Information clause of the Head of the Civil Service

On May 25, 2018, Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of directive 95/46/EC came into force on the territory of all European Union countries (general data protection regulation - GDPR). GDPR sets out the rules under which personal data may be processed. The obligation to protect personal data also follows from the provisions of the data protection regulation.

Who is the controller of your data?

The controller of your personal data is the Head of the Civil Service. The GDPR imposes an obligation on the Head of the Civil Service as a controller to protect the data being processed.

How to contact the data controller?

  • address: Chancellery of the Prime Minister, Al. Ujazdowskie 1/3, 00-583 Warsaw
  • e-mail: dsc [at] kprm.gov.pl

How to contact the Data Protection Officer?

  • address: Chancellery of the Prime Minister, Al. Ujazdowskie 1/3, 00-583 Warsaw
  • e-mail: IOD [at] kprm.gov.pl

For what purpose will the controller process your data?

The controller processes your data so that the Head of the Civil Service can perform his statutory tasks, in particular:

  • nominate civil servants;
  • keep records of persons substituting directors general of offices;
  • keep records of persons who hold the positions of directors general of offices, for the purpose of allowing them taking up an income-generating activity;
  • conduct affairs regarding the approval of the job description of the director general of the office;
  • handle cases involving the transfers of civil servants within the civil service;
  • provide services regarding the publication of the newsletter of the civil service job announcement database and a support form for the users of this database;
  • conduct cases regarding appeals of the Head of the Civil Service against the decisions of the Higher Disciplinary Commission of the Civil Service;
  • maintain the civil service job announcement database;
  • gather information on the civil service corps, in the scope of detailed data on the employment level of the civil service corps members, in particular for the purpose of leading the process of human resources management in the civil service;
  • consider matters falling within the competence of the Head of the Civil Service as the central body of government administration competent for civil service matters (complaints, requests, inquiries, etc.).

On what basis does the controller process your personal data?

The legal basis for the processing of personal data is the legal obligation that prevails on the controller.

The controller may also process data if it is necessary to perform the contract or take action before its conclusion. The controller may also process personal data based on consent. If you do not provide your personal data, the Head of the Civil Service will not be able to carry out his/her tasks.

Data sources

The controller may obtain personal data:

  • from the data subject,
  • from publicly available sources,
  • from state administration bodies,
  • from other entities,
  • from natural persons required to provide personal data.

Categories of relevant data

Personal data includes in particular: name, address and other personal data necessary to perform a specific task that requires data processing.

Who will have access to your personal data?

The controller may transmit (share) your personal data to public bodies and state offices or other entities authorized by law or performing tasks implemented in the public interest or in the execution of public authority. The controller provides personal data to entities that process it on behalf of the data controller, such as the Government Administration Service Centre.

How long will the controller process your data?

The controller will process your data until they complete a specific task. This period of time also includes the archiving of documents that the controller will collect in connection with the implementation of this task.

What rights do you have?

You have the right to request the data controller to:

  • enable you the access to your personal data,
  • correct, delete or limit the processing of your data.

You also have the right to:

  • transfer your data to another data controller,
  • raise an objection.

In the event that the controller processes your data on the basis of consent, you have the right to withdraw consent to the processing of your personal data. You may withdraw your consent at any time. Until the consent is withdrawn, the controller processes your data in accordance with the law.

The request for the implementation of these rights should be sent in writing to the data controller (contact details as above, with the note "Personal data protection").

You also have the right to lodge a complaint with the supervisory authority.

Is your data safe?

Yes. The controller does not use data to make decisions or profile data in an automated way.