If you are our customer or a visitor to our website, you entrust us with your personal data. We are responsible for their protection and security. Please familiarize yourself with the data protection policy, principles, and rights you have under the GDPR (General Data Protection Regulation).

1. Who is the controller?

Tomáš Mitvalský, Brno, ID No.: 68653522, and we operate the website www.mitvalsky.cz. We process your personal data as a controller, i.e., we determine how personal data will be processed and for what purpose, for how long, and we select any other processors who will assist us with processing.

2. Contact details

If you wish to contact us during the processing, you can do so via email: mitvalsky@centrum.cz. We declare that as the controller of your personal data, we comply with all legal obligations required by current legislation, particularly the Data Protection Act and GDPR, meaning that: we process your personal data only on the basis of a valid legal reason, namely legitimate interest, contract performance, legal obligation, or given consent, we fulfill the information obligation under Article 13 of the GDPR before commencing the processing of personal data, we will enable and support you in exercising and fulfilling your rights under the Data Protection Act and GDPR.

Scope of personal data and purposes of processing

We process personal data you entrust to us for the following reasons (to fulfill these purposes):

• providing services, contract fulfillment your personal data in the extent of: email, which we necessarily need for contract fulfillment (e.g., sending access details, etc.),
• accounting.

If you are customers, we necessarily need your personal data (billing data) to comply with the legal obligation for issuing and recording tax documents.

3. Security and protection of personal data

We protect personal data to the maximum extent possible using modern technologies that correspond to the level of technical development. We protect them as if they were our own. We have adopted and maintain all possible (currently known) technical and organizational measures that prevent misuse, damage, or destruction of your personal data, in particular: your email, your name.

4. Transfer of personal data to third parties

To ensure specific processing operations that we cannot provide on our own, we use the services and applications of processors who can protect the data even better than us and specialize in the given processing. These are the providers of the following platforms: WordPress, Fakturoid.

It is possible that in the future we decide to use other applications or processors to facilitate and improve processing. We promise you that in such a case, in selecting, we will place at least the same demands on the security and quality of processing as on ourselves.

5. Transfer of data outside the European Union

All processing of personal data will be performed within the EU. We process data exclusively in the European Union or in countries that provide an adequate level of protection based on a decision by the European Commission. Your rights in connection with personal data protection. In connection with the protection of personal data, you have several rights. If you wish to exercise any of these rights, please contact us via email: mitvalsky@centrum.cz. You have the right to information, which is already fulfilled by this information page with the principles of personal data processing. With the right of access, you can ask us at any time, and we will provide within 7 days, which personal data we process and why.

If something changes for you or you find your personal data outdated or incomplete, you have the right to have the personal data completed and changed. You can use the right to restrict processing if you believe we are processing inaccurate data about you, you think the processing is unlawful, but you do not want all data deleted, or if you have objected to processing. You can limit the scope of personal data or the purposes of processing.

6. Right to data portability

If you wish to take your personal data and transfer it to someone else, we will proceed in the same way as if using the right of access – only with the difference that we will send you the information in a machine-readable format. Here we need at least 14 days.

7. Right to deletion of your data

Another right is the right to the deletion of your data. We do not want to delete data, but if you wish, you have the right to do so. In such a case, we will delete all your personal data from our system and from the systems of all partial processors and backups. We need 14 days to ensure the right to deletion. In some cases, we are bound by legal obligations, e.g., we must record issued tax documents for the period prescribed by law. In this case, we will delete all such personal data that are not bound by another law. We will inform you about the completion of deletion via email.

8. Complaint to the Data Protection Authority

If you feel that we are not handling your data in accordance with the law, you have the right to file a complaint at any time with the Data Protection Authority. We would be very grateful if you inform us first about this suspicion so that we can do something about it and correct any wrongdoing.

These data processing principles are valid from 30.03.2024.