Personal data protection
Terms of personal data protection
PRIVACY POLICY
I.Protection of personal data
1.1. By inserting personal data, the user acknowledges that he / she understands the terms of personal data protection, agrees to their wording, and accepts them in their entirety.
1.2 The Provider is the User’s Personal Information Manager under Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC the Personal Data Protection Regulation) (hereinafter referred to as “GDPR”). The Provider undertakes to process personal data in accordance with legal regulations, especially the GDPR.
1.3. Personal information is any information about an identified or identifiable natural person; identifiable natural person is a natural person that can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, psychological, economic, social identity of this individual.
1.4 When ordering, the personal data required for successful order execution (name and address, contact) are required. The purpose of processing personal data is to execute the user’s order and to exercise the rights and obligations arising from the contractual relationship between the Provider and the User. The purpose of processing personal data is to send business messages and make other marketing activities. The legal reason for the processing of personal data is the fulfillment of the contract pursuant to Article 6 (1) b) GDPR, fulfillment of the statutory duty of the administrator according to Art. 6 par. c) GDPR and the legitimate interest of the Provider pursuant to Article 6 (1) f) GDPR. The Provider’s legitimate interest is the processing of personal data for direct marketing purposes.
1.5 The Provider uses the services of subcontractors, in particular mail service providers (personal data are stored in third countries) and webhosting providers, to perform the license agreement. Subcontractors are screened for the safe processing of personal data. Provider and subcontractor of a web host have entered into a personal data processing contract under which the subcontractor is responsible for the proper provision of the physical, hardware and software perimeter and hence bears direct responsibility for the user for any leakage or violation of personal data.
1.6 The Provider shall store the user’s personal data for the time necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the User and the enforcement of the claims under these contractual relationships (for 15 years from the termination of the contractual relationship). After it expires, data will be erased.
1.7 The User has the right to request from the Provider access to his / her personal data pursuant to Article 15 of the GDPR, the correction of personal data pursuant to Article 16 GDPR or, where applicable, the limitation of the processing under Article 18 GDPR. The user has the right to delete personal data in accordance with Article 17 (1) (a) and (c) to (f) of the GDPR. Furthermore, the user has the right to object to the processing under Article 21 of the GDPR and the right to data portability pursuant to Article 20 GDPR.
1.8 The User has the right to file a complaint with the Personal Data Protection Office if he / she considers that his or her right to the protection of personal data has been violated.
1.9 The user is under no obligation to provide personal information. However, the provision of personal data is a necessary requirement for the conclusion and performance of a contract, and without the provision of personal data, it is not possible to conclude the contract or to execute it by the provider.
1.10 The Provider does not automatically make an individual decision within the meaning of GDPR No. 22.
1.11 Applicants for using the Provider’s services by filling in the contact form:
agrees to use their personal data for the purpose of sending commercial communications, promotional materials, direct sales, market surveys and direct offers from the Provider and third parties, but not more than once a week, and at the same time
declares that the sending of the information under paragraph 1.11.1 does not constitute an unsolicited advertisement within the meaning of the law. No. 40/1995 Coll. as amended, as the user is sending the information according to point 1.11.1 in conjunction with § 7 of Act. No. 480/2004 Coll. expressly agrees.
The user may at any time withdraw his consent under this paragraph at info@labortech.cz
1.12 The Provider uses so-called cookies to improve the quality of its services, personalize the offer, collect anonymous data, and for analytical purposes in its presentation. By using the site, the user agrees to use the technology.
II. Rights and responsibilities between administrator and processor (processing agreement)
2.1 The Provider is in relation to the personal data of client clients by the processor in accordance with Article 28 GDPR. The user is the administrator of this data.
2.2 These Terms and Conditions govern the mutual rights and obligations in the processing of personal data to which the Provider has gained access in the framework of the fulfillment of the license agreement concluded in the form of approval of the General Terms and Conditions at www.labortech.cz (hereinafter referred to as the “License Agreement”) concluded with the User on the date of establishment of the user account.
2.3. The Provider undertakes for the User to process personal data to the extent and for the purposes set out in Articles 2.4 – 2.7 of these Terms. Processing resources will be automated. In the processing, the Provider will collect, store, store, block and disassemble personal data. The Provider is not entitled to process personal data in violation or beyond the limits set by these terms.
