ACT

ACT
of 18 July, 2002 on Providing Services by Electronic Means.

Chapter 1
General Provisions

Art. 1.

The Act determines:
1)	obligations of a service provider related to providing services by electronic means,
2)	rules of releasing service providers from legal liability concerning the providing of services by electronic means,
3)	rules for the protection of personal data of natural persons using the services provided by electronic means.

Art. 2.

Terms used in this Act have the following respective meaning:
1)	electronic address - any marking of a teleinformation system that enables communication by means of electronic communication in particular electronic mail,
2)	commercial information - any information used for the direct or indirect promotion of goods, services or reputation of an entrepreneur or a person performing a profession, whose right to perform the profession depends on compliance with requirements laid down in other acts, excluding information enabling communication with the particular person by means of electronic communications, and information on goods and services not serving for the purposes of achieving a commercial effect desired by the entity which orders to disseminate the information, in particular without remuneration or other benefits from producers, sellers and service providers,
3)	teleinformation system - a set of co-operating information devices and software ensuring processing and saving, and also transmitting and collecting of data within telecommunications networks by means of a terminal appropriate for the kind of the given network within the meaning of the act of 21 July 2000 - The Telecommunications Law (Journal of Laws No. 73, item 852; of 2001 No. 122, item 1321 and No. 154, item 1800 and item 1802, and of 2002 No. 25, item 253 and No. 74, item 676)
4)	providing services by electronic means - such way of rendering a service, which comprises transmitting and collecting data by means of teleinformation systems, at the individual request of a service recipient, without the parties being simultaneously present, while the data are transmitted through public networks within the meaning of the act referred to under point 3 herein,
5)	electronic communication means - technical measures, including teleinformation equipment and software tools co-operating with it, enabling individual distant communication by using data transmission between teleinformation systems, in particular electronic mail,
6)	service provider - any natural person, legal person or organisational unit without legal entity, who, while performing, even as side activities, commercial or professional activities provides services by electronic means,
7)	service recipient- any natural person, entity or organisational unit without legal entity, who uses services provided by electronic means.

Art. 3.

The provisions of the Act do not apply to:
1)	disseminating or distributing radio programs or television programs and text messages related to them in the meaning of the Act of 29 December 1992 on Radio and Television (Journal of Laws of 2001 No. 101, item 1114 and of 2002 No. 25, item 253 and No. 56, item 517),
2)	using electronic mail or other equivalent medium of electronic communication between natural persons for personal purposes not related to commercial activities performed by them, even as side activities, or a profession performed by them,
3)	providing by a telecommunication service operator services comprising transmission of data or signals between terminals of telecommunication network, if the transmission is performed in accordance with the rules laid down in art. 12,
4)	carrying out settlements of accounts between banks by means of electronic information carriers,
5)	issuing and using payment cards and electronic money within the meaning of the Act of 29 August 1997 - The Banking Law (Journal of Laws of 1997 No. 72, item 665, No. 126, item 1070 and No. 141, item 1178)
6)	providing services by electronic means, if it is performed within an organisational structure of the service provider while the service provided by electronic means serves exclusively the purposes of work or economic processes management within the entity.

Art. 4.

1.	If the Act establishes a requirement to obtain a consent of a service recipient, the consent:
	1)	shall not be presumed or read into a text of a statement of will having another contents,
	2)	may be withdrawn at any time.
2.	A service provider shall evidence obtaining of the consent, referred to in paragraph 1 above, in case it is needed as a proof.

Chapter 2
Obligations of a Service Provider Providing Services by Electronic Means

Art. 5.

