Access. The future of education.

Privacy policy

At the OpenStax Poland Foundation we know that privacy is a crucial matter. This is why we respect your privacy online and will do everything in our power to provide you with the right protection while using our services.

Should you have any concerns regarding the privacy you can contact us at any time by sending an email to [email protected] or a letter by post to the address: OpenStax Poland, ul. Grochowska 312, 03-839, Warszawa.

Essential principles regarding privacy protection

  1. While using our Site, filling in our contact form, newsletter or contacting us in any other way you are providing us with your personal data and we warrant that your data will remain confidential and safe.
  2. We entrust the processing of personal data only to tried and tested and trusted entities rendering personal data processing services.
  3. We process personal data in compliance with the provisions of the Regulation of the European Parliament and of the Council (UE) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter “GDPR”.
  4. We ensure the possibility of using social media functionalities such as sharing content in social media and subscribing to a social media profile. The use of the services of external service providers is not subject to the OpenStax Poland Foundation Privacy Policy.
  5. We are using our own cookies for the purposes of proper operation of the websites.

Controller of personal data

  1. The OpenStax Poland Foundation with its registered office in Warsaw, at ul. Grochowska 312 entered into the Register of Associations, Other Social and Professional Organisations, Foundations and Independent Health-Care Facilities maintained by the District Court for the Capital City of Warsaw, 12 th Commercial Division of the National Court Register, under number KRS 0000738271, hereinafter “Foundation”, is the operator of the site, hereinafter “Site” and, at the same time, the Controller of Users’ personal data collected in the course of their use of the Site.

Purposes and period of personal data processing

  1. We are processing your personal data in compliance with Article 6 of the GDPR Sections 1b), 1c) and 1f) (with reference to the following sections):
    1. Use of the Site – we collect your data – such as IP address, the date and time of use of the Site, your location – provided that you consent to the collection of cookie files (more in the section: Cookies) The data will be stored in compliance with the default settings of Google LLC.
    2. Performance of the contract – when contacting us via electronic mail, including also when sending us a query via the contact form, you are automatically providing us with your email address as the address of the message sender, as well as with your first and last name. Moreover, you might also enter other personal data in the content of the message. The provision of personal data is voluntary but necessary to perform the contract. In this case we store data for up to 5 years from the end of the performance of the contract.
    3. Creating statistics, record sheets and analyses for our own purposes – in this case your data is stored for 3 years after the last activity regarding the personal data is performed.
  2. The provision of personal data to the Foundation is voluntary, yet necessary to use all available functionalities of the Site, including opening a user account. Failure to provide the obligatory personal data listed hereinbelow, translates into a resignation of selected functionalities of the Site.

What are your rights?

  1. The GDPR vests you with the following rights related to the processing of your personal data:
    1. Right to access personal data;
    2. Right to correct personal data;
    3. Right to have personal data deleted;
    4. Right to object to the processing of personal data;
    5. Right to have personal data transferred;
    6. Right to file a complaint to a supervisory body i.e. President of the Personal Data Protection Office;
    7. Right to withdraw your consent for the processing of personal data if you gave such consent.
  2. The principles regarding the exercise of these rights are described in detail in Article 16 – 21 of the GDPR. We recommend that you read those provisions.
  3. We would like to emphasise that one of the rights listed above can be exercised by you at any time: if you decide that we violated the provisions of personal data protection in the course of processing your data, you have the option of filing a complaint to the supervisory body, or the President of the Personal Data Protection Office.
  4. You can always address us with a question regarding your rights, a request for the provision of information on what kind of data about you we possess and what are the purposes of its processing. It is enough that you send us a message to: [email protected].

How we process your data?

  1. We implemented data encryption and access control owing to which the consequences of a potential violation of data safety are minimised.
  2. Authorised employees and representatives of the Foundation may access your personal data.
  3. We do not disclose the data provided to us by Users to third parties, save the disclosure of data to:
    1. Entities collaborating with the Foundation in connection with the functionalities of the Site (hereinafter: “Partners”), i.e.:
      1. Entities providing technical support of the Site,
      2. Marketing/creative agencies with whom the Foundation is working on projects related to the statutory activities of the Foundation,
    2. In the case envisaged by the provisions of law when such disclosure is obligatory e.g. to courts or law enforcement bodies – of course, only when they address us with a legally grounded request to do so.
  4. Entrusting Partners with the provision of your personal data is effected pursuant to relevant contracts concluded by and between the Foundation and the Partners. We assure you that Partners are processing the data provided to them by us exclusively for the purpose of performance of the contracts they are bound by with respect for all provisions of law regarding personal data protection.
  5. The data of Users are obtained directly from them.


