Protection of personal data
Conditions of personal data protection and processing contractInformation on the processing of personal data
Identity and contact details of the administrator
The administrator of your personal data is the business entity Letní virtuální hry, s.r.o., Francouzská 299/98, Vršovice, 101 00 Praha 10, IČ 097 53 591 (hereinafter referred to as the "administrator").
The administrator's contact information is as follows:
delivery address: Letní virtuální hry, s.r.o., Francouzská 299/98, Vršovice, 101 00 Praha 10
e-mail address: firstname.lastname@example.org
phone +420 606917385
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The administrator did not appoint a data protection officer.
Legal basis for the processing of personal data
The legal basis for the processing of your personal data is the fact that this processing is necessary for:
fulfillment of the contract between you and the administrator or for the implementation of measures by the administrator before the conclusion of such a contract within the meaning of Article 6, paragraph 1, letter (b) Regulation 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation) ("the Regulation");
fulfillment of the legal obligations applicable to the administrator within the meaning of Article 6 (1) (a) c) of the Regulation, namely in particular the fulfillment of obligations imposed on the administrator by generally binding legal regulations, in particular Act No. 235/2004 Coll., on value added tax, as amended, Act No. 586/1992 Coll., on taxes on income, as amended, and Act No. 563/1991 Coll., on Accounting, as amended.
Purpose of personal data processing
The purpose of processing your personal data is to fulfill the contract between you and the administrator, or to take measures by the administrator before concluding such a contract and to fulfill the related public law obligations by the administrator.
The purpose of processing personal data is also to send business messages and perform other marketing activities towards your person.
There is no automatic individual decision by the administrator within the meaning of Article 22 of the Regulation.
Time of storage of personal data
Your personal data will be processed for the duration of the effects of rights and obligations under the contract and for the time necessary for the purposes of archiving in accordance with the relevant generally binding legal regulations, but no longer than for the period specified by generally binding legal regulations.
Other recipients of personal data
Other recipients of your personal data will be subcontractors for the performance of the contract, especially providers of server services (administration, web hosting, backup), marketing services, payment instruments, providers of accounting services. Subcontractors are checked for the secure processing of personal data. The web hosting provider and subcontractor have concluded a contract on the processing of personal data, according to which the subcontractor is responsible for the proper security of the physical, hardware and software perimeter, and therefore bears direct responsibility to the user for any leakage or breach of personal data.
Recipients of your personal data processed for the purpose of fulfilling obligations arising from legal regulations may also be financial administration bodies or other competent authorities in cases where the administrators impose generally binding legal regulations.
The controller does not intend to transfer your personal data to a third country (to a country outside the EU) or to an international organization.
Rights of the data subject
Under the conditions set out in the regulation, you have the right to request access to your personal data from the controller, the right to correct or delete your personal data, or restrict their processing, the right to object to the processing of your personal data and the right to portability of your personal data.
You have the right at any time to withdraw the consent to the processing of your personal data given by the administrator. However, this does not affect the lawfulness of the processing of your personal data prior to such withdrawal of consent. You can revoke your consent to the processing of personal data by email email@example.com
If you believe that the processing of your personal data has violated or violates the Regulation, you have, among other things, the right to lodge a complaint with the supervisory authority.
You are not obliged to provide personal data. The provision of your personal data is a necessary requirement for the conclusion and performance of the contract and without the provision of your personal data, it is not possible to conclude the contract or fulfill it by the administrator.
Terms of personal data security
The controller declares that it has taken all appropriate technical and organizational measures to secure personal data.
The administrator has taken technical measures to secure data repositories and personal data repositories in paper form.
The controller declares that only persons authorized by him have access to personal data.
Processing contract - rights and obligations between the administrator and the processor
Identity and contact details of the controller and the processor
In relation to the personal data of the Users' clients, ie buyers in the ordering system, the Provider is a processor in accordance with Article 28 of the GDPR. The user (ordering system operator) is the administrator of this data.
These conditions regulate the mutual rights and obligations in the processing of personal data, to which the Provider has gained access within the performance of the contract concluded with the User in the form of approval of the general terms and conditions at www.summervirtualgames.com.
Scope of personal data processing
The Provider undertakes to process personal data for the User to the extent and for the purpose specified in Articles 2.2 - 2.10. these conditions in the Processing Agreement.
The Provider undertakes to process the personal data of the User's clients for the User.
The Provider undertakes to process the obtained personal data for the user to the extent of common personal data.
As part of automated processing, the Provider will store personal data in a database stored on the Provider's hardware, protect, secure, back up, sort and dispose of.
The Provider will create such software tools that will facilitate the User's fulfillment of the User's clients' requests for the exercise of the rights of data subjects stipulated in the GDPR, in particular the right to delete, the right to information and the portability of information.
Personal data is stored only on the Provider's hardware, its own servers or its subcontractors. All personal data is stored only in the territory of the European Union.
The Provider undertakes to process personal data for the User for the purpose of providing the operation of the ordering system www.summervirtualgames.com
The Provider will not use the processed personal data of the User's clients for its own needs and for any purpose other than the performance of the contract.
The Provider undertakes to process the obtained personal data for the user for the duration of the contractual relationship and for the time necessary for the purposes of archiving in accordance with the relevant generally binding legal regulations, but no longer than for the period specified by generally binding legal regulations.
The User grants permission with the involvement of subcontractors necessary to ensure the fulfillment of the contractual relationship between the Provider and the User, for the operation of the ordering system.
Protection of personal data
The Provider undertakes to technically and organisationally ensure the protection and backup of the stored personal data in order to prevent unauthorized access to or loss of such personal data.
The technical and organizational measures taken correspond to the degree of risk. The provider and subcontractors use them to ensure their constant integrity and security against misuse.
The Provider declares that the protection of personal data is subject to the Provider's internal security regulations. Which stipulate that only authorized persons of the Provider and subcontractors according to Article 2.10 of these conditions will have access to personal data and are obliged to maintain confidentiality of personal data and implemented security measures.
After the termination of the performance of the performance, the Provider is obliged to delete all personal data, unless it is obliged to store personal data on the basis of a special law.
The user undertakes, without undue delay, to report all information known to him that could adversely affect the proper and timely fulfillment of obligations arising from these conditions.
Other relations that are not explicitly regulated by these conditions are governed by the GDPR and the legal order of the Czech Republic, as amended.
The administrator is entitled to change these conditions. The new version of the terms of personal data protection will be published on its website and at the same time the new version of these terms and conditions will be sent to you by the e-mail address you provided to the administrator.
These conditions take effect on 1.4.2020.