GENERAL INFORMATION ABOUT PERSONAL DATA PROCESSING
Dear clients and co-workers,
we allow to provide you with information about your rights regarding your personal data processing by the Data Controller – Státní léčebné lázně Janské Lázně, national enterprise.
We have done everything to make them as clear as possible and we believe you will gain a better understanding. If you are unclear about something or are interested in the information about data we are processing in detail, please do not hesitate to contact us directly at the contacts listed below.
1. Who processes your personal data?
Data Controller, that is to say the person, that determines the purposes and means and manages your personal data processing for the above mentioned purpose, is Státní léčebné lázně Janské Lázně, national enterprise, with its head office at Svobody 272, 542 25 Janské Lázně, IČO: 00024007, incorporated in the Commercial Register KS in Hradec Králové under File No. AXII 253.
2. How and why are your personal data processed?
When processing your personal data we subject to applicable legal provisions, General Data Protection Regulation (“GDPR”) and implementing legislation in particular. We process your personal data to ensure your and our rights and duties resulting from legal provisions and treaties. When processing your personal data for this purpose, there is neither automated decision making nor profiling.
3. Which personal data are we processing?
We process only personal data that we have received from you or from third parties in order to fulfill a contractual arrangement between you and our spa, or in order to fulfill our legal obligation, or those you have provided us with consent for the intended purpose. We retain your personal data for such a period as strictly necessary for the purpose resulting from law, contracts, legitimate interest, or which was included in your consent to the processing of personal data.
4. How do we protect your personal data?
You can be absolutely certain that we handle your personal data with due care and in accordance with applicable law. We are aware of the personal data sensitivity and we therefore protect and keep them safely and securely to the maximum extent that corresponds to the technical level of available means.
5. Who do we share your personal data with and why?
We may make your personal data available to third parties that provide us with supporting activities – in particular the administration of software equipment, and only for the purpose of carrying out these activities. We may also transfer your personal data to third parties to the extent as strictly necessary, but only to meet our contractual or legal obligations or if you have given us consent to do so. These third parties are then in the position of Data Processor and we only provide them with personal data strictly necessary for that purpose and we ensure that they consistently protect your personal data as well. We carefully select, process, modify and supplement our Data Processors to ensure the aforementioned activities, due to these updates and changes, we are ready to provide you with your written or email queries with an up-to-date list of such entities for whom the abovementioned data might be possibly transferred.
We do not transfer your personal data to other countries.
6. What are the rights to your personal data?
In relation to your personal data that we process, you have the following rights that you are entitled to request from us as from your Data Controller.
- the right to obtain a confirmation about your personal data (non) processing and the right of access to personal data that relate to you and we process them;
- the right to correct or supplement your personal data if it is inaccurate or incomplete;
- the right to erase or restrict the processing of your personal data if the legal terms and conditions of particular legal provisions are met (if the law requires us to keep your personal data (e.g. medical records) for a certain period of time, data erasure is unfortunately for that period of time impossible );
- the right to object to the processing of personal data that relate to you;
- the right to transfer your personal data to another Data Controller
You can exercise your rights by a written submission delivered to our company address or to the company email address as stated in this information memorandum. Since some of your personal data that we process are based on your consent, you have the right to revoke your consent to the processing of such personal data at any time either by clicking the logout link in the received newsletters or by sending an email to email@example.com. If you believe that processing of your personal data is in breach of the law, you have the right to submit a complaint with the Supervisory Authority, which is the Office for Personal Data Protection, registered office at Pplk. Sochora 27, 170 00 Praha 7, www.uoou.cz.
Should you need to contact us regarding your personal data processing, please write to us or to our Data protection Officer office at Svobody 272, 542 25 Janské Lázně or contact us by phone + 420 499 860 111 or via an email firstname.lastname@example.org.
We believe that the abovementioned information was clear and intelligible.
Mgr. Martin Voženílek, director
In Janské Lázně, 25 May 2018