Security Policy

A
A

Dear User!

Please note that by creating and administering its website, Gdansk Tourism Organization, with its registered office in Gdansk, applies technologies used for collecting and processing personal data in order to analyse website and Internet traffic. Gdansk Tourism Organization does not customize the content displayed. Complying with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), you are hereby informed that the following data shall be processed: your device’s IP address, URL of your request, domain name, device’s ID, browser type, browser language, number of clicks, amount of time spent on particular websites, date and time of using the Website, type and version of the operating system, screen resolution, data collected by server logs, and other similar information.

The data controller is Gdansk Tourism Organization, with its registered office at 80-601 Gdansk, ul. Uczniowska 22.

Your consent is voluntary. If you deny consent, click “Deny consent”. By clicking “Enter the website” or by closing this window, you consent to the above provisions. You may edit your consent preferences or you may withdraw your consent at any time by clicking “More”.

Security Policy.

Our priority is to ensure security at Gdansk Tourism Organization in all areas of Company’s business and operations. Due to the nature of the business we place the security of persons, information, infrastructure and IT systems at the centre of our attention.

We shall create a secure organization by:

  • identifying key areas subject to supervision and establishing detailed security policies, in particular in areas related to the protection of persons and property, information, IT systems, processes and services;
  • creating the proper security-oriented organization and implementing of processes, taking into consideration the requirements provided for in relevant security policies and standards adopted;
  • ensuring the presence of security experts and involving operational employees in the processes;
  • being an advocate of changes, where we run our operations by building proper relations in order to develop actions aimed at the improvement of security standards;
  • working actively for the promotion of best practices and solutions in the industry;
  • cooperating with our suppliers and subcontractors in order to improve security standards;
  • engaging all parties in an open dialogue regarding the influence of our actions on the ongoing improved performance as regards security.

By showing commitment to the improvement of security standards in all areas we demonstrate to our employees that the security of information, IT systems, property and persons, including our employees and customers, is of particular importance to us.

We ensure that all our employees apply the security standards developed, and in particular that the area managers mobilize technical and organizational measures in order to meet the requirements of the security standards adopted.

Information Security Policy.

Information is one of the most important assets at Gdansk Tourism Organization. We believe that proper, efficient and effective protection of information and information processing systems may be guaranteed by building proper organizational culture and applying security measures relevant to the risks identified.

We shall create a comprehensive information security management system by:

  • Establishing general information security principles and detailed principles of management of particular groups of protected information. We are aware of the legal solutions covering security principles and protection of particular groups of information, and accordingly it is essential to establish detailed principles for particular groups of information.
  • Determining roles in information processing, in particular appointing persons responsible for particular areas, groups of protected information.
  • Developing, monitoring and continuously improving the information processing, in particular engaging employees possessing relevant competences in the scope of security and information protection.
  • Monitoring requirements as regards information security, provided for by legislation and quality standards.
  • Monitoring and counteracting risks by applying proper risk mitigating solutions.

We ensure that all employees at all times care for information security, and in particular apply the principles of this policy and security standards referred to in the policy.

Our chief aim is to preserve confidentiality, integrity, and availability of information, to process it in accordance with law and security standards applied, and in particular to protect IT systems used to process protected information.

The solutions adopted should enable Gdansk Tourism Organization to attain proper technical and organizational level so that:

  • complete protection of patients’ and employees’ information is guaranteed;
  • information security can be ensured irrespective of its form and processing system;
  • the effects of risks have no influence on information security;
  • efficient actions can be pursued in crisis situations.

Persons and Property Security Policy.

Ensuring the security of persons and property at Gdansk Tourism Organization is one of the important processes supporting our main business. We believe that technical and organizational measures applied to this end will enable us to carry out our main business.

Being aware of the responsibility for ensuring security of persons staying in the areas administered by Gdansk Tourism Organization and of our property, we wish to declare we are ready to support the building of a comprehensive security management system in respect of persons and property and also support all activities aimed at ensuring proper protection level, taking into consideration the risks, by:

  • continuous improvement of employees’ competences as regards the security of persons and property;
  • setting roles in processes related to ensuring the security of persons and property and assigning them specific tasks and competences;
  • creating an organization and implementing procedures, instructions and processes aimed at ensuring security of persons and property;
  • monitoring the organization and processes in order to ensure the proper level of security of persons and property;
  • monitoring risks and checking susceptibility of the solutions applied to the risks identified.

We ensure that all employees at all times care for security of persons and property, and in particular apply the principles of this policy and security standards referred to in the policy.

Our main goal related to the protection of persons and property is to ensure security of all persons staying at the office of Gdansk Tourism Organization, and in particular to ensure that the employees’ and customers’ life and health are protected.

We shall apply technical and organizational measures of the protection of structures, technical infrastructure and other property in order to preserve their condition and ensuring availability and continuity of operations.

Personal Data Security Policy.

Personal data processing at Gdansk Tourism Organization is an important process related to the operations of our company, affecting the services rendered and company’s organization.

This information security policy related to personal data, together with the established security standards, fulfils the obligation referred to in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), imposed on Gdansk Tourism Organization as the personal data controller.

Being aware of the responsibility for ensuring personal data security and of the consequences of violating the security of personal data processed by Gdansk Tourism Organization, we wish to declare we are ready to support the building of a comprehensive security management system in respect of personal data and also support all activities aimed at ensuring proper protection level, taking into consideration the risks, by:

  • continuous improvement of employees’ competences as regards personal data security and protection;
  • setting roles in personal data processing and assigning them proper tasks and competences;
  • creating an organization and implementing procedures, instructions and processes aimed at ensuring personal data security and protection;
  • monitoring the organization and processes in order to ensure the proper level of personal data security and compliance with law;
  • monitoring risks and checking susceptibility of the solutions applied to the risks identified.

We ensure that all employees at all times care for personal data security in respect of all persons, irrespective of the form and purpose of personal data processing, and in particular apply the principles of this policy and established information security standards.

Our chief aim is to preserve confidentiality, integrity, and availability of personal data, to process them in accordance with principles adopted and law, and in particular to preserve the highest security standards related to the processes implemented and IT systems used for personal data processing and in such a way as to prevent the violation of fundamental rights and freedoms of data subjects.



***