This Personal Data Protection Policy (hereinafter referred to as the "Policy") describes the manner in which we collect, use and otherwise handle personal data of natural persons collected through the web interface www.isoma.cz including cookies (hereinafter referred to as the "Web Interface"). The Personal Data Protection Policy does not apply to data of legal entities.
Personal Data Controller:
ISOMA s.r.o., Magistrů 1275/13, 140 00 Prague 4 – Michle, Czech Republic
Company ID No.: 27232565
VAT No.: CZ27232565
Registered in the Commercial Register administered by the Municipal Court in Prague, Section C, File 106359.
Contact Data of Personal Data Controller:
mailing address:Magistrů 1275/13, 140 00 Prague 4 – Michle, Czech Republic
phone number: +420 244 094 241
contact e-mail: email@example.com
1. Initial provisions
1.1. Which guidelines do we follow when handling your personal data?
When handling the personal data, we act in accordance with the legal regulations of the Czech Republic and directly applicable regulations of the European Union, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the "GDPR"), Act No. 110/2019 Coll., on the processing of personal data, as amended, and Act No. 480/2004 Coll., on certain information society services and on amendments to certain acts, as amended.
1.2. What is personal data?
Personal data denotes all information that identify or may identify a specific natural person. Personal data includes in particular, but is not limited to:
- Identifying information such as name, surname, identification number, tax identification number, date of birth, gender, user account login;
- contact details such as home address (or mailing address), telephone number, email address;
- other data, such as information obtained through cookies, IP address (network identifier) including browser type, device and operating system, time and number of accesses to the Web Interface and other similar information.
2. Collection and use of personal data
2.1. How do we receive your personal data?
You provide us with your personal data mainly by e-mail or in the contact form.
When visiting and using the Web Interface, some personal data may also be collected and stored via cookies. You can read more about cookies in Article 5 of this Policy.
2.2. On what basis and for what purposes do we process your personal data?
- We may process the personal data entered when making enquiries (in particular via the contact form) and ordering goods or services without your explicit consent on the basis of and for the purpose of concluding and performing the contract, i.e. for the purpose of supplying goods or services. Furthermore, we may process such data on the basis of and for the purpose of complying with our statutory obligations (in particular registration obligations, archiving of tax documents, etc.) and on the basis of our legitimate interest for the purpose of protecting our legal claims.
- We process personal data collected via cookies on the basis of your consent (which you give by setting your browser accordingly). We use personal data collected through cookies mainly for the purposes of providing user support, improving our services, including analysing user behaviour and marketing.
We may use your personal data for a purpose other than that for which it was collected only with your consent.
2.3. To whom may we disclose your personal data?
We will only make your personal data available to authorised employees and cooperating lawyers or advisers or other controllers, but only to the extent necessary for the fulfilment of the individual purposes of the processing and on the basis of the corresponding legal title for the processing of personal data.
As part of the performance of a contract concluded with the client, the recipients of personal data may include in particular the public authorities (e.g. courts, administrative bodies), or other recipients according to the client’s needs and instructions.
2.4. For how long do we use the data?
We only use the personal data provided in the context of enquiring about and ordering goods or services or in the context of registration for the time necessary for the performance of the contract and the compliance with the legal obligations or for the protection of our legal claims.
If you give us your explicit consent to the processing of personal data or if we use your email address to send you commercial communications in accordance with the previous article, the data will be used for the duration of the Web Interface on which we offer services or goods similar to those provided to you.
We do not process personal data for direct marketing purposes and we do not carry out any automated processing of personal data.
3. Your rights in connection with the personal data
3.1. Right to withdraw consent to the processing of personal data
If we process your personal data only on the basis of your consent (i.e. without any other legitimate reason), you can withdraw this consent at any time.
You can withdraw your consent to the processing of your personal data at any time:
- via e-mail sent to our contact email address;
- by calling our contact number;
- in writing in the form of a letter sent to our mailing address;
For business messages
- in the manner specified in each email containing the business message (by clicking on the unsubscribe link or otherwise).
Withdrawal of consent does not affect the legitimacy of data processing carried out until the withdrawal of consent to processing.
3.2. Right of access to personal data
You have the right to ask us whether we process your personal data. If we process your data, you have the right to access this personal data and in particular the following information:
- purpose of processing;
- categories of personal data processed;
- the recipients or categories of recipients to whom the personal data will be disclosed;
- personal data storage period.
