Personal data processing
By granting this consent to the processing of your personal data, you agree that Economia, a.s., ID No.: 281 91 226, with its registered office at Pernerova 673/47, Karlín, 186 00 Prague 8, registered in the Commercial Register kept by the Municipal Court in Prague, Section B, File No. 12746 (hereinafter referred to as the “Controller”) will process your personal data under the conditions set out below.
To what extent will my personal data be processed by the Controller?
The Controller will process your personal data to the extent it was provided by you when ordering the Controller’s products and services or, as the case may be, in connection with your participation in a conference or seminar organized by the Controller as the organizer of such an event, i.e. in particular including your name, surname, email, telephone number, position and company.
For what purpose will my personal data be processed by the Controller?
The Controller will process your personal data for the purposes of performing the contract entered into by you and the Controller (i.e. the confirmed order of your participation in a conference), making an entry in the Controller’s database and carrying out direct marketing (i.e. offering the Controller’s products and services), including sending business communications under Act No. 480/2004 Coll., on Certain Information Society Services.
What is the legal basis for processing?
The legal basis for processing is this consent granted by you, to the extent of the personal data necessary to meet the rights and obligations arising from the binding order on the basis of which a contract will be entered into for your participation in a conference or seminar organized by the Controller.
How long will the Controller process my personal data?
The Controller will process your personal data for the duration of the contractual relationship and, subsequently, for a further 10 years, unless you withdraw this consent to personal data processing.
How and when can I withdraw this consent to the processing of my personal data?
You may withdraw this voluntarily granted consent to the processing of your personal data at any time by sending an email to email@example.com. Withdrawal of consent is without prejudice to the lawfulness of processing based on the consent given prior to its withdrawal. In addition, withdrawal of consent does not affect the processing of personal data processed by the Controller based on a legal basis other than consent (i.e., in particular, if the processing is necessary to perform a contract, to meet a legal obligation or for other reasons specified in the applicable legal regulations).
Who will have access to my personal data?
Your personal data may be accessed by the Controller and, as the case may be, by third parties – processors that provide appropriate guaranties and whose processing meets the requirements of the applicable legal regulations and ensures that your rights are properly protected. In particular, these may be persons involved in the production of a particular event or speakers and panellists participating in the event, but they will only have access to this data for as long as is strictly necessary and to the extent necessary.
How can I contact the Controller?
You can contact the Controller by email at firstname.lastname@example.org or in writing at the Controller’s registered office (Pernerova 673/47, Karlín, 186 00 Prague 8). The Controller may request proof of your identity to prevent unauthorized persons from accessing your personal data. In order to increase the quality of the services and to keep records on fulfilment of the Controller’s legal obligations, all communication between you and the Controller is monitored.
What rights do I have in relation to the protection of personal data?
In relation to your personal data, you particularly have the following rights:
- a) the right to withdraw your consent at any time;
- b) the right to correct or complete your personal data;
- c) the right to request restrictions of processing;
- d) the right to object to or to complain about processing in certain cases;
- e) the right to request the transfer of data;
- f) the right to access personal data;
- g) the right to be informed of breaches of personal data security in certain cases;
- h) the right to delete personal data (the right to be “forgotten”) in certain cases; and
- i) other rights laid down in the Personal Data Protection Act and in General Data Protection Regulation No. 2016/679.
What does it mean that I have the right to object?
Pursuant to Article 21 (2) of General Data Protection Regulation No. 2016/679, you have, inter alia, the right to object to the processing of your personal data if it is processed by the Controller for direct marketing purposes. The objection must be filed with the Controller. In the event that you object to processing for direct marketing purposes, the Controller will no longer process such personal data to this extent unless the Controller proves that there are serious legitimate reasons for processing that override the data subject’s interests or rights and freedoms, or for the determination, exercise or defence of legal claims.
For more information on this right, see, in particular, Article 21 of General Data Protection Regulation No. 2016/679.
Do I have to provide my personal data? What if I do not provide my personal data?
You provide your personal data entirely voluntarily. You have no obligation to provide such data. There are no sanctions if you do not provide your personal data. However, if you do not provide the Controller with your personal data, the Controller will not be able to enter into an event contract and provide the event to you, because the Controller will not be able to perform the contract (for example, without your email address, the Controller will not be able to contact you if the venue or time of the event has been changed). Nevertheless, it is entirely up to you to decide whether or not you wish to enter into a contractual relationship with the Controller.
How is my personal data secured?
All personal data provided by you to the Controller is secured by standard procedures and technologies. However, it is not objectively possible to fully guarantee the security of your personal data. Therefore, it is not even possible to absolutely ensure that the personal data provided cannot be accessed by a third party and that they cannot be copied, disclosed, altered or destroyed by breaking the Controller’s security measures. In this respect, however, the Controller guarantees that it regularly checks that the system is free of weak points, that it has not been exposed to any attack, and that it uses such security measures which the Controller can reasonably be required to provide in order to prevent unauthorized access to the personal data provided and which, given the current state of technology, provide sufficient security. The security measures adopted are then regularly updated. However, each data subject is responsible for keeping his/her unique password and other account information secret, as well as for ensuring permanent control over access to his/her account.