• Medicína inovativně

    „BUDOUCNOST JE NAŠE PŘÍTOMNOST“

    START UP BEZ HRANIC

GDPR terms

Personal Data Processing and Protection Policy under the GDPR
(hereinafter also referred to as the “Policy”)

  1. INTRODUCTORY PROVISIONS
    1. The controller of personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “GDPR”) is:

      Company / name: TECH4WOMEN a.s.
      Registered office / address: Příčná 1892/4, Nové Město, 110 00 Prague 1
      Company ID: 23392673
      Represented by: Naděžda Pašková
      Contact: email: nada.paskova@foragra.cz tel.: 739434501
      (hereinafter referred to as the “controller”).
    2. The controller processes personal data in accordance with the GDPR, Act No. 101/2000 Coll., on the Protection of Personal Data, Act No. 89/2012 Coll., the Civil Code, and other related legal regulations.
    3. Below is a list of personal data, methods of processing, duration of processing, purpose of processing, as well as information provided to you as data subjects by the controller.
  2. CATEGORIES OF PERSONAL DATA
    1. The controller processes only the necessary basic data, namely:
      • identification data (your first and last name, trade name, home or registered address, possibly also your mailing address, Company ID, VAT ID, your date of birth)
      • contact data (your email and phone number, or IP address).
    2. The controller processes personal data you have provided or that the controller has obtained based on fulfilling your order.
  3. REASON AND PURPOSE OF PROCESSING PERSONAL DATA
    1. The legal basis for processing personal data is:
      • performance of a contract to which you, as the data subject, are a party,
      • compliance with the legal obligations of the controller,
      • the legitimate interest of the controller in providing direct marketing,
      • your consent to the processing of personal data for the purposes of direct marketing (sending commercial messages and newsletters).
    2. The controller processes personal data for the purpose of fulfilling your order, complying with its legal obligations towards the state (e.g., tax obligations), and for marketing activities.
    3. You may withdraw your consent to receive commercial messages at any time (see section 7.6 of the Policy).
  4. RETENTION PERIOD OF PERSONAL DATA
    1. The controller retains your personal data for the time necessary to perform the rights and obligations arising from the contractual relationship or for the time necessary to fulfill archival duties under other legal regulations (Accounting Act, Archival and Records Management Act, VAT Act), but no longer than 10 years after the end of the contractual relationship. If you do not withdraw your consent to data processing for direct marketing, the data will be processed for no more than 3 years.
    2. After the retention period has expired, your personal data will be deleted.
  5. PERSONAL DATA SECURITY
    1. Taking into account the state of the art, implementation costs, nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, the controller has implemented appropriate technical and organizational measures to meet the requirements of the GDPR and to protect the rights of data subjects.
  6. RECIPIENTS OF PERSONAL DATA
    1. The controller provides personal data to the following recipients:
      - external accountants,
      - payment service providers and payment processors for securing the transfer of funds,
    2. Your personal data is not transferred to any country outside the European Union. Data is processed both manually and automatically.
  7. YOUR RIGHTS
    1. RIGHT TO ACCESS PERSONAL DATA (Art. 15 GDPR)
      You have the right to request access to the personal data being processed about you and to the following information:
      1. the purpose of processing;
      2. the categories of personal data concerned;
      3. the recipients or categories of recipients to whom personal data have been or will be disclosed;
      4. the retention period for personal data;
      5. all available information about the source of personal data, if not obtained from you;
      6. whether automated decision-making, including profiling, is taking place.
    2. RIGHT TO RECTIFICATION (Art. 16 GDPR)
      You may contact us to request a correction if the data we hold about you is inaccurate, incomplete, or outdated. Considering the purposes of processing, you have the right to have incomplete personal data completed, including by providing a supplementary statement.
    3. RIGHT TO ERASURE (Art. 17 GDPR)
      You may request that your personal data be deleted if:
      1. the data is no longer necessary for the purpose for which it was collected or otherwise processed,
      2. you have withdrawn your consent,
      3. the data was processed unlawfully,
      4. the data must be deleted to comply with a legal obligation under EU or member state law applicable to the controller, or
      5. you object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for processing, or you object to processing under Art. 21(2) GDPR.
    4. RIGHT TO RESTRICTION OF PROCESSING (Art. 18 GDPR)
      You have the right to restrict processing if:
      1. you contest the accuracy of the personal data for a period enabling us to verify its accuracy;
      2. the processing is unlawful and you oppose the erasure of the data and request restriction instead;
      3. we no longer need the personal data for processing purposes, but you require it for the establishment, exercise, or defense of legal claims;
      4. you have objected to processing under Art. 21(1) GDPR pending verification whether our legitimate grounds override yours.
      If processing is restricted, you will be notified before the restriction is lifted.
    5. RIGHT TO DATA PORTABILITY (Art. 20 GDPR)
      You may request that your personal data be provided to you in a structured, commonly used, and machine-readable format or transferred directly to another controller, provided that:
      1. processing is based on your consent under Art. 6(1)(a) or Art. 9(2)(a) GDPR or on a contract under Art. 6(1)(b) GDPR; and
      2. processing is carried out by automated means.
    6. RIGHT TO WITHDRAW CONSENT TO PROCESSING
      You may withdraw your consent to the processing of personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
    7. RIGHT TO OBJECT TO PROCESSING (Art. 21 GDPR)
      You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6(1)(e) or (f), including profiling based on those provisions. We will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
      If personal data are processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to such direct marketing.
    8. RIGHT TO LODGE A COMPLAINT
      If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the supervisory authority:
      Office for Personal Data Protection,
      address: Pplk. Sochora 27, 170 00 Prague 7
      ID DS: qkbaa2n,
      email: posta@uoou.cz, phone: +420 234 665 111 (switchboard), fax: +420 234 665 444.
  8. BREACH OF PERSONAL DATA SECURITY
    1. If it is likely that a specific personal data breach will result in a high risk to your rights and freedoms, we will notify you of such a breach without undue delay. The notification will describe the nature of the breach and provide, at a minimum, the information and measures specified in Art. 33(3)(b), (c), and (d) GDPR. Notification is not required if any of the following conditions are met:
      1. we have implemented appropriate technical and organizational protection measures, and these were applied to the personal data affected by the breach, particularly those that render the data unintelligible to anyone not authorized to access it, such as encryption;
      2. we have taken subsequent measures ensuring that the high risk to your rights and freedoms is no longer likely to materialize;
      3. it would involve disproportionate effort.
  9. DATA PROTECTION OFFICER
    1. The controller has a designated data protection officer. For matters related to personal data processing, you may contact us directly.
      Mailing address: Příčná 1892/4, Nové Město, 110 00 Prague 1
      Email: nada.paskova@foragra.cz
      All contact details can also be found on the controller’s website: www.tech4women.cz

This Policy is effective from July 16, 2025

Vytvořila Hi Promotion | Powered by WebFocus