clauses. You may obtain a copy of our standard contractual clauses by contacting us using the details provided in section (M).

E. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unauthorized or unlawful forms of processing, in accordance with applicable law.

It is your responsibility to ensure that any personal data you provide to us is transmitted securely.

F. Data Accuracy

We take appropriate steps to ensure that:

  • Your personal data is accurate and, where necessary, kept up to date.
  • Your personal data that is inaccurate (considering the purposes for which it is processed) is deleted or corrected without undue delay.

From time to time, we may ask you to confirm the accuracy of the personal data we hold about you.

G. Data Minimization

We take all reasonable steps to ensure that the personal data we process is limited to what is necessary for the purposes for which it is processed and for the objectives outlined in this policy.

H. Data Retention

The criteria we use to determine how long we retain your personal data are as follows: we will keep a copy of your personal data for as long as necessary in connection with the purposes of processing described in this policy, unless applicable laws require a longer retention period. We may also retain your data for the period necessary to prepare for and carry out actions required to defend our legal interests.

I. Your Rights

In connection with our processing of your personal data, you have the following rights:
  • Withdrawal of consent – if your data is processed based on consent.
  • Access to data – to obtain information about what data we process and for what purpose.
  • Rectification, modification, or updating of data.
  • Request for data erasure.
  • Request to restrict data processing.
  • Right to object to the processing of your data.
  • Data portability.
  • Right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us using the details provided in section (M).

J. Cookies

Cookies are small files placed on your device when you visit websites. They store information about your device, your browser, and in some cases, your browsing habits and history. Our cookie policy can be found on the following page: Cookies Policy.

K. Your Responsibilities

We rely on the accuracy of the personal data you provide to us in order to deliver appropriate services to you.

L. Contact Details

If you have any comments, questions, or concerns regarding any information contained in this Policy, or any aspect of personal data processing by PMI Poland Chapter, please contact us at: rodo@pmi.org.pl or by mail at: PMI Poland Chapter, ul. Domaniewska 47/10, 02-672 Warsaw, Poland.

M. Definitions

  • Data Controller – means the entity that decides how and for what purpose personal data is processed.
  • Supervisory Authority – an independent public authority responsible for overseeing the application of data protection law.
  • Personal Data – information about an identified or identifiable natural person. Examples of personal data we may process can be found in section B.
  • Processing – any operation performed on personal data, whether or not by automated means. Examples include collection, recording, organization, storage, adaptation, alteration, disclosure, transfer, deletion, and merging of data sets.
  • Processor – any person or organization that processes personal data on behalf of the Data Controller.
  • Sensitive Personal Data – data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, sex life or sexual orientation, data regarding criminal convictions, offenses, or related security measures.
  • Parties – the meaning of this term is explained in section A.
  • Standard Contractual Clauses – model contractual clauses for the transfer of personal data approved by the European Commission.

Newsletter

By agreeing to receive the newsletter (which combines information about the Association’s activities, marketing information from partner entities, and commercial information), you agree that your name and email address will be processed for the purpose of receiving the newsletter from PMI Poland Chapter.

 

If you do not give your consent, the newsletter will not be sent.

 

The data will be processed based on the consent given, for the duration of the Association’s operation, but no longer than until a request for their deletion is received.

 

The collected personal data will not be transferred or disclosed to anyone, except for: Freshmail sp. z o.o., which owns the newsletter delivery platform, and Google Inc., which provides the GSuite platform for the Association, where the expressed consents will be archived.

 

In connection with your consent, you have the right to:

  • withdraw your consent, which will mean that the Association will stop sending the newsletter;
  • access your data, i.e., information about the data we hold;
  • rectify, change, or update your data;
  • delete your data;
  • restrict the processing of your data;
  • object to the processing of your data;
  • data portability;
  • lodge a complaint with a supervisory authority.

To exercise your rights, please send an email from your registered email address to rodo@pmi.org.pl. The data controller is the PMI Poland Chapter Association, based in Warsaw (02-672), at ul. Domaniewska 47/10, KRS 0000-167-986, NIP 525-227-89-73, REGON 0155-4342-4. You can contact the data protection contact person at: rodo@pmi.org.pl

© 2021–2025 Strefa PMI