GDPR

Declaration of Conformity with Requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

We declare that our company has implemented measures that correspond to the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter the “GDPR”.

These measures include:

• The use of pseudonymisation and encryption of personal data with which we can come into contact as a part of the provision of services for your company;
• Ensuring the continuous trustworthiness, integrity and availability of the information systems we use to provide services for your company;
• The ability to perform timely recovery of the availability of personal data processed as a part of services for your company and access to them in the event of a physical or technical security incident in our information systems;
• In our organisation a set process for informing your company in the event of a breach of the protection of personal data with which we could come into contact as a part of the provision of services for your company;
• The ability, through appropriate measures, to respond to a request for the exercise of rights by a personal data subject (Chapter III of the GDPR);
• A set process of regular assessment of the effectiveness of technical and organisational measures to ensure the security of personal data processed in our company.

Sales and Marketing

Advice on Personal Data Protection (Information)

The information stated below was provided to you, as a personal data subject, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - also referred to as abbreviation GDPR (General Data Protection Regulation).

The key interest and philos ophy of nangu.TV company is the satisfaction of our customers and those with whom we build mutual business relationship. For that purpose we use provided personal data, which we carefully protect and process in accordance with applicable legislation.

What personal data do we use and to whom do we access it?
nangu.TV company (Controller) process the data only for purposes related to a business or marketing relationship. The data includes name, surname, title, job position, employer's name and address, tele phone number, e-mail. In case the subject of personal data (natural person) is directly involved in the business or marketing relationship, the data includes: name, surname, title, address of permanent or temporary residence or seat, telephone number, e-mail, VAT ID, bank account. In case of training offers, we only process your name, surname and e-mail address.

Business partners of the Controller, entities linked to the Controller in terms of assets, Processors of personal data or public power authorities can also be recipients of personal data.

What is the purpose of personal data processing?
Provided personal data is used only for purposes related to delivery of our services and providing information related to offers of our services, products, marke ting events, seminars and conferences by using various communication channels such as electronic means (e-mail, websites, social networks, webinars and more, which allows targeted addressing), by mail, telephone call or personal contact.

What is the legal basis for personal data processing?
We process the data based on the Controller's legitimate interest, because without it we could not properly fulfill the purposes for which the personal data is processed. However, in case of personal data provided for t he purpose of establishing new business contacts, orders we need your consent.

How long is the personal data stored?
Personal data is stored for the duration of the business relationship and then for a period of 4 years after its end. If a business relati onship is not established, the personal data will be deleted after 1 year from the date of providing.

As a personal data subject, what are your rights?
Request from the Controller access to the personal data, i.e. you have the right to obtain from the Controller a confirmation as to whether or not your personal data are being processed, and, where this is the case, you have the right to access them together with the following information:

• The purposes of processing;
• The categories of personal data concerned;
• The recipients or categories of recipient to whom the personal data have been or will be disclosed;
• The envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
• The exist ence of the right to request from the Controller rectification or erasure of personal data or restriction of processing of personal data or to object to such processing;
• The right to lodge a complaint with a supervisory authority;
• All available inform ation about the sources of personal data;
• The existence of automated decision - making, including profiling, about the procedure used, as well as the significance and the envisaged consequences of such processing for me;
• The right to be informed about ap propriate safeguards that relate to the transfer of personal data to third countries (i.e. outside the European Union), in the event the personal data are transferred over to such third country;

The Controller shall provide you with a copy of the personal data undergoing processing.

Request the rectification of personal data, i.e. to have the Controller, without undue delay, rectify inaccurate personal data concerning you, and taking into account the purpose of the processing, you also have the right to ha ve incomplete personal data completed, including by means of providing a supplementary statement;

Request the erasure of personal data (“right to be forgotten”) , i.e. to obtain from the Controller the erasure of personal data concerning you without undue delay, where one of the following grounds applies:

• The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• You withdrew consent on which the processing is based and there is no other l egal ground for the processing;
• The personal data have been processed unlawfully;
• The personal data have to be erased for compliance with a legal obligation;
• The personal data have been collected in relation to the offer of information society services;

The right to erasure does not apply if there is an exception, in particular because processing of personal data is necessary for:

• Exercising the right of freedom of expression and information;
• Compliance with a legal obligation which requires processing by Union or Member State law to which the Controller is subject;
• For the establishment, exercise or defence of legal claims;

Request restriction of processing of personal data, i.e. the right for the Controller to restrict the processing of per sonal data in any of the following cases:

• You contest the accuracy of the personal data processed, processing will be restricted for a period enabling the Controller to verify the accuracy of the personal data;
• The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
• The Controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
• You objected to processing of personal data in the event the personal data are processed for the purpose of legitimate interests of the Controller, including profiling, in such case the Controller will no longer process the personal data, unless legitimate reasons for processing are proved that dominate over the interests or rights and freedoms of the personal data subject, or the establishment, exercise or defence of legal claims;

Where processing has been restricted personal data shall, with the exc eption of their storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State;

Personal data portability, i.e. the right to have the Controller transfer your personal data processed automatically based on your consent to another Controller in a structured, commonly used and machine - readable format; when exercising your right to data portability you have the right to have the personal data transmitted directly from one controller to another, where technically feasible;

The right to object; in the event your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing, and in such case the personal data will no longer be used for such purposes.

File a complaint, for example by sending an e-mail or letter to the Controller’s contact details specified above; a complaint about the Controller’s actions can be made to the Office for Personal Data Protection, registered office: Pplk. Sochora 27, 170 00 Prague 7, Czech Republic.