Newsletter of fake carriers offered byWIM DEKEYSER B.V. · International Loss Adjusters

Open newsletter

GDPR – Personal Data Protection Terms

I. Personal Data Protection

  1. By submitting personal data, the user confirms that they are aware of the terms of personal data protection, agree with their wording, and fully accept them.
  2. The Provider is the controller of users' personal data pursuant to Article 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: “GDPR”). The Provider undertakes to process personal data in accordance with legal regulations, especially the GDPR.
  3. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  4. When placing an order, personal data necessary for the successful processing of the order (name and address, contact) are required. The purpose of processing personal data is to process the user's order and exercise rights and obligations arising from the contractual relationship between the Provider and the User. The purpose of processing personal data is also to send commercial communications and carry out other marketing activities. The legal basis for processing personal data is the performance of a contract under Article 6(1)(b) GDPR, compliance with a legal obligation of the controller under Article 6(1)(c) GDPR, and the legitimate interest of the Provider under Article 6(1)(f) GDPR. The legitimate interest of the Provider is the processing of personal data for direct marketing purposes.
  5. To fulfill the license agreement, the Provider uses subcontractors, especially providers of mailing services (personal data are stored in third countries) and web hosting providers. Subcontractors are vetted for secure personal data processing. The Provider and the web hosting subcontractor have concluded a data processing agreement under which the subcontractor is responsible for the proper security of the physical, hardware, and software perimeter and is therefore directly liable to the user for any leakage or breach of personal data.
  6. The Provider stores the user's personal data for the period necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the user and to assert claims from these contractual relationships (for 15 years after the end of the contractual relationship). After this period, the data will be deleted.
  7. The user has the right to request access to their personal data from the Provider under Article 15 GDPR, rectification of personal data under Article 16 GDPR, or restriction of processing under Article 18 GDPR. The user has the right to erasure of personal data under Article 17(1)(a), and (c) to (f) GDPR. Furthermore, the user has the right to object to processing under Article 21 GDPR and the right to data portability under Article 20 GDPR.
  8. The user has the right to lodge a complaint with the Office for Personal Data Protection if they believe that their right to personal data protection has been violated.
  9. The user is not obliged to provide personal data. However, providing personal data is a necessary requirement for concluding and fulfilling the contract, and without providing personal data, it is not possible to conclude or fulfill the contract by the Provider.
  10. The Provider does not carry out automated individual decision-making within the meaning of Article 22 GDPR.
  11. An applicant for the Provider's services, by filling in the contact form:
    1. agrees to the use of their personal data for the purpose of electronic sending of commercial communications, advertising materials, direct sales, market research, and direct offers of products by the Provider and third parties, but not more often than once a week, and at the same time
    2. declares that the sending of information under point 1.11.1 is not considered unsolicited advertising within the meaning of Act No. 40/1995 Coll., as amended, as the user expressly agrees to the sending of information under point 1.11.1 in connection with Section 7 of Act No. 480/2004 Coll.
    The user may withdraw consent under this paragraph at any time in writing to michal.laznicka@ekonservis.cz
  12. The Provider uses so-called cookies in its presentation to improve the quality of services, personalize offers, collect anonymous data, and for analytical purposes. By using the website, the user agrees to the use of this technology.

