Privacy Policy
GDPR
Information on the protection of personal data of our customers
Science Services pays great attention to the protection of personal data. We apply personal data processing procedures that ensure compliance with the General Data Protection Regulation (GDPR).
Who's who?
Data subject - is any identified or identifiable natural person - the bearer of personal data (in this case, our customers).
Data controller - is an entity that alone or together with others determines the purposes and means of processing personal data.
Science Services is a data controller, particularly in relation to customers and partners with whom they have a contractual relationship.
In the case of marketing of training events (for example, Summer Schools or other courses), no contractual relationship is established and the data controller in these cases is the organization that organizes the course and issues invoices to the participants. In these cases, Science Services acts not as a controller, but as a processor (see next point).
Data processor - an entity that processes personal data for other controllers. Science Services acts as a data controller when it processes data for an organization that organizes an event (e.g. a summer school or other course) and ensures the promotion of the event and registration of participants.
National Supervisory Authority - in the Czech Republic, this is the Office for Personal Data Protection, which receives complaints from data subjects and simultaneously fulfills a supervisory and consulting role towards data controllers and processors.
What personal data do we process?
As part of our customer services, we process:
a) Identification data - which mainly means the name and surname, company ID, VAT number of the organization.
b) Contact details - which mainly means e-mail address, billing address, or telephone number.
Science Services does not process sensitive personal data.
The above data is processed based on the legal principle of contract performance, legal obligation and legitimate interest.
We obtain personal data primarily from orders (or contracts) for services and goods in electronic or paper form.
Given the nature of the personal data processed and the size of the company, we are not required to have an appointed Data Protection Officer.
Personal data security conditions
We have taken all technical and organizational measures to secure personal data (security of data storage and storage of personal data in paper form). Only authorized persons have access to personal data.
Fundamental rights of data subjects
a) The right to information about the processing of personal data - each data subject must be automatically informed of the essential requirements for obtaining and processing personal data (in particular, the contact details of the controller, the purpose and duration of processing).
b) Right to erasure "right to be forgotten" - if the purpose of the processing has ceased to exist or if, for example, the processing subject has withdrawn their consent to the processing.
c) Right to correction or updating of data - the data subject has the right to have the data controller correct inaccurate data without undue delay.
d) Right of access to personal data - the data subject has the right to access the data processed about him/her, in particular the scope, purpose and period of processing.
e) The right to obtain a copy of the processed personal data - the controller is obliged to provide a copy of the processed personal data at the request of the data subject.
f) Right to restriction of processing - the data subject may request restriction of processing if deletion is not possible for various reasons (e.g. due to the defense of legal claims).
g) Right to data portability - the data subject has the right to have data transferred from the controller to another controller in a structured, commonly used and machine-readable format.
h) Right to object to processing - the data subject has the right to object to data processing carried out by the controller in a legitimate interest.
i) Right to lodge a complaint - the data subject has the right to lodge a complaint if he or she believes that his or her data is being processed unlawfully or in breach of the principles of personal data protection. The complaint can be lodged with the Office for Personal Data Protection, address PPlk. Sochora 27, 170 00 Prague 7.