1. General provisions
This Privacy and Cookie Files Policy regulates the processing of personal data gathered through the austral.cz website.
The character of this Privacy and Cookie Files Policy is only informational, which means that it does not constitute any grounds for any obligations for the Users of the Website. The Privacy and Cookie Files Policy focuses on regulating the processing of personal data by the Controller of Personal Data on the Website, including the grounds, purposes and the scope of personal data processing and the rights of the individuals whom the data is regarding, as well as the information on how cookie files and analytical tools are used on the Website. The Controller of personal data as per the provisions of the laws regulating the protection of personal data is Agencia Austral S.R.O. with its registered office in Prague, in Korunní 2569/108, Prague, IČO 08883831, e-mail: dpo@austral.cz, (hereinafter referred to as the “Controller”).
The legal grounds for the processing of personal data by the Controller are provided by the provisions of the Regulation of the European Parliament and the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the „Regulation”.
The Controller shall use their best efforts to honour the privacy of the visitors to the austral.cz website.
The Controller guarantees the confidentiality of all gathered personal data and ensures that all security and data protection means required by the provisions of the laws on personal data protection are implemented. Personal data is gathered with due care and properly secured from being accessed by any unauthorised persons.
The Controller does not gather nor process any sensitive data, referred to within the Regulation as “special categories of personal data”. They also do not intend to collect nor process any data regarding any individuals below 16 years of age.
2. Rights of the user
The User has the following rights resulting from the processing of their personal data:
- Right of access to their own personal data
- Right to rectify their own personal data
- Right to erase their own personal data
- Right to restriction of processing
- Right to object against the processing; Right to data portability
- Right to withdraw consent
- Right to lodge a complaint to the Chairman of the Data Protection Authority
the User has the right to obtain confirmation of whether the Controller is processing their personal data and if so, they have the right to gain access to their personal data and obtain information regarding e.g.: the purpose of processing, categories of the processed data, receivers or categories of receivers of the data to whom the data has been or will be disclosed, the planned duration of storing of the personal data or any criteria upon which the duration of storing the data is depending; the above right includes also the right to obtain a single copy of the data free of charge (for every consecutive copy for which the User asks, the Controller may charge a fee in a reasonable amount resulting from any administrative costs incurred);
(when it is incorrect), which also includes the right to have incomplete personal data completed;
(the so-called “right to be forgotten”), in the following circumstances: when the personal data of the User is no longer required for the purposes for which it has been gathered, when the User withdrew their consent for the processing of the data and no other legal grounds exist for the processing of the data, when the User objected to the processing, when the data has been processed against the law, when the data must be removed for the purpose of meeting the legal obligation arising from the Law of the European Union or the law of a member state applicable to the Controller, when the data has been gathered in relation to provision of an information society service;
when the User questions the correctness of their personal data (for the period which shall allow the Controller to verify the correctness of the data), when the processing is incompliant with the provisions of the law and the User is objecting to the erasure of the data, when the Controller no longer requires the personal data for the purposes for which it has been gathered but it is still required for the User for establishment, exercise or defence of legal claims, when the User submitted an objection to the processing - for as long as it is required to establish if legal grounds exist on the side of the Controller and are superior to the grounds for the objection of the User;
including the right to request and receive the personal data disclosed by the user from the Controller in a structured, commonly used format allowing for machine processing, including the right to demand for the personal data to be sent by the Controller directly to another Controller (as long as it is technically possible);
for the processing of personal data at any time (with the reservation that withdrawing the consent does not make any previous processing made upon consent illegal);
in case the User thinks that the processing of their personal data violates any provisions of the Regulation.
In case of any questions regarding the processing of personal data and in order to exercise the above rights one should contact the Controller via e-mail using the following address: dpo@austral.cz .
3. Entrusting the personal data
For the Web Site to function correctly it is necessary for the Controller to use services of external providers. The Controller only uses the services of such processing entities which ensure sufficient guarantees of implementation of proper technical and organizational means, so that the processing is compliant with the requirements of the Regulation and so that the rights of individuals whom the processed data is regarding are protected.
The Controller entrusts the processing of personal data to the following entities: providers of services providing the Controller with technical, ICT and organizational solutions (particularly providers of computer software, providers of electronic mail and hosting services and providers of company management and technical support software) - the Administrator shares the gathered personal data of the User to the chosen provider acting upon their order only in case and in the scope necessary for the purpose of delivering the given purpose of processing of the data compliant with this Privacy Policy.
All entities to which the Controller entrusts the processing of personal data guarantee that they shall take proper measures to protect and provide security of the personal data as required by the provisions of the law.
The Controller may be obliged to share the gathered information to authorised public authorities on the basis of legally justified demands in the scope in which the authorities demand.
4. Selected purposes of processing, duration of storing and scope of the stored data:
Purpose of processing: establishing contact with the Controller through an online form.
Legal grounds: Article 6 section 1 letter a) of the Regulation.
The period for which the data is stored: until the moment of withdrawal of consent by the User and following the withdrawal of consent, the period of time which refers to the period after which any claims which the Controller may make, or which can be made against them expire.
The scope of the processed data: name, e-mail address, phone number.
The consequence of not providing the above-mentioned data is the lack of possibility to establish contact with the Controller through an online form.
5. Network traffic analysis and cookie files
During visits on our website, we use the so-called “cookie” files. Cookie files are small text files stored by the User’s web browser. Cookie files do not include any information which would allow direct identification of a particular User. The User may disable the use of cookie files within the settings panel of their browser, as well as remove cookie files automatically or manually from their computer. Nonetheless, be aware, that in such case our website may not work, or may not work correctly.
Once the User accepts the information about cookies files on our Website, he will be assigned an individual identifier (User ID). The identifier will transferred to Google Analytics used by Controller. Thanks to User ID we can monitor the activity of a given user visiting our Website e.g. the frequency of visits or the type of device used (computer, mobile device). Each User of our Website has the right to object to the User ID assignment. In order to exercise the above right one should contact the Controller via e-mail using the following address: dpo@austral.cz .
Within our Website we also use the Google Analytics traffic analysis tool from Google (Google inc., USA), in order to create anonymous user statistics. The Google Analytics tool uses cookie files. The information which it generates is processed within the territory of the United States of America only in exceptional cases. If you have any doubts as to the use of Google Analytics, you can block this tool, e.g. by installing a proper plugin within your web browser.
The Website uses the Yandex.Metrica web analytics service provided by Yandex (Yandex Oy Limited Company, Finland). This tool uses cookie files. Information collected by cookies does not reveal your identity, but it can help us to improve our website performance. Information about your use of this website collected by cookies will be transferred to Yandex and stored on Yandex’s server in the EU. Yandex will process this information to assess how you use the website and compile reports for us on our website operation. You can opt out of using cookie files by choosing the corresponding settings in your browser. However, it can affect some website functions.
6. Server logs
Using our website generates requests to the server where our website is hosted. Each such request directed to the server is stored within server logs. Server logs are stored on the server. The data stored within the server logs is not ever tied to a particular person using the Website and it is not used by the Controller to identify the User. The above-mentioned data is only used for the purpose of server administration. Server logs are only auxiliary material for administering the Website and their contents are not ever disclosed to anyone other than the persons authorised to manage the server.