GDPR
Protection of personal data processing

R 1. General statement 1.1. Mgr. Radomil Cech - REAT Czech art agency ID: 12497193 (hereinafter referred to as the "Agency") fulfills the obligations relating to the processing of personal data that have been transmitted to it for the purpose of fulfilling contractual and legal obligations. 1.2. The protection of personal data results mainly from the EU Data Protection Regulation No. 2016/679 / EU GDPR (General Data Protection Regulation). 1.3. The Agency acts as a personal data controller when it determines the purpose and means of processing personal data in accordance with Article 4 (7) of the GDPR. 1.4. The Company acts as a processor of personal data in case it processes personal data for the administrator in accordance with Article 4 (8) of the GDPR. 2. Principles of personal data processing 2.1. When processing personal data, we comply with privacy standards and, in particular, we comply with the following principles: a) We always process personal data for a clear and comprehensible purpose, by means, in a determined manner, and only for the time required for the purposes of processing; we process only accurate personal data and their processing corresponds to the specified purposes and is necessary to fulfill these purposes; (b) personal data are protected in a manner consistent with current technology developments; the availability of this data security is assured, preventing any unauthorized or accidental access to, alteration, destruction or loss of personal data, unauthorized transfers, other unauthorized processing and other misuse; (c) data subjects are informed of the processing of personal data and of claims for accurate and complete information on the circumstances of such processing as well as other related rights; (d) The Agency shall take appropriate technical and organizational measures to ensure a level of security appropriate to all possible risks; all persons who come into contact with the clients' personal data are obliged to keep confidential information obtained in connection with the processing of such data; 3. Information on the processing of personal data 3.1. General Information about the REART Art Agency Mgr.Radomil Čech Company ID: 12497193, with its registered office: Krajníčko 43, Bavorov 387 73 Contact point for personal data for data subjects is cech@reart.cz 3.2. The Agency processes personal data in order to: (a) comply with statutory obligations when acting as a personal data controller; (b) performance of contractual obligations where personal data have been transmitted by data subjects; c) performance of contractual obligations, where personal data have been forwarded to the Agency by the personal data controller and the Agency acts as processor; (d) for the performance of contractual obligations, where the data subject is a party to the contract; (e) protecting the Agency's rights and legitimate interests; (f) for commercial and marketing purposes, and the Agency's legitimate interest in the Agency's clients and cooperating entities. 3.3. Scope of Personal Data Processing: The Agency processes personal data to the extent necessary to meet the above objectives. In particular, the following personal data are processed: a) first and last name; (b) address; c) email address; (d) telephone number; (e) and other personal data which the Agency is required to administer under the law or performance of the contract and which it has received from the data subjects or through its own activities. The Agency does not process specific categories of personal data unless there is a legitimate reason to process them. 3.4. Method of personal data processing: The way in which the Agency processes personal data includes manual and automated processing in the Agency's information systems. In particular, personal data are processed by authorized representatives of the Agency and, to the extent necessary, by third parties. Prior to any transfer of personal data to a third party, a contract is concluded with that person that contains the same personal data processing safeguards as the Agency respects its legal obligations. The Agency has taken technical and organizational measures to ensure the protection of personal data, in particular measures to prevent unauthorized or accidental access to personal data, their alteration, destruction or loss, unauthorized transmission, unauthorized processing and other misuse of personal data. 3.5. Personal Data Recipients: Personal data is made available, in particular, to the Agency's personnel in the performance of their duties, where personal data must be handled, but only to the extent necessary and with all security precautions. Personal data may be disclosed to third parties involved in the processing of personal data, or such personal data may be made available to them for other reasons in accordance with the law. Prior to any transfer of personal data to a third party, a written agreement is always concluded with that person that regulates the processing of personal data to include the same personal data processing safeguards as the Agency itself respects in accordance with its legal obligations. In accordance with applicable law, the Agency is authorized or directly obliged to transmit your personal data to: a) competent authorities, courts and law enforcement authorities for the purpose of carrying out their duties and for enforcement purposes; (b) payment service providers, where necessary for the prevention, investigation or detection of payment fraud; (c) public authorities and other public authorities for the purpose of complying with legal obligations; (d) other persons to the extent provided for by law, such as third parties for the purposes of recovery; (e) outsourcing agencies and personal data processors to the Agency; 3.6. Transmission of Personal Data Abroad: Personal data are processed in the Czech Republic and other EU countries that share the same standards of personal data protection as the Czech Republic. Entities involved in the processing of clients 'personal data do not pass on the clients' personal data to countries outside the European Union. 3.7. Period of processing of personal data: Personal data are processed by the Agency only for the time necessary for the purposes of their processing. The retention period of personal data is based on individual legal regulations under which the Agency processes personal data. In the event that personal data are processed for the purpose of fulfilling the contractual obligation, it is necessary to process personal data for 5 years from the date of termination of the contract in order to protect the Agency's rights and legitimate interests. Where personal data are processed on the basis of the data subject's consent, these data are processed for 5 years from the date of granting the consent. 3.8. Data subjects' rights: In particular, the data subjects have the following rights in relation to individual GDPR articles: (a) the right to information about the personal data controller, the processor and the data protection officer; (b) the right to be informed of the purpose of the processing of personal data; (c) the right of access to personal data and whether or not personal data are processed; (d) the right to lodge a complaint; (e) the right to rectify personal data; (f) the right to delete personal data (right to be forgotten); g) withdraw consent to the processing of personal data; (h) the right to limit processing; (i) the right to portability of personal data; (j) the right to object; (k) any other rights conferred by the Regulation; The Data Protection Authority is the supervisory body for the processing of personal data - www.uoou.cz 4. Final Statement REART is responsible for the protection of personal data that it processes in its activities. In case of questions or suggestions from data subjects it is possible to contact the Agency's management Mgr.Radomil Čech