GENERAL DATA PROTECTION REGULATION (GDPR)

As of 25 May 2018, JISR Institute, a.s. has been GDPR ready and has taken all security measures resulting from Regulation (EU) No. 2016/679 of the European Parliament and the Council on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive No. 95/46/EC (General Data Protection Regulation). Your data/personal data are therefore safe. Personal data and privacy protection requirements and conditions are available below.

REQUIREMENTS ON THE PROCESSING AND PROTECTION OF PERSONAL DATA

These requirements and conditions for the processing and protection of personal data (“Conditions”) represent the basic principles observed by JISR Institute, a.s., registered address Na strži 241/28, Prague 4, postal code: 140 00, Company ID No.: 052 95 416 (hereinafter the “Company”) when obtaining and processing personal information. These Conditions govern the rights and obligations of the Company ensuing in particular from the following generally valid legal regulations:

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to personal data processing and on free movement of data, and repealing Directive No. 95/46/EC(General Data Protection Regulation – GDPR);
  2. Act No. 480/2004 Coll. on certain services provided by information companies and on amendments to certain acts (the Act on Services Provided by Information Companies), as amended (the “Act on Services Provided by Information Companies“); and
  3. Act No. 127/2005 Coll. on electronic communication and amending certain related acts (the Electronic Communication Act), as amended (the “Electronic Communication Act“).

PERSONAL SCOPE

These conditions and requirements apply to all persons who visit the Company website at https://jisr-institute.org/ (hereinafter the “Website”), regardless of whether these persons are in any legal relationship with the Company (hereinafter “data subjects”).
By using the company website, you agree to these Conditions and give your consent to their application.
In line with GDPR, personal data refer to all information about a specific natural person or a person who might be identified (not a legal entity). This essentially concerns any information that either alone or collectively with other information may be used for the identification of a particular natural person (“personal data”).

WHAT PERSONAL DATA ARE COLLECTED

The Company mainly processes the following personal data:

  1. name and surname;
  2. date of birth;
  3. personal identification number;
  4. contact and/or delivery address;
  5. phone number;
  6. email address;
  7. IP address;
  8. information about the equipment used to provide the given services.

USING PERSONAL DATA

The Company processes personal data for the following purposes:

  1. provision of products and Company services;
  2. internal evaluation of provided services and possible improvement of provided products and services; and
  3. protection of the legitimate interests of the Company.

Once you provide us with your consent, the Company is authorised to use your personal data for the purpose of offering marketing information and product offers.
In addition to the above, the Company is authorised to send business messages to data subjects under the conditions specified by the Act describing certain services provided by an information company, i.e. if the Company receives such electronic contract information from the data subject (email) in connection with a product sale or based on provided service.

PROVIDING PERSONAL DATA

Personal data the Company obtains on the relevant data subject are forwarded to third parties with which the Company is authorised to share personal data (e.g. a municipal court in the case of a legal dispute), or where the Company is obliged to provide data (e.g. law enforcement authorities) and where required by generally valid legal regulations.

MEANS OF PROTECTING PERSONAL DATA

In order to protect and minimise the risk of unauthorised access to personal data, the Company adopted organisational and technical measures.

These measures include:

  1. organisational restrictions narrowing the number of persons allowed to access personal data; and
  2. technical protection of servers and website of the Company against unauthorised tampering and handling.
    Persons who come in contact with personal data are also bound by confidentiality requirements in line with Article 28 (3) (b) of GDPR.

PERSONAL DATA STORAGE PERIOD

The Company stores personal data for the time period necessary to provide services, but at least for 3 years after the last service has been provided to the data subject.

GOOGLE ANALYTICS

The Company uses Google Analytics on its website. These services are provided by Google LLC. Google Analytics allows the Company to collect, process and evaluate data (in addition to personal data) on websites traffic. Google Analytics also uses cookie files, which are stored on servers belonging to Google LLC, and the Company does not have access to these data. For more information about the protection of personal data by Google LLC, visit https://policies.google.com/privacy?hl=en.

CONTACT INFORMATION

In line with Article 14 (1) (a) of GDPR, the Company, as the data administrator, hereby provides its contact information to the data subjects:
JISR Institute, a.s., registered address Na strži 241/28, Prague 4, postal code: 140 00, Company ID No.: 052 95 416
In order to communicate with the Company in matters related to these Conditions, the data subject may also use telephone number: +420 778 732 610.

RIGHTS OF DATA SUBJECTS

Data subjects may exercise the following rights:

  1. the right to revoke consent to the processing of personal data, if the processing takes place on the basis of consent;
  2. the right to access personal data and information specified under Article 15 (1) of GDPR;
  3. the right to correct inaccurate personal data or supplement incomplete personal data;
  4. the right to delete personal data in line with conditions specified under Article 17 of GDPR;
  5. the right to restrict processing of personal data in line with conditions specified under Article 18 of GDPR;
  6. the right to obtain information in line with Article 20 of GDPR which are relevant to the data subject and which were provided to the Company in a structured and commonly used and machine-readable format, and to forward these data to another person;
  7. the right to be informed about violations of personal data protection requirements in line with conditions specified under Article 34 of GDPR;
  8. the right to object to the processing of personal data in line with conditions specified under Article 21 of GDPR; and
  9. the right to submit a complaint to a supervisory authority – the Office for Personal Data Protection, address Pplk. Sochora 27, 170 00 Prague 7, or send the complaint to their data box (address qkbaa2n).

LIABILITY RESTRICTIONS

The Company is not liable for the accuracy or completeness of the contents available on the website and received from third parties.
The Company is not liable for any damage suffered by the data subjects due to the use of the Company website.
The Company reserves the right to modify the contents of the website at any time without the need to notify data subjects in advance.