Who processes your personal information?

The controller of personal data pursuant to Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter: "GDPR") RYWA sro, IČO : 07092644, with registered office: Gorkého 93/51, Veveří, 602 00 Brno, entered in the Commercial Register 2.5. 2018 (hereinafter referred to as the "Administrator") and as an administrator we will process your personal data according to the conditions below. The administrator did not appoint a data protection officer

What personal data do we process?

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to a specific identifier, such as name, identification number, location data, network identifier or one or more specific physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. We only process personal information that you provide to us in connection with the use of our services as part of an order to subscribe to one of our titles.

This is most often the information you provide when filling out the contact form:

• First and last name
• Address
• Email
• Phone number
• Additional information filled in voluntarily by you.

And the information we obtain from you by using our services:

• IP address
• Cookies (for online services) - Learn more about cookies here .
• or another online identifier

We use JavaScript on our website, which is part of the website's source code because of its functionality

Why do we process personal data and on what basis?

The legal reason for processing personal data is:

• performance of the contract between you and the administrator pursuant to Article 6 (1) (a) b) GDPR
• Process your personal information in accordance with our legal obligations (such as archiving accounting records) without your consent
• the legitimate interest of the administrator in the provision of direct marketing (in particular for the sending of commercial communications and newsletters) pursuant to Article 6 (1) (a) f) GDPR

The purpose of processing personal data is:

• Processing your order and exercising the rights and obligations arising from the contractual relationship between you and the administrator
• when ordering, personal data is required, which is necessary for the successful completion of the order (name and address, contact), the provision of personal data is a necessary requirement for concluding and fulfilling the contract, without providing personal data it is not possible to conclude the contract or it by the administrator to fulfill improving the quality of our services
• Perform analytics and measurements to display content that meets your individual needs
• Sending business messages and doing other marketing activities.

There is no automatic individual decision by the administrator within the meaning of Article 22 of the GDPR.

Who will have access to your data and for how long?

The administrator declares that he has taken all appropriate technical and organizational measures to secure your personal data. Only authorized persons have access to personal data. The partners to whom we entrust your data are also able to provide such technical and organizational security that no unauthorized or accidental access to or other misuse of your data can occur.

Third parties that may have access to your personal information to the extent necessary are:

• persons involved in the supply of goods / services and the execution of payments;
• People to whom we provide data to analyze traffic to our sites;
• Persons who provide us with the security and integrity of our services, the technical operation of a particular service, technology operators and other services we use in connection with the operation of e-shops and web services;
• A collection agency for the purpose of recovering or collecting our company's receivables;
• Advertising system operators in connection with targeted advertising;
• When setting up a recurring payment, the customer's payment information will also be stored on the relevant payment gateway or bank;
• Under certain, well-defined conditions, we are then obliged to pass on some of your personal data to public authorities.

The controller does not intend to transfer personal data to a third country. All data is stored on the territory of EU countries or countries that are established by the EU as secure.

The administrator retains personal data for the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and to assert claims under these contractual relationships and subsequently for a period of 10 years from the termination of the contractual relationship. You may exercise any of your rights as described below at any time. During the retention period, the controller shall delete the personal data.

Is my personal information secure?

We approach the protection of personal data with the utmost caution and I use it. We use sufficient security. All personal data is secured by standard technologies and procedures, which we continuously check and update. In order to better secure your personal data, access to this data is password protected and sensitive data is encrypted during transmission between your browser and our website.

Please note that even maximum security does not guarantee 100% protection of personal information against access, copying, publication, modification or destruction by a third party. Without your help and responsible behavior, we are not able to fully ensure the security of your data. So keep your passwords for our services secret and choose a password that is not easy to derive. Follow basic safety guidelines.

Can we process your personal data without your consent?

We may process your personal data without your consent. The lawfulness of such processing follows directly from the applicable legal regulations. This is the case when your personal information is necessary: ​​

• To fulfill any obligation arising from a contract between us, the provision of a service or product
• In order to comply with all generally binding legal regulations, we must process certain personal data, regardless of your consent, for the period specified by the relevant legal regulations or in accordance with them, even after any revocation of your consent
• Processing that is necessary for the purposes of our legitimate interests (e.g. to ensure the security of our sites).

What are your privacy rights?

Please note that you are not required to provide us with any information, which is voluntary. However, we will not be able to provide you with our service without providing the information marked as required.

Pursuant to Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC, you have the right to the company as the administrator of your personal data:

• Request access to the personal data we process about you and you have the right to access this personal data and other information referred to in Article 15 of the Regulation.
• Request the correction of personal data that we process about you, if they are inaccurate, request the deletion of personal data (right to be "forgotten") in certain cases.
• Require data processing restrictions.
• Obtain personal information about you in a structured, commonly used, machine-readable format, and you have the right to transfer that information to another administrator.
• You have the right to object or process a complaint in certain cases.
• The right to be notified of personal data breaches in certain cases
• Other rights set out in the Personal Data Protection Act and in the General Regulation on Personal Data Protection No. 2016/679 after its entry into force.

You can exercise each of these rights at the contact information below. If we receive your request, we will inform you of the measures taken without undue delay and in any case within one month of receiving the request. This period may be extended by a further two months if necessary and taking into account the complexity and number of applications. Every user using our services has the opportunity to get an overview of all personal data that we record about him.

If your application is not accepted, we are obliged to inform you immediately and no later than one month from the receipt of the reasons for not taking action. In certain cases where your request will be unreasonable or unfounded (especially in cases where the request is unreasonably repeated), we are not obliged by the Regulation to comply in whole or in part with your request. In such cases, we may charge you a reasonable fee taking into account the administrative costs associated with providing the required information or communications or performing the required actions. As a data subject, you always have the right to contact the supervisory authority, which is the Office for Personal Data Protection.

If we receive your request but have reasonable doubts about your identity, we may ask you to provide additional information necessary to confirm your identity.

If you believe that our company is processing your personal data illegally or otherwise violates your rights, you have the right to file a complaint with the supervisory authority, which is the Office for Personal Data Protection, or you have the right to apply for judicial protection.

How can you contact us?

In case of any questions or if you want to exercise your legal rights or express your disagreement with the further sending of our business messages, you can contact us via e-mail: info@rywasoft.net or on the phone number 515 536 300. Also you can reach us by correspondence to the registered office at Křižíkova 70, Brno, 612 00.

In order for us to verify your identity, we may want you to provide us with an appropriate identity. This is a precautionary measure to prevent unauthorized access to your personal information.