Upon your request, we will provide you with a copy of the processed data. We may charge you an administrative fee for any additional copies not to exceed the cost of making and delivering those additional copies.
3.3. Right of rectification
If your personal data is inaccurate or incomplete, you have the right to request immediate rectification, i.e. correction of inaccurate data and/or completion of incomplete data.
3.4. Right to object to processing
You have the right to object at any time to the processing of your personal data if we process it in breach of the legal regulations. Upon objection, we will no longer process your personal data for these purposes.
3.5. Right to deletion (“right to be forgotten”)
You have the right to demand that we erase your personal data, where:
- the personal data is no longer needed for the purposes for which it was collected and/or processed;
- you have withdrawn your consent to processing;
- you have raised an objection to the processing of personal data;
- the personal data has been processed unlawfully.
If there are no legal grounds for refusing erasure, we are obligated to comply with your request.
3.6. Rights to restrict the processing
You have the right to request that we restrict the processing of your personal data, if:
- you deny the accuracy of your personal data;
- the processing is unlawful and you request restriction of the processing of personal data instead of erasure;
- we no longer need your personal data for the purposes of processing, but you require it for the establishment, exercise or defence of legal claims;
- you raise an objection to processing.
When restricting the processing, we are only entitled to store your personal data; further processing is only possible with your consent or for legal reasons.
If the processing of personal data is restricted due to an objection to processing, the restriction lasts for the time necessary to determine whether we are obligated to comply with your objection.
If the processing of personal data is restricted due to a denial of the accuracy of the data, the restriction lasts for the period of verification of the accuracy of the data.
3.7. Right to data portability
You have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format and to have it transferred to another data controller.
3.8. How can you execute your rights?
You can exercise your rights in relation to personal data by using our contact details. All information and actions will be provided to you without undue delay.
Whenever possible, we will strive to meet your request as regards personal data protection. However, if you are not satisfied with how your request has been deal with, you may turn to the competent bodies, especially the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) (http://www.uoou.cz) which supervises personal data protection.
This provision does not affect your right to address the Office for Personal Data Protection directly and immediately.
In particular, if your residence, place of employment or place of alleged personal data breach is located outside the Czech Republic in another EU Member State, you may contact the competent supervisory authority in that Member State.
4. Personal data control and processing
4.1. Who processes your personal data?
We are a data controller within the meaning of the GDPR.
To the extent necessary for the performance of the contract or other obligations, we may also transfer your personal data to other persons, such as carriers or other persons involved in the performance of the contract or our obligations. Alternatively, we may authorize other processors and recipients of personal data. We will also tell you who specifically processes your personal data on the basis of your enquiry.
Your personal data will not be transferred to countries outside the European Union unless it is necessary for the performance of a contract or for any other reason in accordance with the rules for such transfers set out in GDPR.
Your personal data is processed in particular by:
- Google LLC.
4.2. What personal data do we process?
Personal data and other data obtained are fully secured against misuse. The personal data will be processed automatically in electronic form or manually in printed form.
5.1. What are cookies?
Cookies are text files saved in each Web Interface user's computer or other electronic device that allow the functioning of the Web Interface.
5.2. What cookies and for what purposes does the Web Interface use them?
The Web Interface uses session (temporary) cookies that are automatically deleted when you stop browsing the Web Interface. It also uses permanent that stay saved in your device until you delete them.
The cookies used by the Web Interface are as follows:
- Strictly necessary cookies – these cookies are essential for the proper functioning of my website. Without these cookies, the website would not work properly;
- Performance and Analytics cookies – these cookies allow the website to remember the choices you have made in the past;
- Advertisement and Targeting cookies – these cookies collect information about how you use the website, which pages you visited and which links you clicked on. All of the data is anonymized and cannot be used to identify you.
5.3. Services used that work with cookies
The Web Interface uses Google Analytics services and, where applicable, other services provided by Google LLC (hereinafter referred to as " Google"), Facebook Pixel service provided by Facebook Inc. and Sklik service provided by Seznam.cz, a.s. These services work with information obtained through cookies. If you are interested in how Google uses the data they get from us and how to modify and/or prohibit the processing, please click on the following link to learn this information: How Google uses data when you use our partners’ websites and/or applications.
This Policy takes force and effect on 01 January 2022.