II. Rights and Obligations between Controller and Processor (Processing Agreement)

  1. The Provider is the processor of users' clients' personal data pursuant to Article 28 GDPR. The user is the controller of such data.
  2. These terms govern the mutual rights and obligations in the processing of personal data to which the Provider has access in the course of fulfilling the license agreement concluded by agreeing to the general terms and conditions at www.ekonservis.cz (hereinafter referred to as the “license agreement”) concluded with the user on the date of creation of the user account.
  3. The Provider undertakes to process personal data for the user to the extent and for the purpose set out in Articles 2.4 – 2.7 of these terms. The means of processing will be automated. The Provider will collect, store on information carriers, retain, block, and dispose of personal data in the course of processing. The Provider is not authorized to process personal data contrary to or beyond the scope set out in these terms.
  4. The Provider undertakes to process personal data for the user to the following extent:
    • ordinary personal data,
    • special categories of data under Article 9 GDPR, which the user has obtained in connection with their own business activities.
  5. The Provider undertakes to process personal data for the user for the purpose of processing inquiries and requests from clients obtained from the contact form.
  6. Personal data may only be processed at the Provider's or its subcontractors' workplaces under Article 2.8 of these terms, and only within the territory of the European Union.
  7. The Provider undertakes to process the user's clients' personal data for the user for the period necessary to exercise the rights and obligations arising from the contractual relationship between the Provider and the user and to assert claims from these contractual relationships (for 15 years after the end of the contractual relationship).
  8. The user grants permission to involve a subcontractor as another processor under Article 28(2) GDPR, namely the application hosting provider. The user also grants the Provider general permission to involve another personal data processor in the processing, but the Provider must inform the user in writing of any intended changes regarding the addition or replacement of other processors and give the user the opportunity to object to such changes. The Provider must impose the same personal data protection obligations on its subcontractors in the position of personal data processor as are set out in these terms.
  9. The Provider undertakes that the processing of personal data will be secured in particular as follows:
    • Personal data are processed in accordance with legal regulations and on the basis of the user's instructions, i.e., for the performance of all activities necessary for the provision of the web platform.
    • The Provider undertakes to technically and organizationally secure the protection of processed personal data so that unauthorized or accidental access to data, their alteration, destruction or loss, unauthorized transfers, other unauthorized processing, as well as other misuse, cannot occur, and that all obligations of the personal data processor arising from legal regulations are continuously secured for the duration of the processing.
    • The technical and organizational measures taken correspond to the level of risk. Through them, the Provider ensures the continuous confidentiality, integrity, availability, and resilience of processing systems and services, and timely restores the availability of and access to personal data in the event of physical or technical incidents.
    • The Provider hereby declares that the protection of personal data is subject to the Provider's internal security regulations.
    • Only authorized persons of the Provider and subcontractors under Article 2.8 of these terms, who will have the conditions and scope of data processing set by the Provider, and each such person will access personal data under their unique identifier, will have access to personal data.
    • Authorized persons of the Provider who process personal data under these terms are obliged to maintain confidentiality about personal data and security measures, the disclosure of which would jeopardize their security. The Provider will ensure their demonstrable commitment to this obligation. The Provider will ensure that this obligation for the Provider and authorized persons continues even after the termination of the employment or other relationship with the Provider.
    • The Provider will assist the user through appropriate technical and organizational measures, where possible, to fulfill the user's obligation to respond to requests for the exercise of data subject rights under the GDPR; likewise, in ensuring compliance with the obligations under Articles 32 to 36 GDPR, taking into account the nature of the processing and the information available to the Provider.
    • After the termination of the performance associated with processing under Article 2.7 of these terms, the Provider is obliged to delete all personal data or return them to the user, unless there is an obligation to store personal data under a special law.
    • The Provider will provide the user with all information necessary to demonstrate that the obligations under this agreement and the GDPR have been fulfilled, allow audits, including inspections, carried out by the user or another auditor authorized by the user.
  10. The user undertakes to immediately report all facts known to them that could adversely affect the proper and timely fulfillment of obligations arising from these terms and to provide the Provider with the cooperation necessary to fulfill these terms.

III. Final Provisions

  1. These terms expire upon the expiration of the period specified in Articles 1.6 and 2.7 of these terms.
  2. The user agrees to these terms by checking the consent box via the online form. By checking the consent box, the user declares that they have read these terms, agree with them, and fully accept them.
  3. The Provider is entitled to change these terms. The Provider is obliged to publish the new version of the terms on its website without undue delay or send the new version to the user at their email address.
  4. Provider's contact details regarding these terms: +420 775 589 989, michal.laznicka@ekonservis.cz
  5. Relations not expressly governed by these terms are governed by the GDPR and the legal order of the Czech Republic, in particular Act No. 89/2012 Coll., the Civil Code, as amended.

These terms are effective as of 1 September 2022

HOW TO REACH US

Write to us

If you have any questions, feel free to contact us anytime.

+420 775 589 989michal.laznicka@ekonservis.cz