GDPR and cookies

General Data Protection Regulations (GDPR)

I. Basic provisions

1. The Personal Data Protection Rules have been prepared by the personal data controller (hereinafter referred to as the "Controller") in order to fulfill the obligation to inform Users (hereinafter referred to individually as the "Data Subject") as personal data subjects about the circumstances of the processing of their personal data, in accordance with the provisions of Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation.

II. Definition of terms

1. Regulation – Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

2. Personal data – information about an identified or identifiable natural person, if this natural person can be identified directly or indirectly based on the given data.

3. Administrator – Czech Canine Association, zs, U Pergamenky 1511/3, Prague 7, 170 00, ID: 00550019, personal data administrator, who determines the purposes and means of processing personal data.
4. Internet pages – pages at the address: www.praguexpodog.cz.
5. Data subject – a natural person who can be identified directly or indirectly on the basis of personal data.
6. User – a natural person who uses the website and who is the subject of personal data within the meaning of the Regulation.
7. Processor – a company that processes personal data for the controller.
8. Operator – in this case, the Administrator.

III. Information on personal data processing activities

1. Cookies

1.1. Within the website, the system uses third-party analytical and marketing tools that use small data files, so-called cookies, to evaluate the behavior and actions of the User on the website. The purpose of using these tools is to analyze the use of the website by the User, which the administrator does with the aim of increasing the User's comfort when using the website.

1.2. Technically, the operation of the tools used is handled through cookies that are accepted by the User's device. Refusal of a given tool means rejection of the cookies that the tool uses.

1.3. The use of cookies can be set using the internet browser. Most internet browsers accept cookies by default. The User can refuse cookies using the internet browser or set the use of only some cookies.

1.4. The legal basis for processing is the legitimate interest of the Administrator in the analytical or statistical evaluation of website traffic.

1.5. The duration of cookie processing is the entire period during which the cookie is stored on the User's computer, until it is deleted or until its validity expires.

1.6. Internal recipients of personal data are employees of the Administrator. External recipients of personal data are
external providers of marketing and analytical tools who are in the position of processors of personal data.

2. Performance of the contract between the Data Subject and the Controller

2.1 The Administrator processes the personal data of the Data Subject that the Data Subject provided to him or personal data that the Administrator obtained in connection with the performance of the contract.

2.2 The Administrator processes the identification and contact data and data of the Data Subject necessary for the performance of the contract.

2.3 The lawful reason for processing personal data is the performance of a contract between the data subject and the controller.

2.4 The legal reason for processing personal data is the controller's legitimate interest in providing direct marketing (sending commercial communications, newsletters).

2.5 The reason for providing personal data to the Administrator is the identification of the contracting parties, which is necessary for the conclusion and performance of the purchase contract.

2.6 The purpose of processing personal data is to process the order and exercise the rights and obligations arising from the contractual relationship between the Data Subject and the Administrator.

2.7 Personal data is processed by the Administrator for the duration of the contractual relationship with the Data Subject. After the expiration or termination of the contract, the data will be processed only for the period for which the Administrator is obliged
by law, to store this data in accordance with binding legal regulations, i.e. for a minimum period of 10 years according to the Value Added Tax Act and for a minimum period of 5 years according to the Accounting Act.

IV. Information to the data subject
1. The data subject has the right to:
• request access to your personal data from the Administrator,
• object to processing,
• correction of personal data,
• deletion of personal data,
• restriction of processing of personal data,
• the portability of this data to another controller,
• file a complaint with the Office for Personal Data Protection if he/she believes that the Controller is acting in violation of the Regulation when processing personal data.

V. Conditions for processing personal data
1. The Administrator is authorized to process the personal data of Users through its authorized employees or through the provider, in the capacity of a personal data processor.

2. Personal data is processed in the form of electronic databases in secure data storage facilities.

3. When processing the personal data of the Data Subject, there will be no automated decision-making or profiling that would have any legal consequences for the User.

4. The Operator does not transfer Users' personal data to third countries or international organizations.

VI. Final provisions

1. By continuing to use the website, the Data Subject expresses his/her free, informed and unambiguous expression of will that he/she agrees with the processing of personal data in accordance with these personal data protection rules and that he/she has been duly and properly instructed and informed about the processing of personal data.

2. The Administrator is entitled to unilaterally change these personal data protection rules in accordance with applicable legislation.

and the data subject, by using the website, expresses his/her agreement with this authorization.

3. The personal data protection rules are issued in electronic form and are accessible on the website.

The personal data protection rules come into effect on May 25, 2018.