Personal data processing policy
Principles of personal data processing and principles of use of the website www.balineseeden.com and www.balineseeden.webnode.cz
These policies are valid and effective as of June 1, 2024
These policies govern the terms of personal data processing and use of the www.balineseeden.com operated websites
Mgr. Jan Jiterský, ID number 62775481
with registered office Záhuby 2, 507 23, Zelenecká Lhota
(hereinafter referred to as "Provider")
Contact details of the Provider:
Address for delivery: Záhuby 2, 507 23, Zelenecká Lhota
e-mail: jitersky@gmail.com
phone number: +420 605 960 279
(hereinafter referred to as "Contact address")
1. Introductory Provisions
1.1. The principles of personal data processing and the principles of use of the website (hereinafter referred to as the "Policies") define and specify the basic rights and obligations of the Provider, the Customer and the Visitors, especially in the area of personal data protection and other issues when using the Provider's web interface, especially on the website www.balineseeden. com, https://balineseeden.webnode.cz/, the web reservation interface https://balinese-eden-resort.reenio.cz of the Provider or those used by them owned by a third party (especially systems of internal management of facilities owned by another founder, etc.) and in applications and internal systems of the Provider (each of them hereinafter referred to as "web interface"). By visiting the web interface, providing consent in the form of ticking the relevant button, transferring such consent to the Provider from the Customer and/or sending a request or inquiry on the web interface or using it or using the services and products of the Provider, the Person confirms that he has familiarized himself with these policies and agrees with them and wants to be bound by them.
1.2. A customer is a legal entity or a natural person who has concluded any contract with the Provider, regardless of the form. Customer also means natural persons who perform activities as employees of the Customer or otherwise cooperate with him. The customer is obliged to request the consent of his customers, employees, cooperating persons and other persons who are natural persons whose data must be used (processed) by the Provider in the performance of the contract or are related to the performance of the contract with the Provider, to process their personal data and this consent remain valid for the entire duration of the contract between him and the Provider. Wherever there is talk of the need for the consent of natural persons to the processing of personal data in connection with the contract, the Customer undertakes to obtain such consent and keep it valid in the sense of this paragraph. The Customer expressly declares that it has all such consents in accordance with the legislation and that it complies with the applicable legislation when transferring or making available personal data to the Provider.
1.3. A visitor is any natural or legal person who visits any web interface of the Provider, contacts the Provider in any way, or visits an establishment or event (e.g. a lecture) of the Provider. By accepting an order or offer of services or concluding an individual contract, regardless of its form, the Visitor becomes a Customer.
1.4. Where the Provider is mentioned in these Principles, it also refers to employees and cooperating third parties.
2. Submission of questions, requests and contact with the Provider
2.1. When using the web interface, the Visitor is obliged to enter all data correctly and truthfully. If the Visitor submits a question, request or establishes any other contact with the Provider, the Visitor is obliged to provide true personal data during any contact, to announce that he is a person acting on behalf of or on behalf of another person or to announce that there has been a change in personal data and these the Visitor is obliged to update it without delay. The data provided by the Visitor is considered by the Provider to be correct and up-to-date. These obligations also accrue to the Customer.
2.2. Both the Visitor and the Customer acknowledge that the web interface may not be available continuously, especially with regard to the necessary maintenance of the Provider's hardware and software equipment, or necessary maintenance of hardware and software equipment of third parties.
2.3. The Provider is not responsible for any loss to Persons directly or indirectly related to the loss or damage of data.
3. Protection of personal data
3.1. Protection of personal data of the Customer, Visitor or any other person, whose personal data was communicated directly by this person to the Provider or was communicated by a cooperating person of the Provider as, in particular, personal data for the purpose of or in connection with an interest in a non-binding offer, negotiations on the possible conclusion of a contract or the fulfillment any contract with the Provider or the provision of another service by the Provider in connection with the contract (hereinafter referred to as the "Person"), who is a natural person, is provided by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons in in connection with the processing of personal data and the free movement of such data and the repeal of Directive 95/46 EC (hereinafter referred to as "GDPR"), the Provider's internal regulations, physical, hardware and software security and relevant legal regulations.
3.2. The Provider collects and processes the following personal data of the Person, if he is a natural person, to the following extent:
• name and surname
• residential address
• invoicing address, if it is different from the address of residence
• phone number
• e-mail address
• identification number
• tax identification number, if assigned.
3.3. If, under exceptional circumstances, the Provider is provided with personal data that is classified as particularly sensitive according to the GDPR legal standards - e.g. ethnic origin, religious belief or health status - the Provider is obliged to process such sensitive personal data only in accordance with the relevant legislation and to fulfill the contract . Due to the fact that the Provider usually obtains personal data from its Customer, the Customer hereby expressly declares that it gives express consent to processing and has obtained and has valid consent from the Person to process such personal data, including particularly sensitive personal data. The Customer is obliged to inform the Provider of the expiration of the Person's consent within 7 days from the occurrence of such a fact.
3.4. The Provider may entrust a third party as a processor with the processing of the Person's personal data. The realization of the rights of Persons is not affected by this.
