Privacy and data protection principles
These privacy and data protection principles (hereinafter the “Principles”) are the basic principles governing the Globalio s.r.o., Nové sady 988/2, 602 00 Brno, VAT ID: 07322577 (hereinafter the “Company”) in the collection and processing of personal data. These Principles implement the Company’s rights, and obligations arising in particular from the following generally binding legal regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “GDPR”);
- Act No. 480/2004 Coll., on certain Information Society Services and on the Amendments to some Acts (Certain Information Society Services Act), as amended (hereinafter as the “Certain Information Society Services Act”); and
- Act No. 127/2005 Coll. on Electronic Communications and on the Amendment to Certain Related Acts (Electronic Communications Act), as subsequently amended (hereinafter the “Electronic Communications Act”).
These Principles apply to all persons visiting the Company’s websites [www.globalio.cz] (hereinafter the “Websites”), whether or not these persons are in a contractual relationship with the Company.
WHAT ARE PERSONAL DATA
Personal Data, in accordance with the GDPR, shall mean any information about a designated or identifiable natural person (not a legal person). In principle, therefore, it is any information that, whether on its own or in combination with other information, can serve to identify a particular individual (hereinafter the “Personal Data”).
WHAT PERSONAL DATA DOES THE COMPANY PROCESS
The Company may collect the following information about you:
- Personal data that you communicate to the Company yourself
Such Personal Data is, in particular, information that you provide in a completed registration, order, or other form or communicated to the Company by e-mail, telephone, fax, or other similar device. You may also provide the Company with personal information [during competitions], [by submitting a product or service review], [booking training places] or [by sending a general inquiry]. This includes your first name, surname, mailing address, e-mail address, phone number, bank account details, selected payment method, etc.
Your Personal Data will be processed by the Company for the following purposes:
- the provision of a service, product or information in which you have expressed an interest;
- if you are an existing customer, also to provide information about other services or products similar to those that were the subject of your previous purchase;
- if you are a new customer, the Company will only send you commercial communications and offers of products and services if you have given the Company your express consent to do so;
- assessment and evaluation of your job application.
- Personal information that the Company collects on your behalf
When visiting our Website, the Company may collect some information necessary to ensure the proper and convenient operation of the Website. This information may consist of the Internet Protocol (IP) data used to connect your computer to the Internet, your registration information, browser type and version, time zone settings, browser plug-ins, your visit information, including a valid Uniform Resource Locator (URL), the path to and from the Website (including date and time), the products you viewed or searched for, response times, download errors, the length of visits to certain pages, site visit interaction information (such as scrolling, clicks, and mouse locations), or the way of leaving the page.
These Personal Data are used by the Company to administer and improve its Websites and for internal operations, including problem solving, data analysis, testing, research, statistical purposes, and recording the frequency of previews. These Personal Data can also be used to measure ad performance and provide relevant advertising.
PROVIDING PERSONAL INFORMATION
Personal data that the Company acquires may be transferred [within the group of [●], i.e. the related parties of the Company;] and to third parties (hereinafter the “Processors”) who assist the Company in performing its contractual obligations by mediating certain services (e.g., delivery services). The Company only passes Personal Data to those Processors who provide guarantees of an adequate level of security of your Personal Data and process these Personal Data solely on the basis of a Personal Data Processing Agreement.
In this sense, the Company may transmit Personal Data to the following Processors:
- External contractors and suppliers to meet the Company’s contractual obligations;
- Payment service providers and payment processors in order to secure the transfer of funds and the implementation of payment transactions;
- Providers of postal and delivery services for the purpose of delivering products or services offered by the Company;
- Website administrators.
Under certain circumstances, the Company may be required to provide your Personal Data to third parties (e.g. law enforcement agencies) in accordance with the generally binding legal regulations.
MEANS OF PERSONAL DATA PROTECTION
In order to protect and minimise the risk of unauthorised access to Personal Data, the Company has adopted organisational and technical measures.
- Internal organisational restrictions limiting the range of persons authorised to come into contact with Personal Data; and
- Ensuring the technical security of the servers and the Company’s Websites against unauthorised access.
Persons in contact with Personal Data are instructed on the privacy policies and are bound by secrecy when processing them.
LENGTH OF PERSONAL DATA RETENTION
The Company keeps personal data for as long as is strictly necessary to perform its contractual obligations and for the fulfilment of the obligations that the Company derives from the applicable legal regulations. Personal data that is processed with your consent is retained by the Company only for the duration of the purpose for which the consent was granted.
Once the legitimate reason for processing your Personal Data has expired, the Company will destroy these Personal Data and any existing copies thereof.
RIGHTS OF DATA SUBJECTS
In connection with the processing of your Personal Data by the Company, you are entitled to the following Personal Data protection rights:
- The right to withdraw your consent to the processing of Personal Data, when the processing is based on such consent;
- The right to request access to your Personal Data and information about what Personal Data is processed by the Company;
- The right to correct inaccurate Personal Data and also to supplement incomplete Personal Data;
- The right to delete the processed Personal Data;
- The right to limit the processing of Personal Data;
- The right to obtain the Personal Data you have provided to the Company in a structured, commonly used, and machine-readable format, and the right to pass this information to another person;
- The right to be informed of a Personal Data breach;
- The right to object to the processing of Personal Data; and
- The right to file a complaint with the Supervisory Authority, i.e. the Office for Personal Data Protection, at Pplk. Sochora 27, 170 00 Prague 7, or a data box at qkbaa2n.
The above rights and possible complaints may be filed with the Company as the Data Controller in writing to the address below or by email to the following e-mail address firstname.lastname@example.org.
Nové sady 988/2, 602 00 Brno
These Principles are valid and effective as of May 25, 2018.