1.	A service provider shall make, clearly, explicitly and directly available through a teleinformation system used by a service recipient, basic information specified in paragraphs 2 to 5 below.
2.	A service provider gives out:
	1)	his/her electronic addresses,
	2)	his/her name, surname, a place of residence and an address, or its name or a firm, headquarters and address.
3.	If a service provider is an entrepreneur, it also gives information on relevant permission and permitting authority, in case when such permission for providing the service is required by provisions of separate regulations.
4.	The rule set in paragraph 3 is without prejudice to an obligation set forth in art. 12 paragraph 1, subparagraph 2 of the Act of 19 November 1999 - The Law on Economic Activity (Journal of Laws No. 101, item 178, of 2000 No. 86, item 958 and No. 114, item 1193, of 2001 No. 49, item 509, No. 67, item 679 No. 102, item 1115 and No. 147, item 1643, and of 2002 No. 1, item 2, No. 115, item 995 and No. 130, item 1112.)
5.	If a service provider is a natural person, whose right to perform a profession is subject to compliance with requirements laid down in separate acts, it also gives out:
	1)	in case of establishing a plenipotentiary, his/her name, surname, place of residence and an address or its name or a firm, headquarters and address,
	2)	name of professional association , which he/she is a member of,
	3)	professional title used, and the country where the title has been conferred,
	4)	number in a public register which he/she is registered in including name of the register and name of an authority which maintains the register,
	5)	information on the existence of professional ethic rules relevant to the profession, and how to access the rules.

Art. 6.

A service provider is obliged to provide a service recipient with access to current information about:
1)	particular risks related to using a service provided by electronic means,
2)	function and aim of software or data which are not an element of service contents, and which are introduced by the service provider into a teleinformation system used by the service recipient.

Art. 7.

A service provider manages operation of a teleinformation system under his/her control, enabling a service recipient free of charge:
1)	in case when nature (characteristics) of a service requires:
	a)	using by a service recipient of a service provided by electronic means in a manner which prevents unauthorised persons from accessing the contents of communications being an element of the service, in particular through applying cryptographic techniques appropriate for characteristics of the service being provided,
	b)	unequivocal identification of parties to the service provided by electronic means and confirmation of submitting statements of will and their contents, necessary for concluding a contract for providing the service, in particular using secure electronic signature within the meaning of the Act of 18 September 2001 on Electronic Signature (Journal of Laws No. 130, item 1450,)
2)	terminating, at any moment, using of a service provided by electronic means.

Art. 8.

1.	A service provider:
	1)	establishes regulations for providing services by electronic means referred hereinafter as "the regulations",
	2)	makes available the regulations to a service recipient free of charge before concluding the contract on providing such services, and also - on his/her request - in such a manner, which enables downloading, retrieval and saving contents of the regulations through the teleinformation system used by the recipient.
2.	A service recipient shall not be bound by the provisions of the regulations, which have not been made available to him/her in the manner referred to in paragraph 1 point 2.
3.	The regulations specifies in particular:
	1)	types and scope of services provided by electronic means,
	2)	conditions for providing services by electronic means including:
		a)	technical requirements necessary for co-operation with a teleinformation system, being used by the service provider,
		b)	ban on delivering messages of illegal nature by a service recipient,
	3)	conditions for concluding and terminating contracts for providing services by electronic means,
	4)	procedure for making complaints.
4.	Service provider renders services by electronic means according to the regulations.

Art. 9.

1.	Commercial information shall be clearly separated and marked in a manner not arising doubts that it is the commercial information.
2.	Commercial information comprises:
	1)	description of an entity on order of which the information is disseminated, and its electronic addresses,
	2)	clear description of promoting activities, in particular discounts, free benefits in currency or in kind and other benefits related to promoted goods, service or image, and also unequivocal specification of conditions necessary for obtaining such benefits if they are a component that offer,
	3)	any other information, which may influence determination of a range of liability of the parties, in particular warnings and reservations.
3.	The provisions of paragraph 1 and paragraph 2 are without prejudice to the provisions of the following acts:
	1)	of 16 April 1993 on Fighting Unfair Competition (Journal of Laws No. 47, item 211, of 1996 No. 106, item 496, of 1997 No. 88, item 554, of 1998 No. 106, item 668, of 2000 No. 29, item 356 and No. 93, item 1027 and of 2002 No. 126, item 1068 and item 1071, and No. 129, item 1102) and
	2)	of 29 July 1992 on Lottery Games, Mutual Betting and Automated Games (Journal of Laws of 1998 No. 102, item 650, No. 145, item 946, No. 155, item 1014 and No. 160, item 1061, of 2000 No. 9, item 117, No. 70, item 816 and No. 116, item 1216, of 2001 No. 84, item 908 and of 2002 No. 25, item 253.)

