Information from the Personal Data Operator intended for the subject of personal data on the processing of personal data received from the subject in order to fulfill contractual and legal obligations based on the consent of the subject
in accordance with Article 12 of the Regulation of the European Parliament and of the Council No. 2016/679 of April 27, 2016 “General provisions on the protection of personal data (hereinafter referred to as the “Directive”), implemented by a legal entity
company LION RITTER s.r.o., Identification number: 247 72 097,
registered address: Radlická 112/22, Prague 5 – Smíchov, postal code: 150 00, entered in the Commercial Register of the City Court in Prague, section C, tab 173049,
Address for correspondence: LION RITTER s.r.o., P.O. BOX 15, 150 00 Prague 5, Czech Republic
Email: diabetes5.com@gmail.com
(hereinafter referred to as the “Personal Data Operator”)
In accordance with the Directive, the Personal Data Operator provides you with the following information:
1. Contact details of the Personal Data Protection Officer.
The Personal Data Protection Commissioner was not appointed by the Personal Data Operator, since the Personal Data Operator does not have such an obligation in accordance with the law.
2. Description of the categories of subjects whose data is processed by the Personal Data Operator, categories of personal data and the purposes of their processing
Categories of your personal data that the Personal Data Operator processes in the performance of contractual and legal obligations:
· name, surname, title;
· name, identification number (IČO), in some cases, taxpayer identification number (DIČ, VAT, INN), if you are an entrepreneur or an official representative of a legal entity;
· Date of Birth;
· legal address or correspondence delivery address;
· E-mail address;
· phone number;
· Bank details;
· passport details;
· medical certificate confirming diabetes;
· data we collect when you visit pages of the site (browsing data), such as the IP address or URI (uniform resource identifier) of the resources requested, the time of the request, the method of sending the request to the server, response file data, the digital code corresponding to the response sent server (OK, error, etc.), as well as other parameters related to the user’s operating system and computer processing environment
The personal data operator does not operate with so-called confidential personal data as defined by the Directive.
Purpose of processing personal data:
Compliance with the legal obligations of the Personal Data Operator and contractual obligations related to the purchase and sale agreement (Order in an online store) concluded by the Personal Data Operator with you, negotiations on purchase and sale agreements (Orders in online stores), pre-contractual negotiations;
In the case of the expressed consent of the subject, the purpose may also be marketing, consisting mainly of sending commercial offers of the Personal Data Operator.
1. Description of the categories of entities that may be given access to your data or your personal data may be transferred, including recipients from third countries or international organizations.
All personal data may be provided to persons processing personal data (in particular, persons providing legal, accounting and tax advisory services) who cooperate with the Personal Data Operator on a contractual basis and who are obliged to protect personal data within the framework of these contractual relationships.
If you are a business partner or customer, your personal data may be provided to recipients in non-EU countries, but not to international organizations (subject to the conditions below). The data controller may provide personal data to a non-EU country provided that that country, in accordance with the European Commission’s security decision, has an appropriate level of protection for personal data and is secure in this regard.
If such a decision is not made, the Personal Data Operator is obliged to provide the personal data subject with sufficient guarantees for the security of his personal data, which are mainly strictly established corporate rules or standard annexes to contracts. In addition, it must be a country that provides effective legal protection for the data subject, in particular ensuring the enforcement of his rights.
2. Information about your rights
A. The Data Controller will, without undue delay and in any case within one month of receipt of the request, provide you with information in accordance with Articles 15 to 22 of the Directive upon your written, postal, email or other application.
B. In particular, you have the right to request from the Personal Data Operator access to your personal data that it processes, you have the right to correct it in case of inaccuracy, to delete it (the right to be forgotten), to limit its use, and also have the right to at any time and without giving reasons, file an objection to the processing of personal data.
B. You have the right to receive confirmation from the Personal Data Operator whether the personal data received from you is being used or not used. At the same time, the Personal Data Operator warns that with regard to personal data transferred to fulfill legal and contractual obligations, this service cannot be provided unless you provide contact information.
