Privacy Policy

Back to Legal Documents

General Information

The information presented in this document fulfills our information obligation in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter "Regulation" or "GDPR").

This document is a general statement of the applicable principles of personal data processing. Detailed information may be provided in specific information clauses during data collection processes.

We are pleased that you are visiting our website. The protection and security of your personal data when using our website is very important to us. We would like to inform you here about what personal data we collect when you visit our website and for what purposes it is used.

This Privacy Policy applies to the CMS Conf website, available at the domain cmsconf.com ("our website").

Purpose and Scope

This document applies to all individuals whose personal data is processed by the Controller in connection with the organization and operation of CMS Conf, and fulfills the information obligation indicated in Articles 13 and 14 of the GDPR.

The purposes of personal data processing may be tailored and presented within a specific process or business context related to the activities we carry out. For more detailed information, please refer to the relevant information clauses, which we provide directly each time in the process of obtaining personal data.

1. Data Controller

The data controller for CMS Conf is Openweb s.c., a civil partnership fully responsible for the entire event.

Openweb s.c.

Starowiejska 16 lok. 2
81-356 Gdynia
Poland

Tax ID (NIP): 7393037445
Business Registry (REGON): 369117242

Email: hello@cmsconf.com
Website: cmsconf.com

Openweb s.c. is fully responsible for processing personal data in accordance with the General Data Protection Regulation (GDPR).

2. Information About Data Protection Officer

If you have questions or concerns regarding the processing of your personal data, or if you wish to exercise your rights, you may contact us directly. We are committed to addressing your inquiries promptly and transparently.

For matters related to data protection, please contact us at: hello@cmsconf.com

If you have concerns about how we handle your personal data, we encourage you to contact us first before filing a complaint with the supervisory authority. We are committed to resolving any issues and ensuring your data is processed in accordance with applicable laws.

3. Legal Basis for Data Processing

We process your personal data on the basis of the following legal provisions:

  • Art. 6 para. 1 lit. a GDPR - consent of the data subject
  • Art. 6 para. 1 lit. b GDPR - performance of a contract or taking steps prior to entering into a contract
  • Art. 6 para. 1 lit. f GDPR - legitimate interests of the controller

The specific legal basis for processing your personal data depends on the purpose and context of the processing. We will inform you of the specific legal basis when collecting your data.

4. Information About Purposes of Personal Data Processing

The personal data that we collect and process in the course of our business may be processed for various purposes that we strictly define. The purposes of personal data processing may be tailored and presented within a specific process or business context related to the activities we carry out.

For more detailed information about the specific purposes of processing your personal data, please refer to the relevant information clauses, which we provide directly each time in the process of obtaining personal data.

5. Information About Methods of Personal Data Processing

We process personal data manually, through authorized persons, and in a partially or fully automated manner using computer information systems.

The use of appropriate techniques and means for processing personal data depends on the requirements and possibilities of the manner in which the data processing is carried out. We apply appropriate technical and organizational measures to ensure the security of your personal data.

6. Information About Methods of Obtaining Personal Data

The personal data of which we are Controllers are obtained by us directly from the persons to whom they relate or indirectly from other persons or entities.

We process this data mainly using information systems in an automated manner, and in the case of acquisition via paper documents also in a manual manner.

The personal data that we acquire may include various categories of personal data necessary for a particular process or purpose of personal data processing.

Whenever we acquire your personal data, we will inform you in detail, through appropriate information clauses, about all aspects related to the processing of personal data collected for the purpose of carrying out a particular process, activity or purpose of personal data processing.

6.1. Personal Data Obtained Directly

We obtain personal data directly mainly in the process of collecting documents, submitting electronic forms, sending e-mail messages or written correspondence. Personal data collected in this way primarily contains data declared by the person to whom it relates.

6.2. Data Obtained Indirectly

In certain cases, we may obtain personal data indirectly from other sources, such as business partners, public registers, or other publicly available sources. When we obtain your personal data indirectly, we will inform you about the source of the data and the purposes for which it will be processed, unless such information is impossible or would involve a disproportionate effort.

7. Collection and Use of Data

7.1. Automatically Collected Data

When visiting our website, the following data is automatically collected:

  • IP address
  • Date and time of access
  • Name and version of the web browser
  • Operating system
  • Website from which you were redirected (referrer URL)
  • Pages visited on our website

This data is collected solely for technical and statistical purposes and to ensure the security and stability of the system.

7.2. Newsletter

If you subscribe to our newsletter, we collect the following data:

  • Email address
  • First name (optional)
  • Date and time of registration

This data is used solely for sending the newsletter and information about CMS Conf. You can unsubscribe at any time by clicking the link in the footer of each email.

7.3. Contact Forms

If you contact us using a contact form, we collect the following data:

  • Name
  • Email address
  • Message content

This data is used solely to respond to your inquiry.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. Detailed information on this can be found in our Cookie Policy.

9. Third-Party Integrations

9.1. YouTube

We use embedded videos from YouTube on our website. YouTube is a service of Google Ireland Limited. When watching videos, YouTube may collect data according to its own privacy policy. More information: Google Privacy Policy

9.2. Sender.net

We use Sender.net service for newsletter delivery. Data transmitted to Sender.net is processed in accordance with their privacy policy. More information: Sender.net Privacy Policy

10. Transfer of Personal Data Outside the European Economic Area

Personal data may be transferred to third countries, that is, outside the European Economic Area, mainly due to the use of information society services (such as cloud services, analytics tools, or communication platforms).

