Principles of processing and protection of personal data
Principles of processing and protection of personal data CAPPA
I. General provisions
- 1. The company CAPPA 2, Ltd., ID No .: 60111470, with its registered office
at Paříkova 910 / 11a, 190 00 Praha 9, Vysočany, issues, for purpose of
informing its customers, supporters and friends (hereinafter collectively
„members“) about the processing of their personal data based on consent,
these principles relating to processing of personal data when granting or
renewing consent (hereinafter referred to as "
- The company CAPPA 2, Ltd. has in the processing of personal data pursuant to
article 4 point 7 of Regulation of the European Parliament and of the
Council (EC) 2016/679 on the protection of individuals with regard to the
processing of personal data and on the free movement of such data (hereinafter
referred to as GDPR) the position of „an
Administrator“ of personal data (hereinafter referred to as
- Personal data means any information about an identified or identifiable
natural person; an identifiable natural person is a natural person that can be
identified directly or indirectly, in particular by reference to a particular
identifier such as a name, identification number, location data, network
identifier or one or more specific physical, physiological, genetic,
psychological, economic, cultural or social identity of this individual.
- The administrator did not appoint a Data Protection Officer.
II. Sources and categories of processed personal data
1. The administrator processes the personal data you have provided to him /
her, or the personal data that the administrator has received on the basis of
performance of your order.
2. The administrator processes your identification, contact details and data
necessary for performance of the contract.
III Legitimate reason and purpose of processing
1. The legitimate reason for the processing of personal data is
● the performance of the contract between you and the
administrator under Article 6
par.1 letter b) of GDPR,
2. The purpose of processing personal data is
● the execution of your order and exercise of rights and obligations
arising from the contractual relationship between you and the administrator;
(personal name, address, contact) is the personal data necessary a successful
conclusion and performance of the contract, without provision of personal data
it is not possible to conclude the contract or to perform it by the
3. The administrator does not have an automatic right of individual decision
within the meaning of Article 22 of GDPR.
IV. Retention period of personal data
- The administrator keeps personal data
- for a period necessary to exercise the rights and obligations resulting from
the contractual relationship between you and the administrator and claiming
rights under these contractual relationships (for a period of 15 years from the
termination of the contractual relationship).
- At the elapse of data retention period, the administrator will erase
V. Recipients of personal data (subcontractors of the
Recipients of personal data are persons,
- involved in the delivery of goods / services / making payments on the basis
of a contract: Geis, DPD, Zásilkovna (mail order shop).
- ensuring other services related to the operation of the e-shop: (Forpsi) and
other services related to the operation of the e-shop: (Seznam cz, Heuréka,
Google, MOTOportal, s.r.o.)
- The administrator does not intend to transfer personal data to a third
country (to a non-EU country) or to an international organization.
VI. Your rights
- . Under conditions stated in GDPR you have
- the right of access to your personal data under Article 15 of
- the right to correction of personal data pursuant to Article 16 of the
GDPR, or to the restriction of processing pursuant to Article 18 of GDPR.
- the right of cancellation of personal data pursuant to
Art.17 of GDPR.
- the right to lodge an objection against processing under Article 21 of
- the right to data portability under Article 20 of GDPR.
- the right to withdraw consent to processing in writing or electronically to
the address or email of the administrator referred to in Article III of these
- Furthermore, you have the right to file a complaint with the Office of
- The Administrator declares that he has taken all appropriate technical and
organizational measures to safeguard personal data.
- The administrator has taken technical measures to secure data repositories
secured by an antivirus program, by an access password, and personal data
repositories in paper form with access only for authorized persons.
- The Administrator declares that personal data are only accessible to persons
authorized by him / her.
VIII. Final Provisions
- By sending an order from the online order form, you acknowledge that you are
- You agree with these terms by ticking your consent via the online form. By
confirming your consent, you acknowledge that you are acquainted with the
- The administrator is entitled to change these terms. He will publish a new
new version of these terms and conditions at your e-mail address, which you have
provided to him.
These terms come into effect on May 25, 2018.