OX Point a.s., the operator of the www.oxpoint.cz website, considers the protection and confidentiality of your data to be very important. We process and use your personal data in accordance with the provisions of both Czech legislation (Personal Data Protection Act No. 101/2000 Coll.) and European legislation (Regulation (EU) 2016/679 of the European Parliament and of the Council).

Privacy Statement

General Data Protection Regulation (GDPR) effective from 25. 5. 2018 aims to protect the rights (in particular) of European Union citizens against unauthorised use of their personal data.

Data subjects are entitled to:

The right of access enables the data subject to find out whether and, where applicable, what data about his or her person are processed and stored by the controller, the purpose, legal basis, method and duration of the processing and the recipients to whom the personal data are disclosed. Similarly, every data subject has the right to a copy of all personal data processed about him or her by the controller. However, this should never affect the rights of others (in particular the right to protection of their personal data, but also the protection of intellectual property or trade secrets) or jeopardise national security. Data subjects are also to be informed whether their personal data are used for automated decision-making or profiling. In this context, the data subject shall also have the right to know the procedures, the meaning and the envisaged consequences of such processing.

The right to rectification allows the data subject to seek redress if he or she finds that the data recorded is incorrect, inaccurate or incomplete. The data controller must ensure that the rectification is carried out without undue delay. To this end, the administrator shall ensure an appropriate uniform procedure for the submission and handling of applications, e.g. through online correction requests.

The right to erasure (or the right to be forgotten) allows the data subject to request the removal of their data from the controller’s records if one of the following occurs:

• Personal data is recorded and processed unlawfully, e.g. the specified processing period has expired;
• The processing was based on consent which has been withdrawn and there is no other legal basis for processing;
• The parent does not consent to the processing of his/her child’s personal data (if the data processing is based on consent for information society services).
• The personal data is no longer needed for the purpose for which it was stored and processed;
• The data subject objects to the processing based on the legitimate interests of the data controller and these legitimate interests do not override the interest in the protection of the citizen’s personal data.

If the right to erasure is exercised, the data subject is entitled to request the erasure of all occurrences and references to his or her personal data in all copies thereof.

The right to restriction of processing obliges the data controller to restrict the processing of personal data of a citizen for the following reasons:

If the data subject objects that the processed data is inaccurate, it is possible to request a restriction of the processing for the time necessary to verify the accuracy of the personal data;

• if there is no legal basis for the processing of personal data, the data subject may, instead of erasure
  to request a restriction of processing (i.e. that the controller only retains the data for a specified period of time, but otherwise
  not processed);
• although the personal data are no longer needed for the controller’s stated purpose, they may still be needed for
  citizen, e.g. to defend any legal claims;
• if the data subject has already objected to the processing of the data, he or she is also entitled to request a restriction
  processing for the period necessary to verify whether the legitimate interests of the controller outweigh the interests of the data subject.

The right to object allows the data subject to object to the processing of his or her personal data based on the legitimate or public interest of the data controller. In the event of an objection by the data subject, the controller shall verify and duly substantiate whether the legitimate or public interest overrides the data subject’s interest in the protection of his or her personal data.

The right to data portability allows the data subject to obtain their personal data in a structured, machine-readable form. It may also request that the data be transferred directly to another controller, if this is (technically) possible and feasible. However, the right only applies where the processing of personal data is based on consent or contract.

PERSONAL DATA CONTROLLER

OX Point a.s., Štětkova 1638/18, 140 00 Prague 4, ID No.: 0975225. If you have any questions about the processing and protection of your personal data, you can contact us by email at: info@cp4u.cz

THE PURPOSES, LEGAL TITLES AND DURATION OF THE PROCESSING OF PERSONAL DATA

If you contact us at www.oxpoint.cz via the contact form, we will process your personal data for the purpose of handling your enquiry (sending you a reply. We will not be able to process your enquiry without processing your personal data. For these purposes, we process the following personal data: first name, last name, company name, e-mail address, or telephone contact. If you write to us via the contact form, online chat or to a specific e-mail address, we do not process your personal data further and only use it for the purpose of dealing with your questions, comments or suggestions.

TRANSFER OF PERSONAL DATA

All personal data collected from customers is used exclusively for internal company use, protected from misuse and not disclosed to third parties without prior notice or your consent.

COOKIES

Cookies are small text files that are stored on your device (computer, mobile device or other device that allows access to the Internet) through which you use conteg.cz, and if you do not delete them after leaving our site, they are used again during your subsequent visits. We use cookies to improve the functionality of our site and to make your next visit easier, in particular for the following activities:

• saving preferences and settings that allow our website to function properly,
• login and authentication. If you don’t want to keep logging in and out, you don’t have to thanks to cookies,
• Security. We use cookies to detect fraud and abuse of our website,
• Analysis. We use cookies to collect data for our analytical tools,
• We use cookies to evaluate our marketing campaigns or to reach customers,
  social networks.
• You can share some of the content from our site with your friends.

Despite the above, we are not able to identify you on the basis of cookies to the level of a specific
natural persons.

Web analytics tools

STATISTICAL DATA

If you use our website, we collect statistics about your activity, which we use to improve our services.

GOOGLE ANALYTICS

The service that enables the analysis of our website is from Google Inc. (“Google”). The information generated when using our website is transmitted to Google’s servers, where it is subsequently stored. Google uses this information to analyse user behaviour on our website and subsequently provides this analysis to us.

YOUR RIGHTS

It is your natural right to receive information about the data we process about you. You also have the right to rectification or blocking of incorrect or outdated data, the right to restriction of processing and the right to object to processing. In certain cases, you have the right to erasure. Furthermore, we are obliged to transfer your personal data to the data controller/processor of your choice upon your request. If you are convinced that we do not treat your data adequately and in accordance with legal standards, you have the option to file a complaint with the supervisory authority, which is the Office for Personal Data Protection. If you have any questions regarding the processing of your personal data, please contact the Data Controller at info@cp4u.cz