On this page you will find an overview of the main principles of personal data protection and other processed data on Maitreja.com.
- The personal data controller pursuant to Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: "GDPR") is the Křižovatka Foundation., ID 62159542 with its registered office at Nové Sady 41, 602 00 Brno (hereinafter: "administrator").
- The contact details of the administrator are:
address: Malinovského náměstí 4, 602 00 Brno
phone: +420 543 332 025
- Personal data means all information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, address, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- The administrator did not appoint a data protection officer.
Sources and categories of personal data
- The administrator shall process this personal data within the meaning of Article 4 (1) of the GDPR:
- e-mail address (e-mail)
- IP addresses of the devices from which access to our website was given
- Name and surname (only if filled in)
- address of residence (only if filled in)
- phone number (only if filled in)
- date of birth (only if filled in)
- gender (only if filled in)
- data from your profile, if they belong to personal data within the meaning of Article 4 (1) GDPR
- The administrator only processes personal data that you have provided to him.
Legal reason and purpose of personal data processing
- The legal reason for personal data processing is
- the legitimate interest of the administrator in protecting servers from attacks and user accounts from misuse and providing direct marketing (especially for sending business messages and newsletters) according to Art. f) GDPR,
- Your consent to processing for the purposes of providing direct marketing (especially for sending commercial messages and newsletters) according to Art. a) GDPR in connection with § 7 paragraph 2 of Act No. 480/2004 Coll., on certain information society services in the event that no goods or services have been ordered.
- The purpose of personal data processing is
- to operate your profile on www.maitreja.com (hereinafter only on the website),
- to use data from your profile to create an algorithm that regulates the display of other data on the home page and individual subpages of the website,
- to sending business messages and other marketing activities, including notifications of events related to your profile or your preferences set in your website profile,
- to protection of servers against attacks and user accounts from misuse
- The administrator makes an automatic individual decision within the meaning of Article 22 of the GDPR at the moment when The website evaluates the display of data to the logged-in user on the home page and other subpages, where the decision to display is influenced by the settings of labels and categories in your profile. Automatic individual decision-making can be reset, therefore, set them to default values and delete labels and categories in the profile settings. This action can be performed repeatedly.
- The emails sent to you by the administrator are not considered by the administrator or you as unsolicited commercial communication in the sense of Act No. 40/1995, on Advertising, and Act No. 480/2004, on Certain Information Society Services.
Data retention period
- The administrator retains personal data
- for the duration of your profile and for a maximum of 3 years from your last login on the website in the event of a dispute concerning the relationship between the administrator and you.
- until the consent to the processing of personal data for marketing purposes is revoked, for a maximum of 3 years, if the personal data are processed on the basis of the consent.
- After the retention period of personal data, the administrator deletes the personal data.
Recipients of personal data (subcontractors of the controller)
- Recipients of personal data are persons
- providing services for the operation of the website.
- 2. The following processors, whose operation complies with European standards for the protection of personal data, shall assist the controller in the provision of services, while the processing of personal data by third parties is regulated by their own conditions of service provision. You agree that the administrator may pass on your personal data to them for the fulfillment of the above purposes:
- Company providing hosting Wedos Internet, as for storing data from a web application (information security policy of Wedos Internet, a.s.: https://datacentrum.wedos.com/cldata/272/politika-bezpecnosti-informaci.pdf). Personal data does not leave the territory of the European Union.
- MailChimp emailing service for sending bulk messages. MailChimp's personal information is transferred to the United States, and MailChimp meets the security requirements of the EU-US Privacy Shield.
- Google Analytics statistics services (https://policies.google.com/privacy/partners?hl=en).
- if you log in via Facebook, then also the Facebook Login service operated by Facebook Ireland Limited. Through the Facebook Login service, we pass on the visitor's IP address as personal data. Personal information may be transferred to Facebook in the US by Facebook Ireland Limited, subject to the EU-US Privacy Shield.
- Under the conditions set out in the GDPR, you have
- the right to access your personal data pursuant to Article 15 of the GDPR,
- the right to correct personal data pursuant to Article 16 of the GDPR, or restrictions on processing pursuant to Article 18 of the GDPR.
- the right to delete personal data pursuant to Article 17 of the GDPR.
- the right to object to the processing pursuant to Article 21 of the GDPR and
- the right to data portability pursuant to Article 20 of the GDPR.
- the right to revoke the consent to processing in writing or electronically to the address or email of the administrator specified in Article III of these conditions
You can exercise the above-mentioned rights as soon as possible at firstname.lastname@example.org.
- You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
Terms of personal data security
- The administrator declares that he has taken all appropriate technical and organizational measures to secure personal data.
- The administrator has taken technical measures to secure data repositories and personal data repositories in paper form, especially by placing a database at Wedos Internet, a.s. meeting the security level according to ISO / IEC 27001.
- The administrator declares that only persons authorized by him have access to personal data.
- In the event that the administrator becomes aware of a security risk associated with personal data, it will notify you without undue delay.
- You confirm to the administrator that the personal data provided is true, accurate and that it relates exclusively to you or that you have provided data that has not infringed the rights of third parties. Always notify the administrator about changes in personal data so that only current and complete data is processed, either at our request or without a request. If the administrator asks you to do so, always provide current and true information.
- By completing the registration, you confirm that you are familiar with the conditions of personal data protection and that you accept them in full.
- You also agree to these terms by checking your consent via the online form. By checking the consent, you confirm that you are familiar with the conditions of personal data protection and that you accept them in full.
- The administrator is entitled to change these conditions. The new version of these terms and conditions will be published on their website and at the same time the new version of these terms and conditions will be sent to you by the email address you provided to the administrator.
These conditions take effect on 25.5.2018.