D. You have the right to receive a copy of the information relating to you personally, which you provided to the Personal Data Operator, in a structured, widely used and machine-readable format, in order to transfer this information to another Personal Data Operator without permission or obstacles from the current Personal Data Operator.
D. If personal data is processed on the basis of your consent, you have the right to withdraw this consent at any time by submitting a withdrawal application to the Personal Data Operator.
E. You have the right at any time to file a complaint about the actions of the Personal Data Operator with the supervisory authority, which is the Office for Personal Data Protection.
3. Method of processing personal data
As part of the activities of the Personal Data Operator, methods of automated processing of personal data, including decision-making and profiling, are not used. Personal data is processed manually by the Personal Data Operator himself or his representative (see above).
4. Information about the planned dates for deleting certain categories of personal data
Personal data of subjects processed by the Personal Data Operator on the basis of legal and contractual obligations, the Personal Data Operator undertakes to delete without undue delay after the expiration of the period established by law during which the Personal Data Operator is obliged to store such data (we are talking mainly about the timing of archiving accounting records). documents, unless the other archiving period is longer).
With regard to personal data processed on the basis of your consent, this data will be deleted immediately without undue delay at the end of the period during which it was required, at the latest upon expiration of the consent to processing.
5. Description of the technical and organizational security measures that the Personal Data Operator has taken to protect your personal data.
A. Protection from unauthorized access to personal data
The Personal Data Operator has provided access to paper records as follows: paper records are located in the locked premises of the Personal Data Operator, some of them, if necessary, in a locked cabinet. Only authorized persons have the right of access to the locked premises. Other persons have access to the premises only if accompanied by authorized persons. Software access to recording devices is protected by a username and password, and electronic storage repositories are sufficiently secure.
Protection against unauthorized reading, copying, seizure, modification and destruction of your personal data.
Access to personal data is protected by a username and password. Authorized persons are trained in handling personal data.
a) Security against attack by hackers
The Personal Data Operator’s system is connected to the Internet. Measures have been taken against hacker attacks in the form of a firewall, security in the form of using a username and password.
Protection against unauthorized use of connection data (negligence)
Passwords for Internet access are changed regularly.
b) Protection against incompetence
All authorized and responsible persons are properly instructed. Instruction and training mainly consists of informing these persons about the functionality of the Data Controller’s system, recording equipment and software (including updates), as well as about the rights and obligations when processing personal data in accordance with the Directive.
6. Use of COOKIES
For the operation of its online stores, the personal data operator uses a browser feature known as “cookies”, which assigns a unique identification to your computer. Cookies are usually stored on your computer’s hard drive.
Cookies are small strings of text that websites visited by the user send to their respective devices, where they are remembered for transmission to the same website the next time the user visits it. Cookies can perform different functions and have different characteristics. Cookies may be used by the Personal Data Operator or Third Parties. For more information about cookies, please visit allaboutcookies.org.
The personal data operator uses the following types of cookies:
Classification by shelf life:
· Short-term cookies – used only when working with an online store and are deleted automatically a few minutes after the store page is closed. These files ensure the functionality of the basic functions of the online store
· Long-term cookies – used from several days to several months. They help the online store with repeated visits to the website, with authorization or suggestions for viewed products.
Classification by purpose of use:
· Basic (functional) technical cookies – necessary to ensure the proper functioning of the online store. Without them, the contents of the cart or authorization on the site may periodically disappear.
· Analytical cookies – with their help it is possible to monitor statistics of traffic to the pages of the online store and the use of various functions. Based on this data we can improve our online store
Disable saving cookies
All standard Internet browsers have a function to disable the storage of cookies. Instructions for disabling can be found in the help information for the browser you are using. Attention! If you disable the saving of cookies, we cannot guarantee a comfortable use of our online store. When using our online store.