Privacy Policy
PRIVACY POLICY
According to Article 13, paragraphs 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as ‚GDPR‘).
Identity and contact details of the data controller
Business name: DIGIFEMME s.r.o.
Identification Number: 21316571
TIN: CZ21316571
Headquarters: Křižíkova 703/97a, Praha 8, 186 00
Entry: in the Commercial Register kept by the Municipal Court in Prague, Section C, Entry 400033.
Contact person: Anna Andrlová, Managing Director
E-mail: anna@digifemme.com
(hereinafter referred to as ‚controller‚)
Processed personal data
The controller processes personal data of its customers, i.e., individuals who enter into a contractual relationship with the controller, pursuant to which the controller provides such individuals with products or services within the scope of the controller’s activities. The customer is a data subject within the meaning of Article 4(1) of the GDPR.
The controller processes the following personal data of its customers:
- Name and surname
- Address
- Identification Number (in the case of natural persons conducting business)
- Phone number
- Photography
- Written references
Purposes of processing personal data and legal basis for their processing.
The customer’s contact and identification details (name, ID number, address, telephone, email) are processed for the purpose of fulfilling the contractual obligations of the controller under contracts concluded between the controller and the customer, for invoicing purposes, and further for the purpose of contacting the customer regarding matters related to the fulfillment of the controller’s contractual obligations, all in accordance with Article 6(1)(b) of the GDPR.
The customer’s contact details (name and email) are further processed for the purpose of direct marketing by the controller – sending commercial communications (e.g., newsletters), exclusively based on the customer’s consent pursuant to Article 6(1)(a) of the GDPR.
The customer’s photograph and their name and surname in connection with written references regarding the services of the controller are processed for the purpose of promoting the activities conducted by the controller (e.g., publication on social media or the controller’s website, etc.), exclusively based on the customer’s consent pursuant to Article 6(1)(a) of the GDPR.
Recipients/Categories of recipients of personal data
The processed personal data is provided to the following recipients – entities cooperating with the controller in the performance of individual contracts, especially in the areas of administrative and technical support for the operation of applications necessary for the operation of the website and auxiliary technical solutions:
- Webglobe
- Ecomail
- ComGate Payments, a.s.
In case of non-compliance with obligations by the customer, the controller is further authorized to provide the processed personal data to persons providing legal services for the purpose of debt recovery.
Personal data is not disclosed to any other third parties, nor to third countries.
The period for which personal data will be held
Personal data processed for the purpose of fulfilling the controller’s contractual obligations will be retained for the duration of the relevant contractual relationship and subsequently for a period of 10 years following the termination of the contractual relationship. Personal data processed for marketing or promotional purposes will be retained for a period of 5 years following the termination of the contractual relationship. Personal data processed for the purpose of fulfilling the controller’s legal obligations (e.g., accounting records) will be retained for the duration of the retention period specified by the relevant legal regulations.
Security of personal data
The controller ensures the protection of personal data through modern technologies commensurate with the level of technological development. The controller has adopted in particular the following technical and organizational measures to prevent misuse, damage, or destruction of personal data:
Secure access to the controller’s computer (password protected)
Secure access to the controller’s phone (password and fingerprint reader protected)
Secure access to the controller’s email accounts (secured by username and password)
Secure access to email newsletter applications (secured by username and password)
Secure access to billing systems (secured by username and password)
Encrypted communication on the controller’s website (valid HTTPS certificate)
Regular software updates
Personal data will be processed electronically by automated means or in printed form by non-automated means.
Rights of the data subject (customer) related to the protection of personal data
The data subject (customer) is entitled, in accordance with GDPR, to:
Request from the controller access to personal data concerning the data subject (customer)
Demand correction of personal data
Demand deletion of personal data
Demand restriction of processing of personal data
Raise an objection against processing
Demand the transfer of personal data
Lodge a complaint against the controller with the supervisory authority in case of infringement of relevant legal regulations regarding the protection of personal data
Withdraw consent to the processing of personal data at any time without affecting the lawfulness of processing based on consent before its withdrawal
The customer may revoke consent to the processing of personal data processed based on this consent by sending a statement to the controller’s email address info@digifemme.com.