PROTECTION OF PERSONAL DATA 2023
The administrator of personal data is Ing. Lucie Hejhalová, ID / IČO: 49225634, place of business Nad Smetanku 221/3, Prague 9, ZIP code 19800, email: lucie@luciehejhalova.cz
hereinafter referred to as „Administrator“
I. What personal data is processed?
Data provided by the client when using the services of Ing. Lucie Hejhalová, ID: 49225634, i.e. name, surname, address, email, telephone.
II. For what purpose is the data processed?
The data is used for the performance of the contract, for the purposes of fulfilling the administrator’s legitimate interests and for the purposes of fulfilling legal obligations arising in particular from the Accounting Act.
This personal data is necessary to be able to conclude a contract with the client and provide the service. If the client does not provide personal data, it is not possible to conclude a contract or provide a service.
III. Marketing newsletter
Furthermore, personal data is used for the purpose of sending a marketing newsletter, either based on the client’s consent or based on the administrator’s legitimate interest.
You can unsubscribe from the newsletter at any time by clicking on the relevant link located at the footer of each newsletter or by sending a notification to the administrator’s email.
IV. Who has access to the data?
Administrator – Lucie Hejhalová, who undertakes to maintain confidentiality about them.
Furthermore, the administrator can entrust the processing of personal data to another personal data processor, however only under the same conditions as those set out in these rules.
As of the date of creation of these rules, the administrator uses the following processors:
Mailchimp (sending newsletters)
Wedos (webhosting)
If the client wants to be informed about future changes in the list of processors, he can send a request to the administrator’s email.
V. Client rights
The right of access to personal data means that the client has the right to obtain information from the administrator on whether she is processing his personal data and, if so, what data it is and how it is processed. The client also has the right to have the administrator correct inaccurate personal data concerning him without undue delay at his request. The client has the right to complete incomplete personal data at any time.
The right to erasure of personal data represents, in other words, the administrator’s obligation to delete the personal data she processes about the client, if certain conditions are met and the client requests it.
The client has the right to have the administrator limit the processing of his personal data in certain cases. The client has the right to object at any time to processing that is based on the administrator’s legitimate interests.
The right to data portability gives the client the opportunity to obtain personal data that he has provided to the administrator in a common and machine-readable format. He can then transfer this data to another administrator or, if technically possible, request that the administrators transfer it to each other.
The right to revoke consent to the processing of personal data at any time does not apply, when the client’s personal data (with the exception of consent to sending a newsletter) is processed for the purpose of fulfilling the contract concluded with the client, not on the basis of consent to processing.
In the event that the client is in any way dissatisfied with the processing of his personal data carried out by the administrator, he can file a complaint directly with her or contact the Office for Personal Data Protection. More information about client rights is available on the website of the Office for Personal Data Protection.
VI. Time of personal data processing
Personal data will be processed for the duration of the contract concluded between the administrator and the client, and after its termination, they will be disposed of in accordance with applicable legislation, in particular Act No. 499/2004 Coll. (Act on Archiving and File Service and on the Amendment of Certain Acts) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/ 46/EC (GDPR Regulation).
VII. Security, Website and Cookies
The administrator ensures the security of the client’s personal data. Handling of personal data takes place in full compliance with applicable legal regulations, including the General Data Protection Regulation (GDPR).
When processing personal data, the administrator places great emphasis on the technical and organizational security of the processed data.
The document is valid from February 1, 2023