2.4 The Provider undertakes for the user to process personal data in the following extent:
common personal data,
specific categories of data under Article 9 GDPR,
which the User obtained in connection with his own business.
2.5. The Provider undertakes for the user to process personal data for the processing of inquiries and client requests received from the contact form.
2.6. Personal data may only be processed at the workplace of the Provider or its subcontractors, as defined in Article 2.8 of these Conditions, within the territory of the European Union.
2.7. The Provider undertakes for the User to process the personal data of the User’s clients, all for the time necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the User and to claim the said contractual relations (for 15 years from the termination of the contractual relationship).
2.8 The user grants permission to engage a subcontractor as a further processor under Article 28 (2) of the GDPR, which is the hosting application provider. In addition, the User grants the Provider a general authorization to engage in the processing of a further personal data processor, but the Provider must inform the user in writing of any intended changes to the acceptance or replacement of the other processors and give the user the opportunity to object to these changes. The Provider must impose on its subcontractors as personal data processors the same personal data protection obligations as set out in these Terms.
2.9. The Provider undertakes that the processing of personal data will be ensured in particular as follows:
Personal data is processed in accordance with the law and on the basis of the User’s instructions, ie to perform all the activities required for the provision of web platforms.
The Provider undertakes to provide technically and organizationally the protection of the processed personal data in such a way that unauthorized or accidental access to the data, its alteration, destruction or loss, unauthorized transmissions, any other unauthorized processing as well as other misuse may occur. personally and organizationally, throughout the processing of the data, ensure that all obligations of the data processor, resulting from the legislation, are safeguarded.
The technical and organizational measures adopted correspond to the degree of risk. The Provider ensures the continued confidentiality, integrity, accessibility, and resilience of processing systems and services, and timely restores the availability of and access to personal data in the event of physical or technical incidents.
The Provider hereby declares that the personal data protection is subject to the Provider’s internal security regulations.
Only authorized persons of the Provider and subcontractors will have access to personal data in accordance with Article 2.8 of these Conditions, which will provide the Provider with the conditions and scope of data processing and any such person will access personal data under its unique identifier.
Authorized persons Providers who process personal data under these terms and conditions are required to maintain confidentiality of personal data and security measures whose disclosure would jeopardize their security. Provider will ensure their demonstrable commitment to this obligation. The Provider will ensure that this obligation for both the Provider and the Beneficiary will continue after the termination of a legal or other relationship with the Provider.
Provider will assist the user, through appropriate technical and organizational measures, if possible, to meet the user’s obligation to respond to requests for the data subject’s exercise of rights under the GDPR; as well as to ensure compliance with the obligations under GDPR Articles 32 to 36, taking into account the nature of the processing and information available to the Provider.
Upon termination of the provision of performance associated with processing under Article 2.7 of these Conditions, the Provider is obliged to delete all personal data or to return it to the User if he is not obliged to store personal data under a special law.
The Provider will provide the User with all the information necessary to demonstrate that the obligations under this Agreement and the GDPR have been met, will allow audits, including inspections, performed by the User or another auditor assigned by the User.
2.10 The User undertakes to promptly report any facts known to him that could adversely affect the proper and timely fulfillment of the obligations arising from these conditions and to provide the Provider with the necessary cooperation to meet these conditions.
III. Final Provisions
3.1 These Terms shall expire upon the expiry of the time specified in Article 1.6 and Article 2.7 of these Conditions.
3.2 The user agrees to these terms by ticking the consent via the online form. By signing the consent, the user expresses that he has read these terms, agrees with them and accepts them in their entirety.
3.3 The Provider is entitled to change these conditions. The Provider is obliged to publish a new version of the conditions on his website without any unnecessary delay. will send the new version to the User at its email address.
3.4. Provider Contact Details in matters relating to the following conditions: +420 602527646, info@relaxpension.cz
3.5 Relationships expressly not governed by these terms and conditions shall be governed by the GDPR and by the laws of the Czech Republic, in particular by Act No. 89/2012 Coll., The Civil Code, as amended.
These Terms become effective on May 25, 2018.