applicable as of 25 May 2018


The security of information, with particular focus on personal data protection and respect for the right to privacy, is of paramount importance for NASK-PIB, and at the same time it is a fundamental feature in our operations, which helps us gain and maintain trust in services provided by NASK-PIB. In order to achieve the aforesaid objective, NASK-PIB has implemented and continues to apply the information security policy throughout its organisation. Furthermore, NASK-PIB implemented an information security management system in key areas of operations, based on the ISO/IEC 27001:2013 standard, and obtained the relevant certificate.

NASK-PIB follows transparent rules regarding its privacy policy; this includes informing you why and how your personal data is processed, how long it is stored and who is it made available to.

To protect your personal data in the best way possible, NASK-PIB follows the following rules:

  • NASK-PIB processes personal data solely to achieve legitimate objectives, for which the data is collected, or in such manner as is defined in compulsorily applicable laws.
  • NASK-PIB processes only such categories of personal data as are required to achieve the objectives of the processing.
  • NASK-PIB does not process any personal data in a manner that would be inconsistent with the objective of the processing of such data.
  • NASK-PIB processes personal data with high security standards to protect personal data against loss or improper use.
  • NASK-PIB processes personal data for a period not longer than is necessary for the purposes, for which such data is processed.
  • NASK-PIB offers regular contact with its Data Protection Officer at the address:
  • NASK-PIB performs its information duties stemming from personal data protection regulations, in particular from the General Data Protection Regulation, towards the data subjects - you can find detailed information on sites dedicated to the respective services provided by NASK-PIB.