PRIVACY POLICY

  1. BASIC PROVISIONS
  1. In compliance with the Article 4, point 7 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: “GDPR“) is enterstore a.s., ID No.: 069 88 512, with its registered office at Na Příkopě 859/22, Nové Město, 110 00 Prague 1 (hereinafter: “Administrator“).
  1. The contact details of the Administrator are:
  • address: enterstore a.s., ID No.: 069 88 512, with registered office at Na Příkopě 859/22, Nové Město, 110 00 Prague 1
  1. Personal data means any information about an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, network identifier or to one or more specific elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
  1. The Administrator has not appointed a data protection officer.
  1. SOURCES AND CATEGORIES OF PERSONAL DATA PROCESSED
  1. The Administrator processes personal data provided to it by the data subject or personal data obtained by the Administrator as a result of the processing of the contact form submitted.
  1. LAWFUL BASIS AND PURPOSE OF THE PROCESSING OF PERSONAL DATA
  1. The lawful reason for processing personal data is
  1. the granting of consent to the processing of personal data by the data subject pursuant to Article 6(1)(a) of the GDPR;
  1. the legitimate interest of the data Administrator in processing the contact forms sent to it pursuant to Article 6(1)(f) GDPR.
  1. The purpose of the processing of personal data is
  1. the processing and handling of indicative offers from data subjects and third parties interested in potential cooperation and investment by the Administrator as an entrepreneur whose object of business activity is focused on the acquisition of e-commerce projects and companies and their subsequent management and administration. In the context of the processing and handling of indicative offers, personal data is required that is necessary for the successful processing and handling of indicative offers and the subsequent initiation of pre-contractual negotiations. The provision of personal data is a necessary requirement for the commencement of negotiations for the conclusion and performance of the contract;
  1. the legitimate interest of the Administrator in the retention of personal data of potential partners interested in potential cooperation and investment.
  1. The Administrator does not engage in automated individual decision-making or profiling when processing the personal data of the data subject within the meaning of Article 22 of the GDPR.
  1. DATA RETENTION PERIOD
  1. The Administrator retains personal data
  1. for the duration of the consent to the processing of personal data;
  1. for the duration of the Administrator’s legitimate interest in retaining the personal data, but no longer than 1 year from the last contact between the Administrator and the data subject about the contact form sent.
  1. After the expiry of the retention period, the Administrator shall delete the personal data.
  1. RIGHTS OF THE DATA SUBJECT
  1. Under the conditions set out in the GDPR, the data subject has the right to
  1. to obtain confirmation of the (non-)processing of personal data and to have access to the personal data concerning the data subject which the data Administrator processes pursuant to Article 15 GDPR;
  1. to rectification or completion of personal data if inaccurate or incomplete pursuant to Article 16 GDPR;
  1. to erasure or restriction of the processing of personal data pursuant to Article 17 GDPR;
  1. to object to the Administrator to the processing of personal data concerning the data subject pursuant to Article 21 GDPR;
  1. to transfer the personal data of the data subject to another Administrator pursuant to Article 20 GDPR;
  1. to lodge a complaint pursuant to Article 80 GDPR with the supervisory authority (Úřad pro ochranu osobních údajů, ID No.: 708 37 627, with registered office at Pplk. Sochor 27, 170 00 Prague 7) if the data subject considers that the processing of his/her personal data has violated the GDPR or Act No. 47/2019 Coll., on the processing of personal data;
  2. the right to withdraw consent to the processing of personal data in writing or electronically to the address or email of the Administrator specified in paragraph 1.2 of these Terms and Conditions of Personal Data Protection, with effect from the date of delivery of the withdrawal of consent to the Administrator. The Administrator is not obliged to delete the personal data after withdrawal of consent if the legitimate interest of the Administrator in the processing of the contact forms sent pursuant to Article 6(1)(f) GDPR to which the consent to the processing of personal data related continues.
  1. PERSONAL DATA SECURITY CONDITIONS
  1. The Administrator declares that it has taken all appropriate technical and organisational measures to secure data storage and personal data storage facilities so that unauthorised or accidental access to, alteration, destruction or loss of data, unauthorised transmissions, unauthorised processing or other misuse of personal data cannot occur and that all obligations of the data processor under the law are always secured by staff and organisation during the processing of the data.
  2. Personal data shall be accessible exclusively by the Administrator. The data Administrator shall manage personal data with due care and in accordance with the applicable legal regulations and shall protect personal data
  3. Personal data are processed by the Administrator and the Administrator does not transfer such personal data exclusively, unless such transfer of personal data is necessary to ensure the purpose of processing personal data pursuant to paragraph 3.2 of these Terms and Conditions or to comply with legal obligations arising from special legal regulations. The Administrator does not intend to transfer personal data to a third country (non-EU country) or an international organisation.
  1. FINAL PROVISIONS
  1. The data subject shall tick the box “I have read the Privacy Policy and consent to the processing of personal data to the extent and in the manner specified in the Privacy Policy.”   and by submitting the contact form, the data subject expressly declares that he or she has duly read the Privacy Policy, understands it, accepts it and gives his or her free, voluntary, unconditional and informed consent to the processing of personal data by the Administrator to the extent set out in paragraph 1.3 of this Privacy Policy within the meaning of Article 6(1)(a) of the GDPR.
  2. The Administrator is entitled to change these terms and conditions at any time. The Administrator shall publish the amended version of the Privacy Policy on its website and shall also send the data subject a notification of such amendment to the contact email address provided by the data subject to the Administrator.