PRIVACY POLICY

Protection of personal data.

Information memorandum

Company OWNAGE s.r.o., Id No: 07442050, with its registered office at Poustka 75, 464 01 Višňová, Czech Republic, Ref. No. C 42265, registered with the Municipal Court in Ústí nad Labem will process your personal information.

This policy sets out the rules that we will follow when processing your personal information in order to preserve the right to protect your personal data, your right to privacy so that your personal information could not be misused. We will follow this policy all the time we process any of your personal information.

The personal data processing rules contained in this policy correspond to the obligations imposed on us in the processing of personal data by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - General Data Protection Regulation (hereinafter referred to as "GDPR").

Through this policy we also provide you with information and facts and your rights, which, in accordance with GDPR must be informed thus ensuring sufficient transparency and openness in processing your personal data.

This policy sets out the procedures and principles on the basis of which we will process your personal data and handle them. If anything is unclear or you would like to ask anything about your personal data, please use the contact details below.

COLLECTION OF PERSONAL DATA

Reasons for collecting personal data

We will collect and process personal data from you exclusively if it is necessary for:

Where we need to perform the contract we are about to enter into or have entered into with you.

Providing the service you want to use.

Meeting the requirements of the law.

Protection of your vital interests.

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights that require the protection of personal data do not override those interests

Direct marketing

One legitimate interest may be processing your personal data for direct marketing purposes - sending business message. This means that if you have already purchased a product from us or used the service provided by us (e.g. you have downloaded our product demo), we may occasionally send you an offer of similar products that might be of interest to you. You may at any time cancel the dispatch of these business messages via the link contained in the business message sent or via the contact email below, and we will not send them to you anymore.

Consent

In other cases we may collect and process your personal data only with your express and free consent. You may at any time revoke your consent through the contact details provided in this policy. Specific conditions for the use of your personal data after consent are always given in each individual consent.

Collection of personal data

We do not obtain your personal data from publicly available sources, but only from you or from third parties who cooperate with us and have obtained personal data from you in accordance with the law and may transmit to us. In any case, we will always follow this policy and the law in the use of your personal data, whether it is obtained in any way.

We will either expressly request your personal data or obtain it from you if you register with our services, enter into a contract with us, or use a service. Alternatively you can provide us with your personal data for example by filling out forms on a website or communicating with us via telephone, e-mail, internet discussion or otherwise. Some of your personal data we collect automatically with your consent, such as the use of cookies when you visit our website.

About the specific purposes of processing of your personal data, you will always informed in each specific case. This information is either stated directly in the contract, in the terms of use of the service provided or in this policy. Alternatively, you may ask us at any time for the reasons for processing your personal information through the contact details listed below.

HOW WE USE YOUR PERSONAL DATA

We will use your personal data primarily to provide you with our services, where we need to perform the contract we are about to enter into or have entered into with you, where we need to comply with a legal or regulatory obligation, alert you to changes in our services, to improve our services or to provide you with a better customer experience. We may also use this data with your consent to inform you of other services and products that we or selected third parties offer, which may be of interest to you. We will always inform you of any further use of your personal data.

DISCLOSURES OF YOUR PERSONAL DATA

Disclosure of personal data

Your personal data will not disclose to anyone except as described in this policy. Your personal data will be accessed by our employees who will be authorized to work with these personal data. All employees who will have access to your personal data are in writing bound by secrecy, therefore, the data must not be disseminated anywhere. These employees are also responsibly selected, they were acquainted with the internal rules on the protection of personal data and also properly trained to know how they should treat your personal data and under what conditions it may be processed. This is how we strive to ensure the best possible protection of your personal data.

We may pass your personal data to third parties, if necessary. These people are called processors. We are responsible for that processors provide appropriate guarantees to process your personal data. All processors are responsibly selected. At the same time, the processors will be contractually obliged to meet the obligations to protect your personal data, thereby ensuring that your personal data is adequately protected and minimizes the risk of misuse.

Third parties to whom the personal data are transferred

Here are the categories of subjects which we can pass on your personal data and who can get access to your personal data:

Category of recipients Purpose of the transfer of personal data

legal advisers use of legal advice

accountant advisers use of accountant advice

tax advisers use of tax advice

Marketing advisers use of legal advice and services

IT service providers IT management and administration user applications

Website Administrator Managing our websites.

Providers of on-line tools Use these tools to improve the quality of our services and your customer experience

Providers of messaging services Ensuring the distribution of business and other messages

Carriers Shipping of ordered goods

Subcontractors Subcontracting for your ordered service

If you give us permission, some information can then be forwarded to a selected third parties to inform you about the services and products that we or selected third parties offer and that you may be interested.

We may also share your personal data with other third parties in order to prevent the crime and reduce the risks if required by law and where we deem it appropriate, in response to the lawsuit or to protect the rights or property.

