According to Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”).
Personal data controller
Braňo Šandala, ID: 06140475, with registered office at Brno, Vysoká 533/10, Postal Code: 63900, Czech Republic, registered in Brno City Municipality; e-mail: firstname.lastname@example.org
Categories of processed personal data
The identity and contact details related to our Clients:
- e-mail address
- data resulting from an agreement concluded by the parties
Purposes and legal basis for the processing of personal data
- conclusion and performance of an agreement to which we are a party
- compliance with a legal obligation that applies to us
- our legitimate interests, mainly justified by:
- interest in establishing a contractual cooperation
- pre-contractual communication and eventual claims arising from pre-contractual liability
- interest in future resumption of negotiations on establishment of contractual cooperation
- measures for further development of our services
- optimization of procedures to analyze our needs
- application of legal claims and defence in legal disputes
- communication between Parties
- if the law requires a consent of the data subject with processing, we will always ask for it in advance
Recipients of personal data
- IT services or information systems providers
- legal services providers
- persons who, under our authority, ensure performance of our contractual or legal obligations and exercise of rights established by a contract or by the law or with who we cooperate in performance of a contract or in the realization of our scope of business
- public authorities, courts or law enforcement authorities
Personal data are not transferred to third countries or international organizations
Duration of data processing
We process personal data for the time necessary to meet the purpose for which the data have been collected.
Source from which personal data originates
Personal data may originate from the Clients directly, public registers or other sources (e.g. websites).
Method of processing of personal data
Personal data are processed in electronic form in an automated manner or in printed form in a non-automated manner. We do not carry out systematic or extensive processing of personal data. We also do not perform automated individual decision-making with legal or similar effects, including profiling, within the meaning of Article 22 GDPR.
Rights of the data subjects
- right to information and access to personal data (Article 15 GDPR)
- right to rectification (Article 16 GDPR)
- right to erasure (Article 17 GDPR)
- right to data portability to another data controller (Article 20 GDPR)
- right to restriction of processing of personal data (Article 18 GDPR)
- right to object to processing of personal data (Article 21 GDPR)
- right to lodge a complaint with the relevant Office for Personal Data Protection
- right not to be subject to a decision based solely on automated individual decision-making with legal or similar effects, including profiling (Article 22 GDPR)
- if the data subject has given us their consent, they may withdraw it at any time by writing at our address or via email email@example.com (in whole or in part)—this has no effect on the lawfulness of the processing based on the consent granted prior to their withdrawal.
Voluntary provision of personal data
If the processing of personal data is based on the consent of the data subject, it is entirely voluntary; if the data subject does not provide us with their personal data, they will not suffer any legal damage, but they will not be able to use our services. Otherwise, processing of personal data is possible only on the basis of a statutory or contractual requirement (e.g. if the personal data are required for an agreement).
If the data subject has any questions related to the processing of personal data or the investigated security incident, he / she may contact the personal data controller via telephone or e-mail (see contact details in the initial section).