Private Policy Statement
1 Private Policy Statement
The protection of your personal data is important for us. In the company UNIOSO s.r.o, having its principal office at Nádražní 344/23, 150 00 Praha 5, ID No. 03379787, registered in the Commercial Register, Section C, Entry No. 230143, maintained by the Municipal Court (Hereinafter referred to as “Orgis IT”) we commit ourselves to protect the personal data.
On this webpage, you will find information about why, when, how and what kind of personal data we, in Orgis IT, are processing. Also, you find there the way, how to contact us in the case of questions related to the data processing or how to make a correction of your personal data.
The Private Policy Statement can be under certain circumstances changed or updated. We recommend you, in your own interest, to visit this page and to make sure that you have current information about its content.
We are committed taking all measures to avoid the misuse of personal data which are provided by you. We process your private data only in the case of the existence of the legal title for the private data processing.
2 Basic Terms and Information
Allow us to explain some basic terms which are connected to the protection of your personal data. We believe that you will gain a better understanding of the question why Orgis IT proceeds by the chosen way by the private data processing.
2.1 Personal Data
Personal data is all information about identified or identifiable natural person (data subject). An identifiable natural person is such a natural person who can be directly or indirectly identified especially by the reference on a certain identifier (name, surname) or by one or more special elements of physical, physiological, genetic, mental, economical, cultural or social identity of this natural person.
2.2 Special Category of Personal Data
It is only a new labelling of the sensitive personal data. It is the kind of personal data which can hurt you in the society, at the work, or it can be the cause of discrimination. This kind of personal data usually refers about the racial or ethnical origin, political opinions, religion, philosophical convention or department membership, in the case of need the processing of genetic data and biometric data for the need of the identification the natural person. Another kind of these data can be health condition or sexual life and orientation of the natural person.
2.3 Data Subject
A data subject is a natural person about which the data is about and which can be by those data identify or be identifiable.
2.4 Privacy Manager
A privacy manager is a natural person or a legal entity that determines the purpose and the middle of the personal data processing and is responsible for this. The privacy manager of the private data is Orgis IT, if not defined in the principles or conditions related to a certain service otherwise.
2.5 Private Data Processer
A private data processer is a natural person or a legal entity which processes the data for the privacy manager according to the directions from the manager.
2.6 Private Data Processing
The Processing is any operation or a set of operation which is made with the private data or a set of private data with or without the help of automated procedures such as gathering, registration, ordering, structuralisation, storage, adaptation or modification, search, insight, usage, accessibility by transmission, spread of information, order, combining, limitation, delete or their destruction.
2.7 What Law Regulation Edits the Private Data Processing?
The Private data processing is being edited mainly by the regulation from European Parliament and the Council of the European Union 2016/679 from 27th April 2016 about the protection of natural person relating with the processing of the data and free movement of these data and about the annulment of the direction 95/46/ES (general regulation about the private data protection), (Hereinafter referred to as “GDPR”). National Regulation can in some cases, where GDPR allows, determine different rules. Those rules are regulated by law 101/2000 coll. about the private data protection according to the later texts.
2.8 When Is It Possible to Process the Private Data?
For the legal processing of your personal data at least one of the conditions mentioned in Article 6 GDPR has to be met. In the case, where the special category of private data appears, at least one of the conditions mentioned in Article 9 GDPR has to be met. In both cases, the principles of the private data processing, which are mentioned in Article 5 GDPR, have to be kept.
3 Private Data Processing in Orgis IT
3.1 Why Does Orgis IT Private Data Processing?
UNIOSO s.r.o. is among other a provider of electronic services. If you decide to use our services or to buy our products and you enter into contract about the provision of services or any other contract, UNIOSO s.r.o. hat the duty to gain your personal data or identification data and to process those in the time specified by law. In this case we talk about so called compulsory processing, where the data is used for the purposes of services, account and other operation which are connected with those and accounting and tax purposes, identification of abuse of services, recovery of receivables; further we are in the capacity of the data processing for the purpose of debt recovery and for the protection of legitimate interests of our company.
Abychom vám mohli nabídnout nové služby, produkty, slevy či jiné zajímavosti, poskytujete nám souhlas se zpracováním vašich osobních údajů. V tomto případě jde o tzv. dobrovolné zpracování osobních údajů, které provádíme na základě Vámi daného souhlasu.
4 Private Data Security
4.1 Technical, Organizational and Other Measures
We are aiming for the maximal protection of your given data. For this purpose, we implemented a series of technological and organisational measures which protect your Private data from unauthorised or illegal processing and unintentional lost, destruction or damage of the data.
In Orgis IT, we honour the principle of the private data minimisation. We process on that information which is necessary or those which you allow us to process above the frame of the must. Every interface of your web pages or applications were adjusted the way that the highest possible measure of privacy could be set up. You can edit it according to your own will.
How we already found out, in certain cases, we are transferring, or are obligated to transfer, Personal data to the third parties. In those cases, we choose reliable partners, by which we can be assured that they keep at least the same level of data protection, as we in Orgis IT have. Upon handover of the private data to the government body, we choose the most suitable and the most secure possibilities that are offered by the government.
5 Time of Private Data Processing
5.1 The Latest Time for the Processing of Private Data
The latest time for the processing of private data, which Orgis IT appeals against you, is 10 years from the day of the legal relationship termination between the data subject and Orgis IT, in some cases 10 years from the end of the taxable year in which the fulfilment occurred. Mentioned period of processing results from the law No. 89/2017 coll., Civil Code, in every latest regulation, in some vases from the law no. 235/2004 coll., about value added tax, in every latest regulation. The reason for this processing is the legal obligation or rightful interest of Orgis IT. After the expiration of this time all your data will be deleted.
