Consent to the processing of personal data
pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the ‘GDPR’)
I agree that the company mentioned below,
Dark Kitchen s.r.o.
Registered address: Tyršova 1832/7, 120 00 Prague 2, Czech Republic,
CRN: 17748500
Telephone: +420 722 448 388
Email: info@dark-kitchen.cz
Website: www.dark-kitchen.cz
(Hereinafter referred to as the ‘Data Controller’)
Shall process my personal data to the extent, for the purposes and under the conditions set out below. I acknowledge that giving consent to the processing of personal data is a contractual requirement of the Data Controller and is entirely voluntary on my part.
Sources and scope of personal data processed
The Data Controller shall process personal data:
- that you have provided by filling in the form, by email, by phone or in person
- that were obtained by the Data Controller from publicly available sources
- that you provide to the Data Controller as part of the service evaluation and feedback
in the scope specified below: name, surname, email address, telephone number and shipping address. In addition, the Data Controller may process your written comments, reviews and photographs taken by you that are publicly available or explicitly provided.
What about payment details?
The Data Controller does not process information relating to your means of payment such as the number and validity date (i.e. data necessary for the purpose of payment for the products and services ordered), as it uses the services of a third party (GoPay) for the purpose of payment processing.
Purpose of processing personal data
Data Controller shall process personal data for the purpose of:
- Proper execution of your order and the exercise of the rights and performance of the obligations arising from the contractual relationship between you and the Data Controller. Without the provision of personal data, the Data Controller cannot accept an order, make a contract, or meet the obligations.
- Provision of information about marketing and discount campaigns, offers of our own services and services of entities under the Spojujeme brand and other information of a promotional and advertising nature (including sending commercial communications and newsletters). This information may be provided via email, phone or SMS.
- Getting feedback and satisfaction surveys.
Retention period for personal data
The Data Controller shall store personal data:
- For as long as necessary to exercise the rights and perform the obligations arising from the contractual relationship between you and the Data Controller and, after its termination, for as long as reasonably necessary to resolve any outstanding liabilities.
- For as long as the consent to the processing of personal data for marketing purposes is withdrawn.
- For as long as permitted by the relevant legislation, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Security of personal data
The Data Controller declares that it has taken all appropriate technical and organisational measures to secure personal data both in electronic and, where applicable, paper form. Only persons authorised by the Data Controller have access to personal data.
Recipients of personal data
Recipients of personal data shall involve the following:
- Persons involved in the processing of your order and the exercise of rights and performance of obligations arising from the contractual relationship between you and the Data Controller;
- Persons providing e-commerce services (Digihood);
- Persons providing marketing services;
- Third-party accounting manager;
- Public authorities (e.g. courts, administrative authorities);
- Legal counsel of the Data Controller.
Your rights
- You have the right to access your personal data. You have the right to obtain information from the Data Controller as to whether it processes your personal data and, if so, what the data are and how they are processed.
- You have the right to have inaccurate personal data corrected or incomplete personal data completed by the Data Controller without undue delay at your request.
- You have the right to have your personal data erased. If the conditions set out in the relevant legislation are met, the Data Controller is obliged to destroy your personal data at your request.
- You have the right to have the Data Controller restrict the processing of your personal data in certain cases specified by applicable law. You have the right to object at any time to processing that is based on the legitimate interests of the Data Controller, a third party or is necessary for the performance of a task carried out in the public interest or the exercise of official authority.
- If you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes. The Data Controller will continue to process your personal data only for the other purposes set out above, in particular to fulfil the contractual relationship between you and the Data Controller.
- The right to data portability gives you the possibility to obtain the personal data you have provided to the Data Controller in a common and machine-readable format. You can subsequently transfer this data to another Data Controller or, if technically possible, request that the data controllers transfer it between themselves.
- You have the right to withdraw your consent to the processing of personal data in writing or electronically to the address or email of the Data Controller.
- If you believe that your right to data protection has been violated, you have the right to file a complaint with the Office for Personal Data Protection (https://www.uoou.cz)