Private policy

Privacy Policy
I. General Provisions
This Privacy Policy specifies how Users’ personal data is collected, processed, and stored, which is necessary for the National Center for Emergency Medical Services to provide services electronically via the website available at: https://kcmrm.pl, https://kcmrm.com.pl (hereinafter referred to as the KCMRM Website).
The Website collects only the personal data necessary to provide the services offered therein, for statistical purposes, and to ensure service security. Data collected during User use of the Website is used solely for the purposes of administering the Website. Personal data collected via the Website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the GDPR).
The Controller declares that it has implemented all necessary technical and organizational measures to ensure the security and integrity of the personal data it processes, as well as to prevent their loss, alteration, and/or access by unauthorized third parties.
Personal data are processed only by persons authorized by the Controller or by processors who process data based on data processing agreements concluded by the Controller, obliging partners to maintain an adequate level of data security.
II. Data Controller
The controller of personal data processed on the Website is the Director of the Polish Air Rescue Service, with its registered office in Warsaw, at ul. Księżycowa 5, 01-934 Warsaw, NIP: 5222548391, REGON: 016321074 (hereinafter referred to as the Controller) sekretariat@lpr.com.pl.

In matters related to the processing of personal data, you can contact the Data Protection Officer at the following email address: iod@lpr.com.pl.

The Controller places particular importance on respecting the privacy of Users visiting the KCMRM Website.
III. Purpose and legal basis for collecting personal data on the KCMRM Website
Personal data is processed for the following purposes:
personalizing the Website for Users (digital accessibility),
registering an account and verifying the User’s identity, enabling logging into the Website and using the User’s account, and fulfilling the agreement on the provision of services by electronic means, in accordance with the Act of 18 July 2002 on the provision of services by electronic means – based on acceptance of the Terms and Conditions (Article 6, paragraph 1, letter b of the GDPR),
providing e-services,
providing information on the activities of the National Center for Emergency Medical Services Monitoring, which is part of the Administrator’s structure,
analytical and statistical activities related to the security of the KCMRM website. The basis for data processing within the KCMRM Website is to fulfill the legal obligation incumbent on the controller and to perform tasks in the public interest (Article 6, paragraph 1, letter c and Article 6, paragraph 1, letter e), as well as for the performance of a contract related to services provided electronically (Article 6, paragraph 1, letter b). As part of its LPR activities, the KCMRM fulfills its legal obligations to perform tasks carried out in the public interest in accordance with the Act on State Emergency Medical Services (Journal of Laws of 2024, item 652).

IV. Type of Personal Data Processed

In accordance with the practice of most websites, we store HTTP requests directed to our server. Viewed resources are identified by URL addresses. This data is not profiled and is not associated with specific individuals browsing the KCMRM Website. The data stored in the web server log files concerns technical data related to the implementation of the HTTP service. The logs are stored on the nazwa.pl hosting server and are subject to the website’s terms and conditions (regulations).

When using a portal User account, the Administrator may process personal data, including: name and surname, User login, email address, IP address from which the connection was established, browser type and mode, information regarding portal usage preferences, and other additional data such as country, the Device used by the User, and other data necessary for the functioning of the User account on the Website.

V. Period of Personal Data Processing

Users’ personal data will be processed for the period of:

Session-related data (cookies) – in accordance with the User’s preferences selected on the website and in the browser settings used.
Provided when creating an account on the portal – until the account is deleted.
Containing technical information related to the use of the portal – application logs – in accordance with the service provider’s policy.
VI. Sharing Personal Data
The recipients of personal data processed within the KCMRM Website may be:

institutions authorized under the law