Art. 10.

1.	Sending unsolicited commercial information addressed to the specified recipient by electronic communications means, in particular electronic mail is prohibited.
2.	Commercial information shall be considered solicited , if the recipient has expressed his/her consent to receive such information, in particular, he/she has made available for the purpose of such receipt an electronic address that identifies him/her.
3.	The activity, referred herein to paragraph 1, shall be regarded as unfair competition practice within the meaning of provisions of the Act referred to in art. 9, paragraph 3, point 1.

Art.11.

Provisions of the Civil Code and other acts shall apply to all of the questions referring to provision of services by electronic means that are not regulated within the Act on providing services by electronic means, in particular to making statements of will in the electronic form,.

Chapter 3
Releasing Service Providers from Responsibility Due to Providing Services by Electronic Means

Art. 12.

1.	The responsibility for the conveyed data shall not be borne by the one who, while transmitting data:
	1)	is not an initiator of the transmission,
	2)	does not select the recipient of data, and
	3)	does not delete or modify the data being subject to transmission.
2.	The releasing from responsibility, referred to in paragraph 1, shall also cover automated and short-term indirect storing of the transmitted data, if this activity aims exclusively to proceeding with transmission, and the data are not stored longer than it is necessary for accomplishment of transmission in the ordinary conditions.

Art. 13.

1.	The responsibility for the stored data shall not be borne by the one who transmitting data and providing for automated and short-term indirect storing of the data in order to make them quickly accessible on the request of another entity:
	1)	does not delete or modify the data,
	2)	uses recognised and usually applied in such activity information techniques determining technical parameters of data access and their updating, and
	3)	does not interfere with using of information techniques, recognised and usually applied in this kind of activity for gathering information about usage of the collected data.
2.	The responsibility for the stored data shall not be borne by the person, who, respecting the conditions referred to in paragraph 1, immediately erases the data or makes the access to the stored data impossible as soon as he/she receives the message that the data have been erased from the initial source of transmission or the access to them has been made impossible, or a court or any other competent authority has ordered to erase the data or to make the access to them impossible.

Art. 14.

1.	The responsibility for the stored data shall not be borne by the person, who, making the resources of a teleinformation system available for the purpose of the data storage by a service recipient, is not aware of unlawful nature of the data or the activity related to them, and in case of having been informed or having received a message on unlawful nature of the data or the activity related to them, makes immediately the access to the data impossible.
2.	The service provider, who has received the formal notice on unlawful character of the stored data provided by a service recipient and has made access to them impossible, shall not bear the responsibility to this service recipient for any damage resulting from impossibility to access these data.
3.	The service provider, who has received the reliable message on unlawful character of the stored data provided by a service recipient, and has made access to these data impossible, shall not bear responsibility to this service recipient for a damage resulting from impossibility to access these data, if he/she has immediately notified the service recipient of intention to make the access to the data impossible.
4.	The provisions of paragraphs 1 - 3 do not apply, if the service provider has taken control over the service recipient in the meaning of provisions of the Act of 15 December 2000 on Competition and Consumer Protection (Journal of Laws No. 122, item 1319, of 2001 No. 110, item 1189 and No. 154, item 1800, and of 2002 No. 129, item 1102.)

Art. 15.

The entity, which provides services specified in art. 12 - 14, shall not be obliged to monitor the data referred to in art. 12 - 14, which are transmitted, stored or made available by that entity.

Chapter 4
Rules of the Personal Data Protection Related to Providing Services by Electronic Means

Art. 16.

1.	The provisions of this Act, unless otherwise stated in the provisions of this chapter, apply to the personal data processing in the meaning of the Act of 29 August 1997 on the Protection of Personal Data (Journal of Laws of 2002 No. 101, item 926) related to providing services by electronic means.
2.	Personal data are subject to the protection set up in this chapter as far as data processing is concerned regardless whether such processing is done using a database.

Art. 17.

The personal data of a service recipient may be processed by a service provider for the purpose and within the scope specified in this Act.

Art. 18.

