§ 1

The IT Centre of the University of Economics in Katowice, hereinafter referred to as the "IT Centre," in cooperation with the Polish Identity Federation PIONIER.Id, enables access to external network services. Logging into these services occurs via the Central Authentication System (CAS), using a UE Katowice account.

§ 2

The User is obliged to maintain login security by adhering to the "Security Regulations" document available on the IT Centre's website.

§ 3

1. During the login process to an external service, it is necessary to transfer selected data concerning the user's account, such as the university email address, first name, and last name.
2. Before the data is transferred, the user is asked for consent, which may be granted on a one-time basis or permanently.
3. Granting consent is voluntary; however, it is necessary for successfully logging into the external service.
4. Before logging into an external service, the user may review the Privacy Policy pertaining to that specific service.
5. Users' personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as "GDPR."
6. The IT Centre acts as a trusted intermediary in the transfer of user data for authentication and authorization purposes in the external service to the provider offering the external service, who is the Controller of the User's personal data within the meaning of Article 4(7) of the GDPR. Therefore, the University of Economics in Katowice is not responsible for the personal data processing within the service. Any inquiries regarding the processing procedure or the exercising of the user's rights concerning personal data processing should be directed by the user directly to the Service Provider offering the given external service.
7. Due to the fact that a given service provider offering an external service may be based outside the European Economic Area, the personal data provided by the user may be transferred to a third country for the purpose of providing the external service by the aforementioned service provider. A list of third countries, territories, and specified sectors within a third country, as well as international organisations for which the European Commission has adopted an adequacy decision or noted a lack thereof, is published in the Official Journal of the European Union and on the European Commission's website available at: https://ec.europa.eu/info/index_pl.

§ 4

1. Unless the regulations of a given service state otherwise, the user may use the service exclusively for their own needs related to their status at the University of Economics in Katowice, i.e., for work or studies.
2. The user must comply with any additional restrictions described on the service pages, e.g., prohibition of bulk data downloading, their unauthorized publication, etc.
3. The user is not permitted to share their own account with other persons. The user is not permitted to run software that uses the service on their behalf.
4. The relevant GDPR information clause [1] of the University of Economics in Katowice can be consulted at the University, on the University's website, and in the University's Public Information Bulletin.

[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – General Data Protection Regulation (OJ EU L 2016 No 119, p. 1, as subsequently rectified).