I. Basic Provision
The personal data administrator under art. 4, point 7 of the Regulation 2016/679 of the European Parliament and of the Council (EU) on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”) is BODEN – MATTE inc., registered office U Hřiště 1233 / II, 755 01 Vsetín, Identification number: 25364197, VAT: CZ25364197 (hereinafter referred to as the “administrator”).
Administrator contact information is:
Address: U Hřiště 1233 / II, Vsetin; Postcode 755 01
Phone: (+420) 571 411 647
Personal data means all information about an identified or identifiable natural person; an identifiable natural person is a natural person that can be identified, directly or indirectly, in particular by reference to a particular identifier, such as name, identification number, location information, network identifier or one or more specific physical, physiological, genetic, psychological, economic, cultural or the social identity of this natural person.
The administrator did not appoint a Data Protection Officer.
II. Sources and categories of processed personal data
The administrator processes the personal information you provided or the personal information that the administrator obtained as a result of fulfilling your order.
The administrator processes your identification data and contact information and the data necessary for the performance of the contract.
III. Legal reason and purpose of personal data processing
The legal reason for the personal data processing is the performance of the contract between you and the administrator under art. 6, par. 1, let. (b) GDPR, the legitimate interest of the administrator in providing the direct marketing (in particular for sending commercial messages and newsletters) under art. 6, par. 1, let. a) GDPR in connection with Section 7 par. 2 of Act No. 480/2004 Coll., on Certain Information Society Services, in the event that no goods or services were ordered.
The purpose of processing personal data is to process a request or inquiry sent using the contact form; when submitting the form, personal data necessary for the successful processing of the inquiry or request (name and surname, contact) is required. Providing personal data is a necessary requirement here, it is not possible to handle a request or inquiry from the contact form without providing personal data. Sending business messages and doing other marketing activities.
There is no automatic individual decision-making within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.
IV. Data retention period
The administrator keeps personal data for the period necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and to assert claims arising from these contractual relations (for a period of 15 years from the termination of the contractual relationship).
For the period until the withdrawal of the agreement to the processing of personal data for marketing purposes, no longer than 5 years, if the personal data are processed by agreement.
After the personal data retention period has expired, the controller will delete the personal data.
V. Recipients of personal data (subcontractors of the administrator)
The recipients of personal data are persons providing services for the operation of websites and other services related to the operation of websites, providing marketing services.
The administrator does not intend to transfer personal data to a third country (to a non-EU country) or to an international organization.
VI. Your rights
Under the conditions set out in the GDPR, you have the right to access your personal data under Article 15 of the GDPR, the right to correct personal data under Article 16 of the GDPR, or the restrictions of processing under Article 18 of the GDPR, the right to have personal data deleted under Article 17 of the GDPR, the right to object to processing under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR.
You also have the right to file a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
VII. Terms of personal data security
The administrator declares that they have taken all appropriate technical and organizational measures to secure personal data.
The administrator has taken technical measures to secure data and personal data repositories in paper form.
The administrator declares that only the persons authorized by him have access to personal data.
This website uses so-called cookies (small text files in your browser) and similar techniques allowing us to find out how our websites and presentations are attended. We only use this information to process statistics. This information is important for us in terms of improving the web presentation and providing the best website content and structure so that the users can quickly and easily find everything they need.
Cookies may only be removed by you from your computer, using a specialised software.
If you want, you can set your browser to warn you in case it sends cookies, or simply disable cookies. You can disable cookies in your browser. The method of disabling cookies depends on your browser type, however, in such case, some features may be restricted.
IX. Final provisions
By submitting the contact form, you confirm that you are familiar with the terms of privacy and that you accept them in their entirety.
You agree to these terms by submitting an online form.
These conditions come into effect on 25.5.2018.