approaches your personal data responsibly, and therefore, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the "GDPR Regulation"), and Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Supplements to Certain Acts (hereinafter referred to as the "Act"), provides you as the data subject (a natural person whose personal data is being processed) on its website, in addition to its identification and contact details and the contact details of the Data Protection Officer, with other necessary information, which can be found in the tabs on the left.
The controller, in accordance with Article 24 of the GDPR Regulation and Section 31 of the Act, has adopted appropriate technical, organizational, personnel, and security measures and safeguards, which particularly take into account:
-
The principles of personal data processing, which include lawfulness, fairness, and transparency, limitation and compatibility of the purposes of data processing, minimization of personal data, pseudonymization, and encryption, as well as integrity, confidentiality, and availability;
-
The principles of necessity and proportionality (also applicable to the scope and amount of personal data processed, retention periods, and access to the data subject’s personal data) concerning the purpose of the processing operation;
-
The nature, scope, context, and purpose of the processing operation;
-
The resilience and recovery of personal data processing systems;
-
Instruction of authorized persons of the controller;
-
Adoption of measures for the prompt detection of personal data breaches and the immediate notification of the supervisory authority and Data Protection Officer;
-
Adoption of measures to ensure the correction or deletion of incorrect data or to exercise other rights of the data subject;
-
Risks with varying likelihood and severity for the rights and freedoms of natural persons (including the accidental or unlawful destruction, loss, or alteration of personal data, unauthorized access or disclosure, assessment of risks concerning the origin, nature, likelihood, and severity of risks related to processing, and identifying best practices for mitigating such risks).