If you are our client, news subscriber or website visitor, you entrust us with your personal data. We are responsible for their protection and security. Please familiarize yourself with the protection of personal data, policies and rights that you have in connection with the GDPR (Personal Data Protection Regulation).
Who is the administrator?
Non-profit organization InBáze, IČO 265 48 216, with its registered office at Legerova 50, Prague 2, which operates the websites inbaze.cz, refufest.com, ethnocatering.cz and inbaze.cz/etnickakuchyne.cz and manages the Facebook profile InBáze, InBáze Káriní, InBáze Intercutaneous, Ethnocatering and RefuFest.
We process your personal data as an administrator, ie we determine how personal data will be processed and for what purpose and for how long.
If you would like to contact us during processing, you can contact us at: firstname.lastname@example.org.
We declare that, as the controller of your personal data, we comply with all legal obligations required by applicable legislation, in particular the Personal Data Protection Act and the GDPR, and therefore that:
- we will process your personal data only on the basis of a valid legal reason, in particular a legitimate interest, performance of the contract, legal obligation or consent granted,
- we fulfill the information obligation according to Article 13 of the GDPR even before the processing of personal data begins,
- we will enable and support you in exercising and fulfilling your rights in accordance with the Personal Data Protection Act and the GDPR.
Scope of personal data and processing purposes
We process personal data that you entrust to us yourself, for the following reasons (to fulfill these purposes):
Provision of services and performance of the contract – We personally need your personal data in the scope of: e-mail, telephone or correspondence address to fulfill the contract (eg sending information and signing up for InBáze courses and activities, sending a newsletter, etc.)
Accounting – We urgently need your personal data (invoicing data) to comply with legal obligations for the issuance and registration of tax documents.
Marketing = sending newsletters, your personal data (e-mail and name), what you click on in the e-mail, when you open them most often, how many times you opened them, when you last opened the e-mail, we use for direct marketing – sending information communication.
Photos and video recordings of community activities and events for the public
At some of our events for the public (seminars, trainings, courses, community activities, etc.) we take photographic documentation or video recording. We use photos in promotional materials, especially on the web or Facebook. You will never find the names of the participants in these materials, only if it is a reference, with the consent. If you do not want to be on the records, let us know in our contact details before the live event.
We retain your personal data for the duration of the limitation periods, unless the law provides for a longer period for their retention or we have not stated otherwise in specific cases.
Security and protection of personal data
We protect personal data as much as possible using modern technologies that correspond to the level of technical development. We have taken and maintain all possible (currently known) technical and organizational measures to prevent the misuse, damage or destruction of your personal data.
Transfer of personal data to third parties
Our employees have access to your personal data, who are bound by confidentiality and trained in the security of personal data processing.
We handle most processing operations ourselves and do not need third parties.
To ensure some specific processing operations, which we are unable to provide on our own, we use the services and applications of processors who specialize in the given processing and are in accordance with the GDPR.
They are providers of the following platforms and services:
- Raynet CRM
It is possible that in the future we will decide to use other applications or processors to facilitate and improve processing. However, we promise you that in such a case, when choosing, we will place at least the same demands on the processor for security and quality of processing as for ourselves.
Data transfer outside the European Union
We process data exclusively in the European Union or in countries that provide an adequate level of protection based on the decision of the European Commission.
Your rights in relation to the protection of personal data
You have a number of rights regarding the protection of personal data. If you wish to exercise any of these rights, please contact us by e-mail: email@example.com.
You have the right to information about the processing of personal data, which is already fulfilled by this information page with the principles of personal data processing.
Thanks to the right of access, you can call us at any time and we will prove to you within 30 days what your personal data is being processed and why.
If something changes for you or you find your personal data out of date or incomplete, you have the right to add and change personal data.
You can exercise the right to restrict processing if you believe that we are processing your inaccurate data, that you believe that we are processing illegally, but that you do not want to delete all data, or that you have objected to the processing.
You can limit the scope of personal data or the purposes of processing (eg by unsubscribing from the newsletter, you limit the purpose of processing for sending information messages).
The right to erasure (be forgotten) and the right to object to the processing
Your next right is the right to delete. We do not want to forget you, but if you wish, you have the right to do so. In this case, we will delete all your personal data from our system as well as from the system of all sub-processors and backups. We need 30 days to secure the right to delete.
In some cases, we are bound by a legal obligation, and for example I have to register the issued tax documents for the period stipulated by law. In this case, you have the right to object to the processing, after which we will limit the processing of the data that are the subject of the objection. Therefore, we will delete such personal data that is not bound by another law. We will inform you about the completion of the deletion.
The right to file a complaint with the Office for Personal Data Protection
If you feel that we are not handling your data in accordance with the law, you have the right to contact the Office for Personal Data Protection at any time with your complaint. We would be very happy if you first inform us of this suspicion so that we can do something about it and correct any mistakes.
Unsubscribe from sending newsletters and business messages
We send you e-mails with a monthly program, invitations to interesting InBáze events, invitations to individual activities, etc., if you are our client based on our legitimate interest.
If you are not a client, we will send them to you only with your consent. In both cases, you can unsubscribe from our e-mails by pressing the unsubscribe link in each e-mail you send, or contact us by personal e-mail stating that you do not wish to receive any information from our organization.
We would like to assure you that our employees and co-workers who will process your personal data are obliged to maintain the confidentiality of personal data and security measures, the disclosure of which would jeopardize the security of your personal data. At the same time, this confidentiality continues even after the end of our contractual relations with us. Your personal data will not be disclosed to any other third party without your consent.
In Prague on May 25, 2018