- The administrator of personal data pursuant to Article 4, Paragraph 7 of Regulation 2016/679 of the European Parliament and of the Council of EU, On the Protection of Natural Persons with Regard to the Processing of Personal Data and with Regard to the Free Movement of Such Data (hereinafter referred to as “the GDPR” only) is Ryston Electronics s.r.o., ID: 45312834, with the registered office: Pod vinicí 2045/18, 143 00 Prague 12 - Modřany (hereinafter referred to as “the Administrator” only).
- The contact details of the Administrator are:
Ryston Electronics s.r.o
address: Pod vinicí 2045/18, 14300 Praha 4 - Modřany
telephone: +420 225 272 111
- Personal data are understood as any information relating to an identified or identifiable natural person (individual); an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or social identity elements of that particular natural person.
- The Administrator has not appointed a personal data protection officer.
Sources and Categories of the Personal Data Processed
- The Administrator processes the personal data that you have provided for it or the personal data that it has obtained on the basis of the performance of your order.
- The Administrator processes your identification and contact data and the data necessary for the performance of the contract.
Legal Reason and Purpose of the Processing of Personal Data
- The legal reason for the processing of personal data is
- the performance of the contract between you and the Administrator pursuant to Article 6, Paragraph 1, Letter b) of the GDPR,
- the legitimate interest of the Administrator in the provision of direct marketing (especially in the case of sending commercial messages and newsletters) pursuant to Article 6, Paragraph 1, Letter f) of the GDPR,
- your consent to the processing for the purposes of providing direct marketing (especially in the case of sending commercial messages and newsletters) pursuant to Article 6, Paragraph 1, Letter a) of the GDPR, in conjunction with Article 7, Paragraph 2 of Act No. 480/2004 Coll., On Certain Information Society Services, in the event that no goods or services have been ordered.
- The purpose of the processing of personal data is
- processing your order and exercising the rights and obligations arising from the contractual relationship between you and the Administrator; when ordering, personal data are required, which are necessary for the successful processing of the order (name and address, contact). The provision of personal data is a prerequisite for concluding and performing the contract. Without providing personal data, it is not possible to conclude the contract or perform it by the Administrator,
- sending commercial messages and performing other marketing activities.
- There shall be no automatic individual decision by the Administrator within the meaning of Article 22 of the GDPR. You have given your explicit consent to such processing.
Period of Retaining the Data
- The Administrator shall retain the personal data
- for a period that is necessary to exercise the rights and obligations arising from the contractual relationship between you and the Administrator and to assert claims arising from these contractual relationships (for a period of 15 years from the termination of the contractual relationship),
- until the consent to the processing of personal data for marketing purposes is revoked, but for a maximum of 10 years if the personal data are processed on the basis of the consent.
- At the end of the retention period, the Administrator shall delete the personal data.
Recipients of Personal Data (the Administrator´s Subcontractors)
- The recipients of personal data are the persons
- involved in the delivery of goods or services or in the execution of payments on the basis of a contract,
- involved in ensuring the operation of services,
- providing marketing services.
- The Administrator does not intend to transfer personal data to a third country (a non-EU country) or to an international organization. The recipients of personal data in third countries are mailing or cloud services providers.
- Under the terms set out in the GDPR, you have
- the right of access to your personal data pursuant to Article 15 of the GDPR,
- the right to correct your personal data pursuant to Article 16 of the GDPR, or possibly to the restrictions on the processing pursuant to Article 18 of the GDPR,
- the right to delete your personal data pursuant to Article 17 of the GDPR,
- the right to object to the processing pursuant to Article 21 of the GDPR,
- the right to data portability according to Article 20 of the GDPR,
- the right to withdraw the consent to the processing in writing or electronically to the address or e-mail of the Administrator, specified in Article III of these Terms.
- You also have the right to file a complaint with the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) if you assume that your right to personal data protection has been violated.
Terms of Personal Data Security
- The Administrator hereby declares that it has taken all appropriate technical and organizational measures to secure personal data.
- The Administrator has taken technical measures to secure data and personal data repositories in a documentary form, in particular by anti-virus programs, secure backups storage and regular security checks.
- The Administrator hereby declares that only persons authorized by it have access to personal data.
- By sending an order from the online order form, you confirm that you have become acquainted with the terms of personal data protection and that you accept them in full.
- You agree to these terms by ticking (checking) your consent via the online form. By ticking (checking) the consent, you confirm that you have become acquainted with the terms of personal data protection and that you accept them in full.
- The Administrator is entitled to change these Terms. It shall publish a new version of the Terms of Personal Data Protection on its website, or possibly send you a new version of these Terms to the e-mail address you have provided for it.
These conditions take effect and enter into force on 1st January 2021.