Transmission outside the EU

Your personal data is not transferred to countries outside the European Union or to international organizations except for situations where they are being transferred there to improve data backup and protection and the situations expressly stated in this policy.

AUTOMATIC INDIVIDUAL DECISION MAKING AND PROFILING

When processing your personal data, we do not perform any automatic, individual decision making or profiling that would have any legal effect on you or would otherwise have any significant impact on you. In the event that this change, we will inform you immediately.

PERSONAL DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. If your personal data is no longer needed for processing purposes, we will delete it without delay. If your personal data is processed by consent, the processing time is stated in this consent.

If we process your personal data due to legal provisions, we process it for as long as the law requires it. In the event that the law requires the archiving of certain data, we will archive these personal data in accordance with the law for the required time.

In the event that we process your personal data as a result of the conclusion of the contract or providing a service, we will process your personal data for the duration of this contract or provision a service and 10 years after the termination of the contract or provision of the service. However, during this time, we process your personal data only for the purpose of preventing any legal claims or conducting legal proceedings. The time limit of 10 years corresponds to the maximum limitation period during which claims can be successfully applied in court. In the event that a court or other proceedings are initiated, for which your personal information is required, we will process them throughout the proceedings including any enforceable and other follow-up proceedings.

YOUR LEGAL RIGHTS

Right to access

Whenever you can contact us to send you a confirmation whether we process your personal data through the contact details listed below. If we process your personal data, you have the right to access this information:

For what purpose do we process your personal data and what are their categories.

Who are the recipients and processors of your personal data.

How long will your personal data be stored and if that time cannot be determined the criteria used to determine that period.

For which personal data you can request erasure, restriction of processing your personal data and object to processing of your personal data.

Right to lodge a complaint with a supervisory authority.

Source of personal data, if not obtained from you.

Whether automatic individual decision making or profiling is made.

If you request it, we will provide you a copy of your personal data that we process. We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. If you request in electronic form, copies will be provided in electronic form, unless you ask for another form. However, we have the right to require verification of your identity to ensure that this information regarding your personal data get to an unauthorized person. We will try to deliver the information as soon as possible, depending on the desired range. However no later than within 30 days.

Right to rectification

If you find that some of your personal information is inaccurate, improper or incomplete you have the right to require us to correct or supplement your personal data without undue delay.

The right to erasure - right to be forgotten

You have the right to require us to delete your personal information without undue delay if:

The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

Withdraw your consent.

You raise objections to processing.

We have processed your personal data unlawfully.

Personal data have to be erased for compliance with a legal obligation.

Personal data have been collected in relation to the offer of information society.

However, we will not delete your personal data nor for the reasons mentioned above, if any of the grounds under Article 17 (3) of the GDPR exists.

If your personal data has been published or were handed over to third parties we ensure the deletion of these personal data if it is technically possible and feasible.

Right to restriction of processing

You have the right to require us to restrict the processing of your personal data if:

You tell us that your personal data is inaccurate until the accuracy of our personal data is verified by us.

We process your personal data unlawfully, but you will ask us to restrict use instead of deletion.

We will no longer need your personal information, but you will require them for the establishment, exercise or defence of legal claims.

You have raised an objection to the processing, as long as it is verified, if it is justified.

During the processing limitation period your personal data may only be stored, otherwise they can only be processed based on your consent, for the purpose of determining and for the establishment, exercise or defence of legal claims or for reasons of public interest.

Right to object

You have the right to object to the processing of your personal data if we process it for direct marketing purposes. The objection must be sent to us in writing or to the email listed below. If you make an objection against processing your personal data for direct marketing purposes, they shall no longer be processed for such purposes unless we demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Right to data portability

If you ask us to do so, we will pass on your personal data in a structured, commonly used and machine-readable format to you so that you can transmit those data to another controller. You can request us to transmit your personal data directly from us to another marked controller, where technically feasible.

Right to lodge a complaint with a supervisory authority

You may at any time lodge a complaint with a supervisory authority regarding the processing of your personal data or a failure to comply with our obligations under the GDPR. Supervisory authority in Czech Republic is Office for Personal Data Protection, Pplk. Sochora 27,170 00, Prague 7, Czech Republic, www.uoou.cz.

ESTABLISHED MEASURES

We have introduced personnel, organizational and technical measures to eliminate the various risks to your rights and freedoms and to protect your personal data. For this purpose, we trained all of our staff who come in contact with personal data. Furthermore, all personal data in physical form is secured against unauthorized access. For personal data stored in electronic form, we comply with security standards and are also protected against unauthorized access. At the same time, we have developed risk analysis to prevent risks and have taken appropriate action to reduce the risks as much as possible.

CONTACT

In case of any requests, requirement, comments or ambiguities you can contact us via email info@gsoul.eu or in writing at our registered office.

CONCLUSION

This policy was adopted on 1. 1. 2019. We can change this policy if it remains in compliance with the law and the GDPR. We will inform you of any changes to this policy on our website.