The principles of personal data processing and protection (‘Principles‘) constitute the basic principles by which TESCAN Medical, s.r.o., Libušina třída 21, 623 00 Brno – Kohoutovice, Czech Republic, ID No. 28279093 (the ‘Company‘) is guided when collecting and processing personal data. These Principles implement the Company’s rights and obligations arising in particular from the following generally binding legal regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (‘GDPR‘);
- Act No. 480/2004 Sb. (Coll.), on certain information society services and on the amendment to certain other acts (Certain Information Society Services Act), as subsequently amended (‘Certain Information Society Services Act‘); and
- Act No. 127/2005 Sb. (Coll.), on Electronic Communications and on Amendment to Certain Related Acts (Electronic Communications Act), as subsequently amended (‘Electronic Communications Act‘).
The Principles apply to all persons visiting the Company’s website www.tescan.com (‘Website’), whether or not in a contractual relationship with the Company.
What are personal data
In accordance with the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (not a legal person). In principle, it is any information that, whether alone or in summary with other information, can serve to identify a particular individual (‘Personal Data’).
What type of personal data does the company process
The Company may collect the following Personal Data about you:
- Personal Data that you give to the Company yourselvesIn particular, such Personal Data is any information that you provide when completing a registration, an order or other type of a form or that you communicate to the Company by e-mail, telephone, fax or by other similar device. You may also provide the Company with Personal Data during tenders, by submitting a product or service review, by booking a training place, by sending a general inquiry. These include primarily first name, surname, mailing address, e-mail address, phone number, bank account details, selected payment method, etc.
The Company will process the above mentioned Personal Data for the following purposes:
- to provide the service, product or information you have been interested in;
- if you are an existing customer also to provide information about other services or products similar to those that were the subject of your previous purchase;
- if you are a new customer, the Company will send you commercial messages and offers of products and services only if you have explicitly agreed to it with the Company;
- to assess and evaluate your job application.
- Personal Data that the Company collects on your behalfWhen visiting our Website, the Company may collect some information necessary to ensure the proper and convenient operation of the Website. Such information is the Internet Protocol (IP) data used to connect your computer to the Internet, your registration information, browser type and version, time zone settings, browser plug- ins, your visit information, including a valid Uniform Resource Locator (URL) , the path to and from the Website (including date and time), the products you viewed or searched for, response times, download errors, the length of visits to certain pages, site visit interaction information (such as scrolling, clicks, and mouse locations); way of leaving the page.
These Personal Data are used by the Company to administer and improve the Website and to provide for internal operations, including problem solving, data analysis, testing, research, statistical purposes, and indexing of thumbnails. These Personal Data can also be used to measure ad performance and to provide relevant advertising.
Aquiring of personal data
Personal data that the Company acquires may be transferred within the related parties of the Company and to third parties (the ‘Processors’) who assist the Company in performing its contractual obligations by mediating certain services (e.g. ensuring of services). The Company only passes Personal Data to those Processors who provide guarantees of an adequate level of security for your Personal Data, and who process these Personal Data solely on the basis of a Personal Data Processing Agreement.
In this sense, the Company may transmit Personal Data to these Processors:
- external collaborators and suppliers in order to meet the Company’s contractual obligations;
- payment service providers and payment processors in order to secure the transfer of funds and the implementation of payment transactions;
- providers of postal and delivery services for the purposes of delivering products or services offered by the Company;
- Website administrators;
Under certain circumstances, the Company may be required to provide your Personal Data to third parties (e.g. to law enforcement agencies) in accordance with generally binding legal regulations.
Means of personal data protection
In order to protect and minimise the risk of unauthorised access to Personal Data, the Company has adopted organizational and technical measures.
These measures include:
- organisational restrictions restricting the range of persons authorised to come into contact with Personal Data; and
- technical support for servers and the Company’s Website against unauthorised manipulation.
Persons in contact with Personal Data are taught about the principles of personal data protection, and are bound by confidentiality agreement when processing these data.
Length of personal data storage
The Company keeps Personal Data for as long as is strictly necessary for the performance of its contractual obligations and for the fulfilment of the obligations that the Company derives from the applicable legal regulations. Personal data that are processed on the basis of your consent are retained by the Company only for the duration of the purpose for which the consent was granted.
Once the legitimate reason for processing your Personal Data has expired, the Company will destroy these Personal Data and any existing copies thereof.
The rights of the data subjects
In connection with the processing of your Personal Data by the Company, you are entitled to the following Personal Data Protection Guaranteed Rights:
- the right to withdraw consent to the processing of Personal Data where processing of data is based on the consent;
- therighttorequestaccesstoPersonalDataandtotheinformationaboutwhatPersonal Data of yours are processed by the Company;
- the right to correct inaccurate Personal Data and, if applicable, to supplement incomplete Personal Data;
- the right to delete the Personal Data that are being processed;
- the right to limit the processing of Personal Data;
- therighttoobtainthePersonalDatayouhaveprovidedtotheCompanyinastructured, commonly used and machine-readable format, and the right to pass it on to another person;
- the right to be informed of a breach of the Personal Data Security;
- the right to object to the processing of Personal Data; and
- therighttofileacomplaintwiththeSupervisoryAuthority,i.e.attheOfficeforPersonal Data Protection, at Pplk. Sochora 27, 170 00, Prague 7, or via a data box at qkbaa2n.
The above-mentioned rights and possible complaints may be filed with the Company as the data administrator in writing to the address below or by email to the email address info- email@example.com.
TESCAN Medical, s.r.o. Libušina třída 21, 623 00 Brno – Kohoutovice Czech Republic These Principles are valid and effective from May 25, 2018.