In such cases, security measures required by law will be applied to guarantee an adequate level of protection for the data and the rights and freedoms of the data subjects. This includes:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other appropriate safeguards as provided for in GDPR

For more detailed information on this subject, please refer to the relevant documents and information clauses, which we provide directly each time in the process of obtaining personal data.

11. Data Retention Period

Your personal data is stored only as long as necessary to achieve the purposes for which it was collected, or in accordance with legal requirements. In particular:

  • Automatically collected data: maximum 24 months
  • Newsletter data: until unsubscribing
  • Contact form data: maximum 3 years from last contact

12. Information About Automated Decision-Making

In connection with the processing of personal data, we use computerized information systems, in which automated data processing takes place.

The activities we carry out in the field of automated processing of personal data are aimed at improving the quality, effectiveness, efficiency of the data processing operations carried out and information security.

In certain cases, computer information systems may make automated decisions that affect the way personal data is processed and the way data subjects' rights are exercised. We will make every effort to ensure that such situations are adequately communicated, while at the same time we ask you to report any concerns in this regard in accordance with the established communication rules.

If automated decision-making, including profiling, produces legal effects concerning you or similarly significantly affects you, you have the right not to be subject to such a decision, unless it is necessary for entering into or performance of a contract, or is based on your explicit consent.

13. Information About Profiling

In order to customize our offerings, improve features and enhance the functionality of our websites and the tools we provide, we collect and process information about how users of our websites use our site and which products and services they are interested in.

The information is also used for statistical and analytical purposes and may be used for automated processes to tailor our offerings, including for marketing our products and services.

You have the right to object to profiling at any time. If you object, we will no longer process your personal data for profiling purposes, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

14. Your Rights

Under GDPR, you have the following rights:

  • Right of access - you can request information about processed personal data
  • Right to rectification - you can request correction of incorrect data
  • Right to erasure - you can request deletion of your data
  • Right to restriction of processing - you can request restriction of data processing
  • Right to data portability - you can request transfer of data in a structured format
  • Right to object - you can object to data processing
  • Right to withdraw consent - you can withdraw given consent at any time

To exercise these rights, please contact us at: hello@cmsconf.com

You also have the right to lodge a complaint with the supervisory authority: President of the Personal Data Protection Office (Urząd Ochrony Danych Osobowych - UODO), ul. Stawki 2, 00-193 Warsaw, Poland, email: kancelaria@uodo.gov.pl, website: https://uodo.gov.pl if you believe that the processing of your personal data violates GDPR provisions. However, we encourage you to contact us first before filing a complaint, as we are committed to resolving any issues and ensuring your data is processed in accordance with applicable laws.

15. Right to Object to Direct Marketing

When personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

You can exercise this right by contacting us at hello@cmsconf.com or by using the unsubscribe link in any marketing communication.

15. Restrictions Related to Exercise of Personal Data Subject Rights

The rights indicated above and the manner in which they are exercised may be subject to restrictions in justified cases. This will be the case if the restriction is due to:

  • The obligations indicated in the law, to which we are obliged
  • Direct result of the legal basis for data processing
  • Protection of the rights and freedoms of other individuals
  • Legal claims or proceedings

In such a case, we will provide appropriate information with the reasons for our decision and explain the possibility of lodging a complaint with the supervisory authority.

16. Information About Obligation to Provide Personal Data

The provision of personal data may be necessary for the proper performance of a specific activity, the proper provision of services or the fulfillment of a request or application, and the fulfillment of obligations under applicable law.

Applying the principle of minimization, we do not collect more data than is necessary for its implementation. Whenever the provision of additional personal data is necessary for a specific purpose, we will provide the relevant information directly or the information will be made available in an appropriate information clause.

Failure to provide the required information may result in:

  • Limitation or discontinuation of our services
  • Suspension or termination of the contract
  • Prevention of the execution of the request or application
  • Violation of obligations under the law

We will inform you about the consequences of not providing personal data in each specific case when collecting your data.

17. Data Security

We use appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. Our website uses SSL/TLS encryption for secure data transmission.

18. Rules for Changing and Updating the Document

We will update this Privacy Policy with relevant provisions as required, the principles of our business and changes in the law.

We will inform you of any changes through our websites by posting relevant information on this Privacy Policy page.

In addition, in the event of significant changes related to privacy and data protection, we may send additional information to the e-mail address provided to us or require you to re-accept the principles of personal data processing and privacy protection in connection with information processing.

19. Contact

If you have questions regarding the processing of personal data or the exercise of your rights, please contact us:

Openweb s.c.
Starowiejska 16 lok. 2
81-356 Gdynia
Poland

Email: hello@cmsconf.com
Website: cmsconf.com

20. Final Provisions

The document and the rules described therein are effective upon publication. Any deviation from the described general rules shall be governed by other documents and detailed records provided in the course of collection and further processing of personal data within the framework of the personal data processing processes and operations carried out.

This Privacy Policy is a general statement of our data processing practices. Specific information clauses may be provided during individual data collection processes, which may contain additional or more specific information relevant to that particular processing activity.

Last updated: December 8, 2025