pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing the Directive 95/46 / EC.
This document sets out the principles and procedures for the processing of personal data and rights, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter referred to as "the Regulation"), and Act No. 480/2004 Coll., on certain services of information society, as amended.
Personal information: All information about an identified or identifiable customer; identifiable customer is a natural person who can be identified directly or indirectly, in particular by reference to a particular identifier such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;
Administrator: U ČÁPA PIVNICE, s.r.o. (hereinafter referred to as the "Administrator"), the entity that determines the purpose and means of the processing of personal data, performs the processing and is responsible for it. The Administrator may authorise a processor to process the personal data unless a special law provides otherwise;
Processor: Any entity which, based on a special law or under authorisation by the Administrator, processes personal data under the Act and the Regulation on the basis of a contract on the processing of personal data;
Data subject (hereinafter referred to as "Customer"): A natural person (including self-employed persons) to whom the personal data relate (e.g., a potential, current or lost customer);
The Administrator processes personal data in the sense of the following principles arising from the Regulation:
The Customer is entitled to the following information:
The Customer is entitled to:
List of communication channels through which a customer request can be received and responded to:
The Administrator acquires personal data of its customers especially from the customers themselves as part of the purchase, request for services, sending of the newsletter or reservations on www.pivnice-ucapa.cz.
Additionally, the Administrator obtains personal data on the basis of consent to the processing of personal data.
The Administrator and its contractual processors, following the relevant legal title and the purpose of processing, process the following personal data or categories of personal data:
The Administrator processes the Customer's personal data for the following legal reasons (titles):
The personal data will be processed in order to identify the parties and to perform the contract and for the purpose of recording contracts and possible future application and defense of the rights and obligations of the contracting parties. Such processing is permitted by Article 6 (1) (b) and (f) of the Regulation.
The personal data will be processed for the duration of the contractual relationship and further to the necessary extent for a period of 10 years from termination of the contractual relationship, unless it is required by another regulation to retain the contractual documentation for a longer period.
The processing of personal data is carried out by the Administrator, but the personal data can also be processed by these processors:
Pursuant to the Regulation, the customer is entitled to:
The Administrator processes the personal data of the data subjects for the purposes of the concluded Purchase Contract with the Customer. Usually, these are: name, surname, e-mail address, phone number.
The processing time is defined by the duration of the Customer's contractual relationship with the Administrator.
In case the Administrator processes the Customer's personal data for other purposes that cannot be subordinated to the legitimate interest or performance of the contract, it can only do so on the basis of valid consent to the processing of personal data by the Customer, which is an expression of the free will of the Customer and creates a specific title for such personal data handling.
The Customer grants their consent to the processing of personal data – processing of the e-mail address - by completing the form on www.pivnice-ucapa.cz.
The e-mail address will be processed for the purpose of its inclusion in the business messaging database.
The personal data will be processed for 3 years from the date of granting consent if you do not prolong this period.
You can withdraw your consent at any time, for example, by sending a letter, an e-mail or by clicking on the link in the business message. Withdrawal of consent will result in the suspension of commercial communications.
The processing of personal data is carried out by the Administrator, but the personal data can also be processed by these processors:
Pursuant to the Regulation, the Customer is entitled to:
Personal data are processed automatically and manually and may be made available to the Administrator’s employees if this is necessary for the fulfillment of their job responsibilities, to the processors with whom the Administrator has a contract on personal data processing and, if applicable, to another person in accordance with the Act and the Regulation.
The processing of personal data may be done by the processors for the Administrator solely on the basis of a contract on the processing of personal data, i.e., with guarantees of the organizational and technical security of these data and with the definition of the purpose of the processing, and the processors must not use the data for other purposes.
The Administrator works with the Customer’s data in other processing systems and their protection is secured by unique user names and passwords. User names and passwords are stored on a personal computer of the Administrator access to which requires a username and password.
The processing of personal data may be done by the processors for the Administrator solely on the basis of a contract on the processing of personal data, with guarantees of the organizational and technical security of these data and with the definition of the purpose of the processing, and the processors must not use the data for other purposes.
The Administrator terminates the handling of Customer data after termination of the contractual relationship, after expiry of the period specified in the consent to the processing of personal data or after forfeiture of the legitimate reasons for the archiving of personal data.
In the event of a breach of security of data handling or data leakage, the Administrator shall promptly inform the Customer and the Office for Personal Data Protection within 24 hours.