The purpose of this page is to introduce you to the concept of personal data, explain how the data controller handles it, and what your rights as a data subject to whom personal data relates are.
What constitutes personal data?
Personal data means any information based on which it’s possible to directly or indirectly identify a natural person (hereinafter referred to as the “Data subject”), e.g. name, surname, or address.
What is personal data processing?
Personal data processing means any operation or a set of operations performed on personal data by the data controller or processer, such as retrieval, storage, collection, use, making it available, transmission, disclosure, replacement, adaptation or alteration, sorting or combination, restriction, and erasure or destruction.
Who is the data controller?
Ing. Libuše Kalášková (hereinafter referred to only as the “Data Controller”), company ID: 76412008, VAT ID: CZ7557304777, Makovského 340, 592 31 Nové Město na Moravě, Czech Republic.
The data controller processes personal data in accordance with the laws of the European Union, especially with Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, also with international agreements binding on the Czech Republic, especially the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, declared under no. 115/2001, Collection of International Treaties, and with relevant national legal regulations, especially Act no. 101/2000, Collection of Law, on personal data protection and on amendment of certain acts, as amended (hereinafter referred to only as the “Personal Data Protection Act”).
The purpose of processing your personal data
We process personal data for the purposes of responding to questions, requests, or orders, to perform contracts, provide business and services, ensure operations, and keep customers records.
Which personal data is processed?
We process only general personal information (name, surname) and personal data for the purposes of organization (address, e-mail address, phone number).
How do we acquire your personal data?
We acquire your personal data by means of a contact and reservation form.
Who else has an acces to your personal data (processors and recipients)?
We don’t sell, exchange, or otherwise transfer your personal data to third parties. Within the scope of our operation, as well as the provision of business and services, this does not apply to trustworthy third parties, provided that these third parties are obligated to maintain confidentiality with regards to the personal data with which they come into contact as a part of carrying out the activities mentioned above.
We are entitled to disclose personal data if this disclosure conforms to the law, as a part of enforcing the compliance with our rules, or for the purposes of protecting our rights, property, or safety.
Information by which a person cannot be specifically identified may be provided to other parties for the purposes of marketing, promotion, or other use.
How long do we process your pesronal data?
We process your personal data only for the time necessary, i.e. for the duration of our mutual contractual relations. After these relations are terminated, we archive your personal data for the period prescribed to us by legal regulations (up to 10 years). In case of questions or requests, personal data is processed for the period of 1 year. The reason why we archive your personal data even after the termination of our mutual contractual relations is to ensure our ability to enforce existing claims (e.g. collect sums in arrears).
What are the rights of data subjects?
Data subjects are entitled to request information as to what personal data the data collector processes, to what purpose, and for how long, from which sources the collector acquired the data and who except them can access it. The collector shall always and without any unnecessary delay inform the data subject that their request was processed, and give them access to their personal data without any unnecessary delay and for an adequate payment.
Data subjects are entitled to request an access to their personal data, to ask for their personal data to be updated or completed if it’s inaccurate or if its processing is against the law but at the same time its deletion is not wanted by the particular data subject. Furthermore, data subjects have the right to data portability, to raise an objection against personal data processing, or to make a complaint and submit a motion to the Office for Personal Data Protection (www.uoou.cz) if they believe that the personal data processing does not conform to the rules for processing personal data.
Our contact information
You can contact us at info@vilanmnm.cz, tel.: +420 773 220 010
GDPR
The data collector would hereby like to inform you that the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to only as “GDPR”) comes into force on 25 May 2018 and shall be directly effective in the legal system of the Czech Republic. In connection with this fact, this information on personal data processing shall be updated so that as of 25 May 2018 it fully reflects the new legal regulations pertaining to protecting personal data of natural persons, as governed by GDPR.
Definition of terms
Below you’ll find a brief explanation of all terms used in the GDPR.
Data subject
Any natural person to whom personal data relates is considered a data subject.
Data controller
Any entity determining the purpose and tools of personal data processing which it carries out and for which it’s responsible.
Data processor
Any entity which processes personal data on the grounds of a special law or the controller’s authorization and in accordance with the laws mentioned above.
Recipient
Any entity which can access personal data.