GDPR

PROTECTION OF PERSONAL DATA

If you are my customer, newsletter subscriber or website visitor, you are entrusting me with your personal information. I am responsible for its protection and security. Please, therefore, familiarise yourself with the protection of personal data, principles, and rights you have in relation to the GDPR (General Data Protection Regulation).

Who is the controller?

I, Boris Štepanovič, IČO 25962990, with registered seat at Koněvova 1927/126, 130 00 Praha 3, operate the website www.borisstepanovic.cz.
I process you personal data as the controller (i.e., I determine how your personal data is processed, for what purpose and for what length of time), and I am responsible for the selection of any data processors who may assist me with the processing.

Contact information

If you would like me to stop the processing of your personal data, you can reach me at +420 605 722 592 or via e-mail at boris@borisstepanovic.cz

Declaration

I declare that, as the controller of your personal data, I comply with all legal obligations required by applicable law, in particular, the Data Protection Act and GDPR, and that:
• I will only process your personal data if I have a legitimate interest to do so, am fulfilling or entering into a contract, am under legal obligation, or have been given your prior consent.
• I fulfill the duty of information according to Article 13 of the GDPR before the processing of any personal data.
• I assist you in exercising your rights as a data subject as defined under the Data Protection Act and GDPR.

Scope of personal data and purposes of processing

I process personal data that you entrust to me for the following purposes:
• In the performance of a contract (e.g., registration for consultation, sending of information, etc.) and general bookkeeping.
• If you are a customer, I require your personal information (i.e., billing information) to comply with all legal obligations for the issuing and registration of tax documents and the sending of promotional newsletters.
• I use your personal information (email address, first name, and surname) for direct marketing purposes, including sending commercial messages. If you are my customer, I am doing so out of legitimate interest because I reasonably assume you are interested in my news for five years after your last order. If you are not my customer, I send you newsletters only with your express consent, for a period of 5 years from when permission was first given. In either case, you can revoke your consent by using the opt-out link in each email I send. Also, I retain your personal information for the duration of the limitation periods unless the law provides for a longer period of retention, or I have specified otherwise in specific cases.

Cookies

You can browse my website in a mode that does not allow for the collection of personal information. To find out more about how cookies work and how to manage them, you can visit the following address: http://www.youronlinechoices.com.

Security and privacy

I protect your personal data as much as possible with the help of modern technologies that correspond to the level of technological development. I protect them as if they were my own. I have taken and maintained all possible and currently known technical and organisational measures to prevent the misuse, corruption, or destruction of your personal data.

Transfer of personal data to third parties

I use the services and applications of qualified data processors who can protect data even better than myself and specialise in data processing to provide specific processing operations that I cannot handle independently. This includes my provider of accounting services and tax advice.

In the future, I may decide to use other applications or processors to facilitate and improve processing. In these cases, however, I promised to only select those vendors with the same security and quality standards as my own.

Transmission of data outside the European Union

All processing of personal data will be carried out within the EU.

Your Privacy Rights

You have a number of rights regarding the privacy of your personal data. If you would like to exercise any of these rights, please contact me via e-mail at boris@borisstepanovic.cz.

You have the right to information that is already fulfilled by this information page covering the principles of personal data processing.
You also have the right to request to see how your personal data is processed and why. You can make this request at any time, and I will respond within 30 days. If you find your personal information incomplete or out of date, you have the right to complete or make changes to your personal information.

You may exercise your right to restrict processing if you believe I am processing your data incorrectly or unlawfully, but do not wish to delete all of the data, or if you object to its processing.

You may limit the scope of personal data for processing purposes (e.g., unsubscribing from the newsletter limits the purpose of processing for sending business messages).

Right to Portability

If you would like to transfer your data to another individual, I will provide a copy of the personal data undergoing processing in a machine-readable format as per Article 15 of the GDPR. Each such request requires at least 90 days.

Right to erasure (‘right to be forgotten’)

You have the right to have your personal data permanently erased. I do not want to forget you, but if you wish, you have the right. In this case, I will delete all your personal data from my system and all sub-processors. Each deletion request requires 90 days to complete.

In some cases, I have a legal obligation to maintain data records for a specified period of time (e.g., tax documents). In these cases, I will delete all personal data not bound by another law. I will notify you via email when the deletion is complete.

Complaint to the Office for Personal Data Protection

If you feel that I have not lawfully handled your information, you have the right to contact the Office for Personal Data Protection at any time. I would be very pleased, however, if you could first inform me of your concern so that I can take the appropriate action and correct any errors.

Unsubscribe from Newsletters and Business Communication

If you are my customer, you will receive regular email communication with inspiration, articles, videos, invitations, or product and service information. If you are not my customer, I will only send you emails if you have given your consent. In both cases, you can unsubscribe to my emails by clicking the unsubscribe link in the email.

Secrecy

I wish to assure you that my associates, who will process your personal data, are obliged to maintain confidentiality about personal data and security measures, the disclosure of which would compromise the security of your personal data. This confidentiality continues even after the end of contractual relations with me. Your personal information will not be disclosed to any other third party without your consent.

Thank you for your cooperation.

This Privacy Policy is valid as of May 20, 2018.