1.	The service provider may process the following personal data of the service recipient necessary for entering in, designing contents, amending or terminating legal relationship between them:
	1)	service recipient's surname and names ,
	2)	his/her PESEL number (Personal Identification Number),
	3)	his/her permanent residence address,
	4)	his/her address for correspondence, if it is different than the address referred to in point 3,
	5)	data used for verifying the service recipient's electronic signature ,
	6)	service recipient's electronic addresses .
2.	In order to effect contracts or other legal activity having been concluded with a service recipient, a service provider may process other data necessary due to nature (characteristics) of the service provided or way of its billing.
3.	The service provider distinguishes and marks those data from among the data referred to in paragraph 2, as such being necessary for providing services by electronic means in accordance with art. 22 paragraph 1.
4.	The service provider may process, upon consent of s service recipient and for the purposes set forth in art. 19 paragraph 2 point 2, other data concerning the service recipient, which are not necessary for providing service by electronic means.
5.	The service provider may process the following data describing the way of using the service provided by electronic means by a service recipient (traffic data):
	1)	denotations identifying the service recipient assigned on the basis of the data referred to in paragraph 1,
	2)	denotations identifying the telecommunication network terminal or a teleinformation system, which have been used by a service recipient,
	3)	information about commencement, termination and a range of every usage of the service provided by electronic means,
	4)	information about using of the service provided by electronic means by a service recipient.
6.	The service provider provides the information on data referred to in paragraphs 1 - 5 to the state authorities for the needs of legal proceedings carried on by them.

Art. 19.

1.	The service provider is not allowed to process the personal data of the service recipient upon termination of using the service provided by electronic means, except for the provisions of paragraph 2.
2.	Upon termination of using the service provided by electronic means, the service provider, in accordance with the rules laid down in paragraphs 3-5,may process solely the data from among those specified in art. 18, which are:
	1)	necessary for billing the service or proceeding with claims for payments due to using of services,
	2)	necessary for the purposes of marketing, market research and research on behaviour and preferences of service recipients\with the results to be used, , for the needs of improving quality of services provided by the service provider, upon the consent of a service recipient,
	3)	necessary for investigation into circumstances of illicit usage of services referred to in art. 21 paragraph 1,
	4)	admitted for processing by relevant acts or agreements.
3.	Billing for services provided by electronic means submitted to a service recipient may not disclose kind, duration, frequencies and other technical parameters of the particular services used by the service recipient, unless he/she required the itemised billing within the range concerned.
4.	It is allowed, for the purposes mentioned in paragraph 2 point 2, solely to aggregate the data listed in art. 18 paragraphs 4 and 5 concerning the use by the service recipient of different services provided by electronic means, on condition that any markings identifying the service recipient or network terminal or teleinformation system which he/she used (anonymisation of data) have been erased, unless the service recipient has given his/her prior consent to not erasing those markings.
5.	The service provider shall not set together service recipient's personal data with the pseudonym chosen by the recipient.

Art. 20.

1.	The service provider, who processes personal data of a service recipient, is obliged ;o ensure to the service recipient an access to up-to-date information on:
	1)	possibility of using the service provided by electronic means anonymously or under a pseudonym if the conditions set forth in art. 22 paragraph 2 have been fulfilled,
	2)	technical arrangements made available by the service provider that prevent acquiring and modifying by unauthorised persons personal data transmitted by electronic means,
	3)	the entity, which has been given an order for data processing , the range of data and intended term of their transfer, if the service provider concluded with this entity an agreement on relay of data for processing while the scope of data is referred to in art. 18 paragraphs 1, 2, 4 and 5.
2.	Information, mentioned in paragraph 1, shall be permanently and easily accessible for the service recipient by means of the teleinformation system which he/she uses.

Art. 21.

If the service provider obtains message on using by the service recipient the service provided by electronic means not in accordance with the regulations or applicable laws (illicit usage), the service provider may process the recipient's personal data within the scope necessary to determine the service recipient's responsibility on condition that the service provider has recorded for the proof purposes the fact of receipt and the contents of the message concerned.

The service provider may notify the service recipient of his/her unauthorised activities, may demand to stop them immediately, and may also inform him/her of using the procedure mentioned in paragraph 1.

