Consent to processing of personal data and conditions for processing personal data
The consent to processing of your personal data that we are asking you to grant, shall be granted under the following conditions
1. The consent is given to:
MgA. Marta Šeflová, Identification Number 04270347,
residing at Buzulucká 548/4, 160 00, Praha 6 – Dejvice, Czech Republic,
contact e-mail: email@example.com
(hereafter only as „Controller”)
2. Description of categories of data that Controller is processing about you, together with the purposes for processing of personal data
If you grant consent to processing of your personal data to the Controller, the Controller shall process your following personal data:
- Name and surname, together with other contact and/or billing information if provided by you,
- E-mail and contact phone, if provided by you
- IP address.
This data shall be processed for the following purposes:
- fulfilling any contracts agreed upon by you and the Controller, if applicable,
- future business offers and contacts by the Controller.
Your consent is not a precondition to your co-operation or purchases of goods or services of the Controller; nonetheless, without granting the consent, the Controller shall not be authorized to send information to you about possible future offers and development.
3. Period for which the consent is granted; Information about time period for erasure of the categories of data
The consent is given for a period of 10 years, starting from the date of giving of the consent.
Data processed as based on your consent shall be erased as soon as they are no longer needed for the given purpose, by the latest when the consent expires or is withdrawn.
4. Data protection officer contact information
The data protection officer was not designated since the Controller is not obliged to do so.
5. Description of categories of recipients to whom your personal data may be transferred, including transfer to third countries or to international bodies.
By granting our consent you agree that your personal data might be transferred to Partners as well as to persons cooperating with the Controller. These persons are obliged, based on a contractual liability to the Controller, to fulfill a duty to protect the data. All personal data can be transferred to providers of postal, legal and accounting services, that are obliged, based on a contractual liability to the Controller, to fulfill a duty to protect the data.
Personal data shall not be transferred to third countries or to international bodies.
6. Information about your rights
- The Controller shall provide upon your request information about measures taken according to sections 15-22 of the Regulation, without undue delay, and in all cases within a period of one month from receipt of your request.
- You have the right to request the right to access the data that is being processed about you, ask for a correction of possible inaccuracies, as well as erasure of the data (right to be forgotten) or restriction of processing, as well as raise objection against processing in any time and without giving a reason. You have a right to obtain a certification whether your data is or is not being processed by the Controller. These rights shall be exercised by sending an e-mail or a letter to the address of the Controller given above.
- You have the right to access to the personal data concerning you, which you have provided to a Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided. These rights shall be exercised by sending an e-mail or a letter to the address of the Controller given above.
- You have the right to revoke your consent anytime by sending an e-mail or a letter to the address of the Controller given above.
- You have the right to complain anytime at the relevant controlling office against all actions of the Controller.
- The Controller does not use your data for automated individual decision-making, including profiling.
7. Description of technical and organizational measures taken by the Controller for protection of your personal data
a) Protection against unauthorized access to the data
Access to the discs and files containing your data is protected by the Controller namely as follows. Discs and files containing data are located in a lockable room. Entry into that room is granted only to authorized persons. Other persons are allowed to enter in only when accompanied by the authorized persons. Software access is protected by username and password.
b) Protection about unauthorized reading, copying, transfer, editing and erasure of your data
Software access to your data is protected by username and password. The system of the Controller takes note of all access to individual data. Authorized persons are trained in data protection, any additional training will be recorded. Additional controls are executed of the setup of the system, as well as of adhering to the rules here established.
c) Protection against a breach from the outside
Software of the Controller is connected to the Internet. Measures in a form of firewall, login and password protection, HTTPS protocol access, and measures by the web service provider are in effect. Additional controls are executed by persons authorized by the Controller.
d) Protection against unauthorized use of access (negligence)
Each access to the system of the Controller is recorded, while the access logs can be compared. Passwords are changed regularly.
e) Protection against lack of awareness
All authorized persons were duly trained and shall be periodically re-trained. Training shall consist mainly of information of these persons about the functionality of the system of the Controller, as well as software functionalities and its updates, as well as rights and obligations under the Directive.