PRIVACY AND DATA PROTECTION PRINCIPES
These privacy and data protection principles (hereinafter the “Principles”) are the basic principles governing the Allium, s.r.o, Náměstí republiky 366/1, 614 00 Brno, Czech Republic, VAT ID: 60703521 (hereinafter the “Company”) in the collection and processing of personal data. These Principles implement the Company’s rights, and obligations arising in particular from the following generally binding legal regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “GDPR”);
- Act No. 480/2004 Coll., on certain Information Society Services and on the Amendments to some Acts (Certain Information Society Services Act), as amended (hereinafter as the “Certain Information Society Services Act”); and
- Act No. 127/2005 Coll. on Electronic Communications and on the Amendment to Certain Related Acts (Electronic Communications Act), as subsequently amended (hereinafter the “Electronic Communications Act”).
These Principles apply to all persons visiting the Company’s websites [www.allium.cz] (hereinafter the “Websites”), whether or not these persons are in a contractual relationship with the Company.
What are personal data
Personal Data, in accordance with the GDPR, shall mean any information about a designated or identifiable natural person (not a legal person). In principle, therefore, it is any information that, whether on its own or in combination with other information, can serve to identify a particular individual (hereinafter the “Personal Data”).
What personal data DOES the company process
The Company may collect the following information about you:
1. Personal data that you communicate to the Company yourself
Such Personal Data is, in particular, information that you provide in a completed registration, order, or other form or communicated to the Company by e-mail, telephone, fax, or other similar device. You may also provide the Company with personal information [during competitions], [by submitting a product or service review], [booking training places] or [by sending a general inquiry]. This includes your first name, surname, mailing address, e-mail address, phone number, bank account details, selected payment method, etc.
Your Personal Data will be processed by the Company for the following purpose
You wish to be informed about our latest products, services, and offers, you can provide the Company with your e-mail address to which these business messages will be sent on a regular basis.
You can unsubscribe at any time, for example by clicking on this link UNSUBSCRIBE or by using the link that is included as part of each newsletter.
If you are an existing Customer of the Company, you may receive information about other services or products similar to those covered by your previous purchase even if you have not filled out the newsletter form. If you do not wish to receive such business offers, you can also use one of the above methods at any time to opt-out of the marketing communications we may send to you.
2. Personal information that the Company collects on your behalf
When visiting our Website, the Company may collect some information necessary to ensure the proper and convenient operation of the Website. This information may consist of the Internet Protocol (IP) data used to connect your computer to the Internet, your registration information, browser type and version, time zone settings, browser plug-ins, your visit information, including a valid Uniform Resource Locator (URL), the path to and from the Website (including date and time), the products you viewed or searched for, response times, download errors, the length of visits to certain pages, site visit interaction information (such as scrolling, clicks, and mouse locations), or the way of leaving the page.
These Personal Data are used by the Company to administer and improve its Websites and for internal operations, including problem solving, data analysis, testing, research, statistical purposes, and recording the frequency of previews. These Personal Data can also be used to measure ad performance and provide relevant advertising.
Providing personal information
Personal data that the Company acquires may be transferred [within the group of [●], i.e. the related parties of the Company;] and to third parties (hereinafter the “Processors”) who assist the Company in performing its contractual obligations by mediating certain services (e.g., delivery services). The Company only passes Personal Data to those Processors who provide guarantees of an adequate level of security of your Personal Data and process these Personal Data solely on the basis of a Personal Data Processing Agreement.
In this sense, the Company may transmit Personal Data to the following Processors:
- External contractors and suppliers to meet the Company’s contractual obligations;
- Payment service providers and payment processors in order to secure the transfer of funds and the implementation of payment transactions;
- Providers of postal and delivery services for the purpose of delivering products or services offered by the Company;
- Website administrators.
Under certain circumstances, the Company may be required to provide your Personal Data to third parties (e.g. law enforcement agencies) in accordance with the generally binding legal regulations.
Means of personal data protection
In order to protect and minimise the risk of unauthorised access to Personal Data, the Company has adopted organisational and technical measures.
- Internal organisational restrictions limiting the range of persons authorised to come into contact with Personal Data;
- Ensuring the technical security of the servers and the Company’s Websites against unauthorised access.
Persons in contact with Personal Data are instructed on the privacy policies and are bound by secrecy when processing them.
Length of Personal Data retention
The Company keeps personal data for as long as is strictly necessary to perform its contractual obligations and for the fulfilment of the obligations that the Company derives from the applicable legal regulations. Personal data that is processed with your consent is retained by the Company only for the duration of the purpose for which the consent was granted.
Once the legitimate reason for processing your Personal Data has expired, the Company will destroy these Personal Data and any existing copies thereof.
The company uses the following types of Cookies
1. [First-party cookies that enable the basic operation and functionality of the Website and without which the content of the Web pages could not be properly displayed. This type of Cookies can be used by default without your prior consent. When setting up your browser, however, you can disable the storing of any Cookies at any time;]
2. [Technical Cookies that allow for the analysis of your use of the Website, enable secure sign-up, remember the progress of filling your order, store your registration data, and the contents of your shopping cart. This type of Cookies can be used by default without your prior consent. When setting up your browser, however, you can disable the storing of any Cookies at any time;]
3. [Ad cookies that allow the display of a targeted ad, share the Websites on Social Networking sites, or post comments on products. To use this type of Cookies, your prior consent is required by the applicable law. You can grant this to the Company by clicking on the following link I AGREE.]
If you wish to modify the Cookie saving settings when visiting the Website, you can do so by clicking on the [Cookies Preferences] section. Here you can set up saving only first-party Cookies, first-party Cookies and technical Cookies, or all of the above Cookies. Cookies can be removed using your browser settings. It can also be set up so that Cookies are not automatically saved. However, if you block, disable, or otherwise reject certain Cookies, the Website may not display properly, or you may not be able to use certain Web Services or features.
Rights of data subjects
In connection with the processing of your Personal Data by the Company, you are entitled to the following Personal Data protection rights:
1. The right to withdraw
your consent to the processing of Personal Data, when the processing is based on such consent;
2. The right to request access
to your Personal Data and information about what Personal Data is processed by the Company;
3. The right to correct
inaccurate Personal Data and also to supplement incomplete Personal Data;
4. The right to delete
the processed Personal Data;
5. The right to limit
the processing of Personal Data;
6. The right to obtain
the Personal Data you have provided to the Company in a structured, commonly used, and machine-readable format, and the right to pass this information to another person;
7. The right to be informed
of a Personal Data breach;
8. The right to object to
the processing of Personal Data; and
9. The right to file a complaint
with the Supervisory Authority, i.e. the Office for Personal Data Protection, at Pplk. Sochora 27, 170 00 Prague 7, or a data box at qkbaa2n.
The above rights and possible complaints may be filed with the Company as the Data Controller in writing to the address below or by email to the following e-mail address email@example.com.
Náměstí republiky 366/1
614 00 Brno
These Principles are valid and effective as of May 25, 2018.