This document describes how Kukhula-Tech s.r.o uses the personal data that they receive from you. This document is in accordance with the General Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), under which you have the right to be informed of the data that are being processed by the Controller.
1. TO WHOM DO YOU GRANT CONSENT TO PROCESS YOUR PERSONAL DATA?
Your consent is granted to Kukhula-Tech s.r.o, Registered office: Karlovarská 1698/1, Řepy,
163 00 Prague 6,, Czech Republic; Company Number: ICO: 08187282 , the company registered in the commercial register maintained by Municipal Court in the Czech Republic (the Controller).
2. WHAT PERSONAL DATA ARE BEING PROCESSED?
(i) The personal data that are being processed are the following:
(ii) Identification information (name, surname);
(iii) Business affiliation related to your person (company name, e-mail address, business postal address, phone number),
(iv) Physical features and voice recordings captured during the events organized by the Controller (photography, video and voice recordings). These materials will be used anywhere in the world for promotional, marketing and other purposes of the Controller.
(v) Information on your utilization of our services, including information in your requests for services;
(vi) Information from our personal, telephone and electronic communication with you;
(vii) Information from the internet browser that you use or mobile applications;
(viii) as well as any information which the Controller processes in relation to the contract fulfillment, legal obligation and for the purposes of the Controller’s legitimate interest.
3. SOURCES OF PERSONAL DATA
The Personal Data are being obtained directly from you or from a person that you appointed to provide us with such data, from social networks and internet where you have personally posted them for receiving marketing information, from surveys regarding the market situation, from automatized processing analyzing the Personal Data to target the advertisement, from the own Controller’s activity.
4. PURPOSE OF PROCESSING
The Controller processes the Personal Data for the purpose of offering the services of the Controller. The activities that fall within this purpose include, in particular, the processing for marketing purposes, sending newsletters, marketing analysis, and profiling with the aim of accommodating our offer to your needs and improve the provided services. The Controller processes your personal data for the purpose of registering you as a participant to receive communication from the Controller, and to register you for participation at our regular events.
5. HOW ARE THE PERSONAL DATA PROCESSED?
The processing of your Personal Data may be manual but also automated. Some of the collected Personal Data are used for automated decision-making. Your Personal Data is being processed mainly by the designated employees of the Controller.
6. WHAT ARE THE LEGAL GROUNDS FOR PROCESSING OF PERSONAL DATA?
Legal grounds for processing of the Personal Data is set by Article 6(1) of GDPR pursuant to which the processing is lawful if it is necessary for the performance of a contract or services that you have requested to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract or registration for events organized by the Controller. Personal data processing is lawful if it is based on the consent of the data subject to the processing of his or her personal data for one or more specific purposes.
7. TO WHOM ARE YOUR PERSONAL DATA HANDED OVER TO?
Your Personal Data is being processed only for the above-mentioned marketing purposes and fulfilling services requested by the Controller and are not handed over to any other entities. In case any third party is handed any of your Personal Data, it is and will be due to our legal obligation to do so (e.g. various state bodies).
8. WILL PERSONAL DATA BE TRANSFERRED TO SOMEONE ELSE?
Personal Data will not be transferred to any third party. If the need arises, we could only provide certain Personal Data within the statutory limits to the state authorities, for example, tax offices, courts, law enforcement, and judicial authorities or supervisory authorities.
9. WILL WE TRANSFER PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATION?
We will not transfer any Personal Data to the countries outside the European Union nor the European Economic Area, neither to any international organizations.
10. HOW YOU MAY REVOKE YOUR CONSENT
The consent is freely given and you may decide not to grant it or to revoke it at any time by the applicable way of filling in the form/unticking the box/sending a request to the email or postal address of the Controller/via unsubscribe link in the e-mail communication. Once the revocation of your consent is obtained by the Controller, we will assume that you no longer wish to have your Personal Data processed for the marketing purposes, and we will consider all other marketing consents as revoked.
11. RIGHTS RELATING TO THE PROCESSING OF THE PERSONAL DATA
The Controller ensures that your Personal Data is processed in a secure and accurate manner. You may exercise all the rights described in this clause with the Controller.