3.5. Persons have the following rights:
a. the right to access personal data
i. This right means that the Person can request information from the Provider about whether or not he is processing personal data concerning him. In the event that such data is processed, the Person has the right to request information about the purposes for which, to what extent and in what manner the Provider processes personal data, and may request a copy of this data. Issuance of a copy may be charged by the Provider, especially if these requests are repeated.
b. the right to correct inaccurate and supplement incomplete personal data
i. This right means that the Person can request correction or addition of personal data at any time. The Provider will carry out such a request without undue delay, but taking into account the current technical possibilities.
c. the right to erasure
i. This right means that if the Person of the Provider requests it, the Provider will delete personal data if: (i) they are no longer needed for the purposes for which they were collected or otherwise processed, (ii) the processing is illegal, (iii) ) The person objects to the processing and there are no overriding legitimate reasons for the processing of personal data, (iv) the legal obligation to process established by European Union law or national legal regulations has ceased to exist, (v) The person revokes his consent to the processing of his personal data and at the same time there are no longer no other reasons for their processing.
d. the right to restrict the processing of personal data
i. This right means that the Person can request the restriction of the processing of personal data. In such a case, the Provider will make the personal data unavailable, temporarily delete or store them, or perform other processing operations that will ensure the proper exercise of this right.
e. the right to data portability
i. This right means that the Person may request that personal data concerning him/her, which are processed automatically and on the basis of consent or contract, be transferred to a third party. If the exercise of this right would adversely affect the rights of other persons, it is possible that such a request will not be granted.
f. the right to object
i. This right means that the Person can object to the processing of personal data for reasons of legitimate interest or for the purposes of marketing activities. If the Provider objects to processing for the purposes of marketing activities, the Provider will stop processing personal data for the purpose of sending marketing messages. If he raises an objection to the processing due to a legitimate interest, the Provider will first evaluate such an objection and inform the Person about its handling. If the objection is upheld, the Provider will stop processing these personal data, but it may also happen that such an objection cannot be upheld.
g. the right to file a complaint about the processing of personal data
i. In the event of dissatisfaction with the processing of the request and the exercise of the right, the Person whose personal data is processed has the right to file a complaint with the supervisory authority - the Office for Protection
4.1. Personal data will be processed for 5 years for the purposes of Article 3.10 and for 10 years for accounting, tax and record purposes. Personal data will be processed in electronic form in an automated manner, including artificial intelligence, and in printed form in a non-automated manner. The Provider uses internal regulations, physical, hardware and software security to protect personal data, and the protection of personal data is part of the labor and legal obligations of the Provider's employees and collaborators.
5. Google Analytics, cookies and prohibition of automatic data downloads
5.1. The Provider uses a service enabling data analysis, especially Google Analytics and cookies, for the registration of Visitors and other Persons and the individualization of the content of the web interface.
5.2 The person agrees to the storage of so-called cookie files and their analysis, including functional cookies. In the event that it is possible to place an order on the web interface and to fulfill the obligations of the Person under the contract without the storage of so-called cookies, the Person may revoke the consent according to the previous sentence at any time, using the procedure of revocation of consent to the processing of personal data.
5.3 The person agrees that the Provider prohibits automatic scanning and/or downloading of data from the Provider's web interface, especially so-called crawling. In the event that the Person commits automatic scanning and/or downloading of data from the Provider's web interface, he undertakes to pay the Provider a fine of EUR 4,000 for each such violation. By paying the fine, the Provider still has the option to claim damages from the Person for such a violation.
6. Copyright protection
6.1. The content of the Provider's website, web interface, design, appearance, videos, texts, excerpts from books and all available materials (texts, photographs, images, logos and others) including those in related printed media (promotional flyers, advertisements, etc.), and the content of the software of the web interface and these Policies are protected by the copyright of the Provider and may be protected by other rights of other persons. No content may be changed, copied, reproduced, distributed or used by any third party for any purpose without the written consent of the Provider. The names and designations of products, goods, services, firms and companies may be registered trademarks of their respective owners.
6.2. The Provider reserves the right to share the posts listed on the web interface also through the Facebook network and other social networks and to also appropriately refer to the Customer's identity in them.
7. Final Provisions
7.1. The Provider may unilaterally change or supplement the wording of these Principles at any time. The rights and obligations of the parties are always governed by the wording of the Principles under which they were created. The policy becomes valid and effective on the day it is published on the Provider's web interface.
7.2. If the Person violates the rights of third parties when using goods, services or information from the web interface, the Provider is not responsible for this. If compensation for damages or other damages, or other similar performance, is to be recovered from the Provider, the Provider has the right to subsequently recover this performance from the Person who committed the violation of the right, including all related claims, especially the costs of legal representation.
7.3. The person is prohibited from any intervention in the technical or substantive nature of the web interface. The person is obliged to notify the Provider of a failure of the web interface function or an attack from the outside, which is mainly manifested by the display of content unrelated to the provision of security, especially the display of pornographic content.
7.4. The Provider bears no responsibility for advertising or any other form of promotion carried out by any third party through the web interface and is not responsible for the content of messages exchanged between Persons in some parts of the web interface (e.g. on social networks) or within the Customer's systems and reserves the right remove a message that contains any information that can be considered illegal, offensive or otherwise unacceptable, solely on the basis of its own judgment.
7.5. The provider reserves the right to change or remove any part of the web interface at any time without prior notice.
In Prague dne 1. 6. 2024
Mgr. Jan Jiterský