Terms and Conditions for Personal Data Processing
of Apicart s.r.o.
Company ID number: 079 02 221
VAT no.: CZ07902221
Registered office: Rybná 716/24, Staré Město, 110 00 Prague 1
Company entered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Insert No. 309606
Declaration on Personal Data Protection
We store information about our customers in accordance with valid laws of the Czech Republic, primarily Regulation EU 2016/679 (the GDPR) and the Act on Protection of Personal Data, No. 101/2000 Coll., as amended.
Apicart s.r.o. and Personal Data Protection
All visitors to the website and users of Apicart services agree to the following conditions concerning the principles for personal data protection.
- Data sent to Apicart services are not further used in any way and are not disclosed to third parties. All data obtained is available only in administration and serves only for your purposes.
- Apicart does not bear any liability for what you subsequently do with the data.
- The data can be anonymised, after sending a request for anonymisation to the e-mail address: email@example.com.
- Apicart can access your account or information related to your account for the purpose of providing support or maintenance for security reasons or for other business purposes.
- Due to backups of the Apicart system, data are stored on backup discs. By using our services you consent to their storage in multiple places.
Apicart s.r.o. as a Personal Data Controller
- Apicart acts as a personal data controller in relation to the personal data of Users and natural persons that visit the Apicart website.
- Why do we process personal data? For the purpose of performing a contract or performing legal duties Apicart processes, in particular, personal data obtained from the User when completing contact, registration, order, payment and invoicing forms at our website.
- For what period do we process personal data? Users’ personal data are processed for the duration of a contractual relationship and subsequently for the necessary period to ensure security for the service and for the performance of duties that result from special legal regulations.
Apicart s.r.o. as a Personal Data Processor
- Apicart provides the User with data space for the purposes of storing data used in the Apicart system, on Apicart servers. A User’s data can include the personal data of other natural persons (data subjects). In relation to such data Apicart acts as a personal data processor. The User itself is the controller of such personal data. In accordance with Article 28 of the GDPR, the controller and the processor Apicart conclude a Contract on Personal Data Processing, which is available here.
- What is the purpose of processing and how do they deal with data? Apicart does not perform any operations with the User’s data, including personal data, with the exception of storing them at Apicart servers, does not interfere with them in any way, does not alter them, does not disclose them and does not hand them over to third parties (with the exception of their disclosure to government bodies in accordance with the law), unless the Contract provides otherwise. The sole purpose of the handling of such personal data is their storage and the option of disclosing them to the User.
Recipients and Processors of Personal Data
Apicart does not hand personal data over to any other controllers.
The processors of personal data are:
- Companies or natural persons doing business involved in accounting that are authorised to perform accounting transactions.
- Companies or natural persons doing business involved in IT solutions that are authorised to perform IT administration and the development of the software that Apicart uses.
- Companies or natural persons doing business involved in the provision of server services that are authorised to store data.
- Companies providing payment services.
- Companies providing services concerning the sending of e-mails.
Personal data can, in certain conditions, be disclosed to government bodies.
Rights of Data Subjects
As a data subject you have the right:
- To access your personal data.
- To the rectification of your personal data.
- To the erasure of your personal data.
- To the restriction of processing.
- To object to processing.
- To data portability.
- To submit a complaint to the supervisory authority.
- To information regarding rectification, erasure or restriction of processing of personal data.
- To be informed in the event of a personal data security breach.
- To rescind your consent to personal data processing.
Your rights are described in detail in Regulation EU 2016/679 (GDPR) .
You can, in any way, rescind your consent in writing and claim the other rights of a subject, by sending your request to the e-mail address: firstname.lastname@example.org.