How can you exercise your rights?
You may exercise each individual right via sending an email to firstname.lastname@example.org or by sending a written request to the postal address of the Controller. A statement or information on measures adopted shall be provided to you by the Controller as soon as possible, but no later than two months from receipt of the request. The Controller is entitled to extend this period by two months taking into account the complexity of the issue and the number of requests submitted. The Controller will inform you of such an extension.
11.1 Right to be informed - at least about:
(i) the identity and the contact details of the Controller and of the Controller's representative;
(ii) the purposes of the processing of the Personal Data as well as the legal basis for the processing;
(iii) the legitimate interests pursued by the Controller;
(iv) the recipients or categories of recipients of the Personal Data;
11.2 Right of access
You may request access to your Personal Data and obtain information what Personal Data concerning your person is being processed, and access the following information:
(i) the purposes of the processing;
(ii) the categories of Personal Data concerned;
(iii) the recipients or categories of recipient to whom the Personal Data have been or will be disclosed
(iv) the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine such period;
(v) the existence of the right to request from the Controller rectification or erasure of the Personal Data or restriction of processing of the Personal Data concerning you or to object to such processing;
(vi) the right to lodge a complaint with a supervisory authority;
The Controller shall provide a copy of the Personal Data undergoing processing. For any further requested copies, the Controller may charge a reasonable fee based on administrative costs. The DPO or another authorized person may decide that you should be asked to cover the costs or your request can be rejected. Where the request is made by the electronic means, and unless otherwise requested by you, the information shall be provided in a commonly used electronic form.
11.3 Right to rectification
(i) You have the right to request the Controller to rectify your inaccurate Personal Data.
(ii) You also have the right to have your incomplete Personal Data completed, including by means of providing a supplementary statement. While executing this right, the purposes of the processing must be taken into account and the DPO or another authorized person shall decide whether it is appropriate or not.
11.4 Right to erasure
You have the right to ask the Controller to erase your Personal Data. The Controller shall have the obligation to erase your Personal Data where one of the following grounds applies:
(i) the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(ii) your objective to the processing where there are no overriding legitimate grounds for the processing;
(iii) you revoke the consent and there is no other reason for the processing;
(iv) the Personal Data has been unlawfully processed;
(v) the Personal Data has to be erased for compliance with a legal obligation in the European Union or Member State law to which the Controller is subject.
Right to erasure shall not apply to the extent that processing is necessary for the establishment, exercise or defense of legal claims.
11.5 Right to the restriction of processing
You have the right to restrict the processing where one of the following applies:
(i) you contest the accuracy of the Personal Data, for a period enabling the Controller to verify the accuracy of the Personal Data;
(ii) the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its processing instead;
(iii) the Controller no longer needs the Personal Data for the purposes of the processing, but you require it for the establishment, exercise or defense of legal claims;
(iv) you have objected to processing pending the verification whether the legitimate grounds of the Controller override those of yours.
11.6 Right to object
You have the right to object, on grounds relating to the particular situation, at any time to the processing of your Personal Data, including profiling.
The Controller shall no longer process the Personal Data unless the Controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedom or for the establishment, exercise or defense of legal claims.
11.7 Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority (Irish Data Protection Authority), of the alleged infringement if you consider that the processing of the Personal Data infringes your rights.
11.8 Right to portability
In relation to the Personal Data that you have provided to the Controller and that is subject to automatized processing, you have the right to receive it in a structured, commonly used and machine-readable format and the right to transmit this Personal Data to another controller without hindrance from the Controller.
12. HOW TO CONTACT US?
In case of any questions regarding the processing of your Personal Data you may contact us in writing, via e-mail or telephone on below contact details:
Company number: ICO: 08187282
Registered Address: Karlovarská 1698/1, Řepy,
163 00 Prague 6,, Czech Republic
13. GENERAL INFORMATION
The Controller may change, amend, repeal or replace this notification any time, if necessary.
Company number: ICO: 08187282
Registered Address: Karlovarská 1698/1, Řepy,
163 00 Prague 6,, Czech Republic