- The data controller referred to Article 4 pt.7 of the European Parliament and the Council of the European Union Regulation (EU) 2016/679 – The protection of natural persons in relation to the processing of personal data and its movement ( further on as GDPR) is company Svitap J.H.J Ltd. , IN: 465 097 55, TIN: CZ 465 097 55 with the company headquarters in Svitavy, Czech Republic.
- Contact details of the data controller
Address: Kijevská 423/8, 568 02 Svitavy, CZ
Phone: +420 461 568 111
- Personal data means any information about an identified or identifiable natural person. An identifiable natural person is someone who could be directly or indirectly identified by reference to a particular unique mark such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, psychological, economic, cultural or social identity of this individual.
- The data controller did not name any delegate that should be in charge of data processing
The Sources and Categories of Processed Data
- The data controller works with personal data you have provided to him / her or the personal data that the controller has obtained based on filling in the contact form.
- The controller processes Your identificational and contact details to answer Your questions in the contact form, and only those data that are really necessary.
Lawful Reason and Purpose of Processing Personal Data
- Lawful reasons for processing personal data
- Answering question, which You have formulated through the contact form
according to Article 6 Per. 1 Lett. b) GDPR
- Legitimate interest of the data controller to provide direct marketing (sending business announcements and newsletters) according to Article 6 Per. 1 Lett. f) GDPR
- Purposes for processing personal data
- Answering Your questions requires only necessary data for contact between You and the controller (name, surname, email address) – so that the controller could respond You
- There is no automatic individual decision-making from the data controller side according to the Article 22 GDPR.
Period for Processing Your Personal Data
The controller keeps Your data for a period of time, which ist strictly necessary. Meaning:
- Your data will be in database for 3 years from the time of Your question, then deleted
- Databases are regularly backed up. Backups older than 14 days are deleted on regular bases
Receivers of Your Personal Data
- Receivers of data are direct employees of the personal data controller.
- Controller has no intentions to give the data to the third countries (out of the EU or to International Organization).
- Your Rights
- Under the GDPR conditions You have
- the right to access your personal data under Article 15 of the GDPR,
- the right to correct personal data pursuant to Article 16 of the GDPR, or the restriction of processing under Article 18 GDPR,
- the right to delete personal data under Article 17 of the GDPR.
- the right to object to processing under Article 21 of the GDPR and
- the right to data portability under Article 20 GDPR.
- In addition, you have the right to file a complaint with the Personal Data Protection Office if you believe that your privacy has been violated.
- The controller declares that he has taken all appropriate technical and organizational measures to safeguard personal data.
- Controller has taken technical measures to secure data repositories (in the form of strong passwords, antivirus programs and other software security).
These terms come into effect on 1.6.2018.