Art. 22.

The refusal of providing the service by electronic means due to not submitting by the service recipient the data mentioned in art. 18 paragraphs 1 and 2, is allowed only when processing of those data is considered necessary in regard to way of functioning of a teleinformation system ensuring provision of service by electronic means or the nature (characteristics) of the service, or results from separate acts.

The service provider shall enable the service recipient using the service or paying for it, if the service provided by electronic means is chargeable, anonymously or under a pseudonym, if it is technically feasible or customary.

Chapter 5
Penal provisions

Art. 23.

The one, who against obligations laid down in art. 5, does not submit the data referred to in art. 5 paragraphs 2, 3 or 5, or submits false or incomplete data, shall be liable to fine.

Art. 24.

1.	The one, who transmits by electronic communications means unsolicited commercial information, shall be liable to fine.
2.	Prosecution of the offence mentioned in paragraph 1 is proceeded on the request of the harmed party.

Art. 25.

Judgement on deeds referred to in art. 23 and 24 shall be proceeded in accordance with the provisions applicable to prosecution of offences.

Chapter 6
Changes in the applicable laws

Art. 26.

In the Act of 7 October 1999 on the Polish Language (Journal of Laws - Dz. U. No. 90, item 999 and of 2000 No. 29, item 358) in art. 8 paragraph 3 the full point is replaced by the comma and the following wording is inserted: " unless it is the agreement on providing services by electronic means, laid down in the Act of 18 July 2002 on Providing Services by Electronic Means (Journal of Laws - Dz. U. No. 144, item 1204) concluded with the service provider not being the Polish entity."

Art. 27.

In the act of 2 March 2000 on the Protection of some of the Consumer's Rights and on Responsibility for the Damage Done by a Dangerous Product (Journal of Laws - Dz. U. No. 22, item 271) in art. 6:
1)	paragraph 1 as amended shall read:
	"1.	The agreements concluded with the consumer without simultaneous presence of both Parties, by using means of distant communication, in particular a printed or electronic form of an addressed or non-addressed order, a serial letter in the printed or electronic form, press advertisement with a printed order form, advertisement in the electronic form, a catalogue, a telephone device, a telefax device, a television set, automated calling machine, a videophone device, videotext device, electronic mail or other means of electronic communication within the meaning of the Act of 18 July 2002 on providing services by electronic means (Journal of Law - Dz. U. No. 144, item 1204) are considered distance agreements, if the consumer's contractor is the entrepreneur, who arranged his/her business practice in such way.";
2)	paragraph 3 as amended shall read:
	"3.	The using of a telephone device, a videophone device, a telefax device, electronic mail, , automated calling machine or other means of electronic communication in order to submit the proposal for concluding an agreement may exclusively be done upon the prior consent of a consumer."

Art. 28.

In the Act of 16 November 2000 on the Counteraction of Introducing into the Financial Market Property Values Originating from Illegitimate or Undisclosed Resources (Journal of Laws - Dz. U. No. 116, item 1216, of 2001 No. 63, item 641, and of 2002 No. 25, item 253, No. 32, item 299, No. 41, item 365, No. 74, item 676, No. 89, item 804 and No. 141, item 1178) in art. 9 paragraph 1 as amended shall read:

"1.

In order to fulfil the obligation of registering, the obliged institutions identify their customers in each case of placing a written, oral or electronic disposition (order)."

Art. 29.

In the Act of 5 July 2001 on Prices (Journal of Laws - Dz. U. No. 97, item 1050) in art. 10 paragraph 1 as amended shall read:

"1.

Subject to special provisions, in the process of negotiating of agreed price and applying official price the entrepreneur is obliged to specify, in writing, and also in an electronic form, if it is possible, in the manner accessible for the buyer, the detailed quality specification of goods (services), and also to indicate the country of origin of the goods, if they have been introduced into the Polish custom area."

Art. 30.

This act enters into force 6 months following the date of its publication, excluding art. 5 paragraph 5, which becomes applicable as of the date of Republic of Poland's accession into the European Union.

The President of the Republic of Poland:
A. Kwasniewski