Privacy Policy – Principles for Handling Personal Data of Users of the Server www.saltek.eu
Business Company: SALTEK s.r.o., with its registered office at Drážďanská 561/85, ID No. (IČ): 62741471 (hereinafter referred to as the "Company" or "Controller"). The Company is registered in the Commercial Register kept by the Regional Court in Ústí nad Labem under file reference C 8775.
"Personal Data" means any information relating to an identified or identifiable natural person (hereinafter referred to as the "Data Subject").
The Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as amended (hereinafter "GDPR"), and with Act No. 110/2019 Coll., on Personal Data Processing, as amended.
The Controller processes the personal data of registered users of the services of the server www.saltek.eu only on the condition that the registered user has voluntarily provided them to the Controller for the purposes of a specific service of the server www.saltek.eu, and only if such service requires user registration. The Controller processes personal data exclusively for clearly defined purposes and on the legal basis according to Art. 6 GDPR, i.e., in cases where processing:
a) is necessary for compliance with a legal obligation to which the Controller is subject; b) is necessary for the performance of a contract or for steps prior to entering into a contract with the Data Subject; c) is necessary for the purposes of the legitimate interests pursued by the Controller, except where such interests are overridden by the interests, rights, and freedoms of the Data Subject; d) is carried out on the basis of the express consent of the Data Subject.
Personal data are processed only to the extent necessary to fulfill the above-mentioned purposes and only for the time necessary to achieve the above-mentioned purposes, but no longer than for the period laid down by relevant legal regulations and in accordance with them. Access to personal data is granted only to the Controller and persons who are in an employment relationship with the Controller, or to a processor based on a contractual relationship with the Controller, and only for the above-mentioned processing purposes. Access to and handling of personal data processed by the Controller is subject to the Controller's internal security regulations.
The personal data of registered users processed by the Controller within the scope of services of the server www.saltek.eu (if the server offers such services) include, in particular, the name and surname, e-mail, and the user's login name and password. For certain services of the server www.saltek.eu, the Controller also processes additional personal data regarding users, for example, the Data Subject's residence address, the name of the internet service provider, IP address, cookies, etc.
The Controller may disclose the Data Subject's personal data to third parties only in cases where required or enabled by law; otherwise, exclusively with the Data Subject's consent.
In accordance with the provisions of Articles 13–23 of the GDPR, the Controller informs the Data Subject of their legal rights. Every Data Subject has the right to:
request from the Controller access to personal data concerning their person under the conditions set out in Art. 15 GDPR;
withdraw their consent to the processing of personal data at any time, where such data are processed by the Controller on the basis of consent, under the conditions set out in Art. 7 GDPR;
request rectification of personal data under the conditions set out in Art. 16 GDPR, restriction of processing of personal data under the conditions set out in Art. 18 GDPR, or erasure of data under the conditions set out in Art. 17 GDPR;
object to the processing of their personal data under the conditions set out in Art. 21 GDPR, if the processing of their personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller, or if the personal data are processed based on the legitimate interest of the Controller;
data portability to another controller under the conditions set out in Art. 20 GDPR;
not be subject to a decision based solely on automated processing, including profiling, under the conditions set out in Art. 22 GDPR. No automated individual decision-making, including profiling (i.e., without human intervention), occurs during the processing of personal data by the Controller;
obtain information about a personal data breach under the conditions set out in Art. 34 GDPR;
lodge a complaint with a supervisory authority (The Office for Personal Data Protection) under the conditions set out in Art. 77 GDPR, if the Data Subject believes that the processing of their personal data violates the obligations set out in the GDPR.
If non-material damage has occurred as a result of the processing of the Data Subject's personal data, the enforcement of their claim shall proceed according to a special act.
The Controller is entitled to send commercial communications to the Data Subject only if the Data Subject has consented to such sending, or based on the Controller's legitimate interest if the Data Subject is a customer of the Controller, a participant in one of its events, or its business partner.
The Controller is entitled to process cookies, i.e., short text files created by visiting its website. Every visitor to the website is notified of the types of cookies and the Controller's authorization to process them via a so-called "cookie banner," where the visitor can grant consent to optional cookies that are not necessary for the functioning of the website. More information about cookies can be found here.