5.2 Other Period for Private Data Processing
If you contact your contact people with your questions, or in the case of regular communication with us, we delete your private data much sooner than it is in the time-limit mentioned above. Your private data will be preserved only for the necessary time which is needed for the filling of the purposes mentioned in these principles of private data protection, eventually to keep the law established duties.
6 Cookies and Other Tracking Technologies
6.1 What are Cookies?
Cookies are small text files, which internet pages save in your PC or mobile phone at the moment when you start using those pages. They are used for memorising of your preferences and tasks which you made on them (for example login, language, the font size and other memorable preferences). You do not have to enter these data for a particular time. Our cookies do not identify individual users, they identify those devices which you use with the help of randomly generated ID code.
6.2 Why are Orgis IT Cookies and Other Tracking Technologies used?
6.2.1 More Information about Cookies, Basic Cookies
More information about what are cookies, how do they work, how to manage and delete them is available on the internet page www.allaboutcookies.org
If you want, you can set up your browser for making a notice, if a cookie is sending information, or simply to delete a cookie. You can switch off cookies in your browser. The way how to switch it of depends on the type of your browser. In the case, you have to deal with the reality that some functions will not work. And what is a cookie?
It is a part of the information which a web page sends to your browser. Thanks to it the page remembers information about you and your options.
(a) „Session Cookies“ are temporary cookies which are improving the navigation on the web pages. They are deleted right after you close the browser or switch off the computer.
(b) „Persistent Cookies“ are long-term information placed on your hard disc. They stay there until you delete them. They can preserve private information, but only if you approve.
The address of the internet protocol, so called IP address, was assigned to your computer by your internet provider. It is mainly dynamic, which meant that it is changed by every connection to the internet. It is used for diagnostics of server problems and for the pages management.
Internet tags are smaller than cookies, they tell to the web server, for example, your IP address and the type of your browser. They can be put in online advertisements which refer to their web sites. They tell how many times a web site was open and information the user was interested in.
7 Rights of the Data Subject
7.1 Information Right
We respect the principle of the private data processing. In the accordance with this regulation, we are determined to provide the data subject with the information about what kind of personal data we are processing.
If you wish to know what kind of personal data we are processing about you, you can ask.
If you want specific personal data, that we or our partners are processing, you can turn to us, but write to us, what specific information you require. The listing of information, to which you are entitled, is available in the Article 13 and 14 GDPR. If you will not tell us those specific requirements, we will consider you require as general require according to the previous paragraph. Let us remind you that if we will not be able to check your identity electronically or we gain reasonable doubts about your identity, we ask you for the submission of your proof of identity in the main office or in another Orgis IT premise. This is the only way, how to make sure that your personal data will not be given to another person.
We handle your request in the shortest possible time. According to the complexity and range of the request, the request fulfilment can take even several weeks.
7.2 Right for the Correction
If you found that the personal data, we are processing, are incorrect or not up to date, please let us know. In those cases, we ask you for your prove of identity. It is the only way how to make sure that there will not be any unauthorized change of your personal data.
In some cases, we cannot make the changes of personal data, for example, your wrong personal data in invoices that we archive according to the law.
7.3 Withdrawal of the Approval for Personal Data Processing and the Right „to be Forgotten“
Further processing of your personal data, which is carried out on the basis of the personal data processing agreement, is possible to prevent anytime. You just have to withdraw the approval to the processing.
You can even use the right to „be forgotten“. In this case, we delete all your private data. Exceptions, when the processing is being made are from the statutory duty or from the reason of our authorised interest. In those cases, we ask for the proof of identity before the data deleting.
8 Electronic Communication
8.1 Newsletter in E-mail (Business Message)
8.1.1 If you did not refuse the sending of the business message, you will receive newsletters via your e-mail.
8.1.2 If you do not want to get other newsletters, you can unsubscribe anytime for free. For this act, you can contact our customer service or do it yourself with the help of the link which is in every newsletter.
8.1.3 If you unsubscribe, we will not use you electronic contacts for these purposes.
8.2 E-Mail Communication and Other
8.2.1 From e-mail communication which is directly connected to the services and their proper functions, is not possible to log out because of the maintenance of the service and prevention of business detriment to the client. (Here belongs especially notifications, tax certification deliveries, service constrains notifications).
9 Other Communication
9.1 Voice Service Communication
Orgis IT uses for the client support and business communication other communication channels such as specialised tools for a long-distance administration, teleconferencing devices or telephone communication. In this case, records can be kept for the maintenance of the service quality.
10 Updating of the Principle the Personal Data Protection
We keep the Principle of the personal data protection updated and in unity with the applied legislation. For this reason, they can be changed from time to time. We ask our entire client to pay to those principles proper attention.
11 Responsibility of Private Data Processing
UNIOSO s.r.o. is responsible for the legal processing of your Private data. The Administrative body, which performs the supervision in the field of private data processing in the Czech Republic, is the Office for Personal Data Protection.
Relating to the duty following from GDPR, we name from 1st May 2018 a trustee for the data protection „DPO“ (Data Protection Officer). His/Her task is to monitor conformity of Orgis IT and GDPR and with the cooperation with our employees is your contact to our company for possible questions, suggestions, complains and enforces of rights relevant to the protection of private data.
Contact for DPO: Jana Prošková (firstname.lastname@example.org)
Possible questions, suggestions, complains and enforces of rights relevant to the protection of private data can be also sent through this web page.