  1. We use cookies on our Site.
  2. Cookie files (so-called cookies) are IT data, in particular text files that are stored in the end device of the Site User (e.g. computer, telephone, tablet) and are aimed at using the Site’s websites.
  3. We use two types of cookies:
    1. Session cookies: they are stored on your device and remain there until the session of the given browser ends. Then the information saved is permanently deleted from the Device memory. The mechanism of session cookies does not permit for the downloading of any personal data nor any confidential information from the User’s Device.
    2. Persistent cookies: are stored on the User’s Device and remain there until deleted. The end of a given browser session or turning off the Device do not cause the deletion of these files from the User’s Device. The mechanism of persistent cookies does not permit for the downloading of any personal data nor any confidential information from the User’s Device.
  4. The information collected pertain to the IP address, type of browser used, language, type of operating system, Internet service provider, information about the time and date and location.
  5. Cookies may be read by our IT system (own cookies) or third-party IT systems (third-party cookies).
  6. Cookie files are collected and analysed for the purposes:
    1. Adjusting the content of the Site websites to the individual needs of the User or optimising the use of websites, in particular, these files permit to identify the Site User and display the website in a manner adjusted to his or her individual needs;
    2. Creating statistics that help understand how the Site Users use the websites, which permits the improvement of their structure and content.
  7. In many cases, the web browser used by the User allows by default the storing of cookies on the User’s end device.
  8. You can change the settings regarding cookies at any time in the configuration system of your web browser, in particularly so as to:
    1. Block the automatic handling of cookies by the web browser or
    2. Ensure that the web browser notifies the User each time cookies are installed on the device.
  9. Detailed information on the options and manners of handling cookies are available in the settings section of the web browser.
  10. If the User blocks the installation of cookies in the settings of the web browser some of the functionalities of the Site might not work.

Social media tools.

  1. Our Site may use plug-ins and other social media tools made available by social media such as Facebook.
  2. When displaying a Site containing such a plug-in, your browser will establish a direct connection with the servers of social media administrators (service providers). The content of the plug-in is forwarded by the given service provider directly to your browser and is integrated with the Site. Owing to this integration, the service providers receive information that your browser displayed our Site even if you do not have a profile with the given service provider or you are not logged in there. Such information (along with your IP address) is sent by your browser directly to the given service provider’s server (some servers are located in the USA) and is stored there.
  3. If you have logged in on a social media site the given service provider will be able to directly link your visit on our Site to your profile in the given social media site.
  4. If you use a given plug-in e.g. by clicking the button “Like” or “Share”, the relevant information will also be sent directly to the given service provider’s server and stored there.
  5. Moreover, this information will be posted in the given social media site and may be displayed to your contacts. The purpose and scope of collecting data and their subsequent processing and use by the service providers, as well as the possibility of contacting them and your rights as regards this issue, as well as the possibility of changing your privacy settings are described in the privacy policy of the individual service providers e.g.:
  6. If you do not wish for social media sites to pair the data collected in the course of visits on our Site directly with your profile on the given site, you must log out of the site before visiting our Site. You can also disable the loading of plug-ins on the Site by using a relevant browser extension e.g. script blocking.

Server logs

  1. Using the Site is linked with sending queries to the server where the Site is stored. Each query addressed to the server is recorded in server logs.
  2. Logs record to your IP address, date and time of the server, information about the web browser and the operating system you are using. Logs are saved and stored on the server.
  3. The data saved in the server logs is not linked to the individual people using the Site and is not used for identification purposes.
  4. Server logs serve exclusively as supplementary material aimed at administering the Site and their content is not disclosed to anyone except people authorised to administer the server.

Final Provisions

  1. The Foundation reserves the right to amend this Privacy Policy. Users will be notified of any amendments via a publication of the amended Privacy Policy on the website. Each User is bound by the current version of the Privacy Policy as at the time when the Site run by the Foundation is used.
  2. This Privacy Policy is in effect since 1.10.2018.
  3. Should you have any additional questions regarding privacy protection please contact us at: [email protected].