INFORMATION ON THE PROCESSING OF PERSONAL DATA
In accordance with Art.13 and Art. 14 of the Regulation (EU) 2016/679 GDPR (GENERAL DATA PROTECTION REGULATION)
Vessel Global s.r.o. welcomes you on its website and through this policy intends to provide you with all of the usefull and necessary information on the processing applied to your personal data.
The Company provides consultancy and training activities for companies, providing solutions for their market entry and business expansion.
Vessel Global s.r.o., in the capacity of data controller, based in klimentská 36, Prague 1, CZ, VAT number: CZ08302634, with this informative provides you with the information about the collection and processing of your personal data.
The personal data protection officer (DPO) is Luigi Mercuri. You can contact him via the following e-mail address: XXXXX.
FIELD OF APPLICATION
In accordance with the European Regulation 2016/679 (hereinafter referred to as “Regulation”), we provide you the information about the collection and processing of personal identifying information and of the other data, collected and received on this website, as freely communicated by you. Such data and information may indeed allow the personal identification and contact, such as name, address, E-mail address, telephone number or information about education, professional profile or enterprise role and data that are not publicly available in any other way.
Vessel Global s.r.o. will not process through this website particular kinds of personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs of the user).
The information provided herein does not concern other sites, pages or online services that can be reached through hypertext links that may be published on the site but refer to resources outside the Vessel Global s.r.o. domain.
DATA AND PROCESSING AIM
Vessel Global s.r.o. (as data controller) collects information that allow the personal identification when you use services present on our website and when you fill in the form. therefore, we collect your personal data when freely communicated by you by filling in of the above-mentioned form, in the “contact” section.
COLLECTING MODALITY AND PROCESSING OF PERSONAL DATA
Your data will be processed according to the principle of privacy and transparency, and every other principle set out in Art.6of the Regulation. The processing will be carried out both manually and/or by computer and telematic means with organizational and processing logics related to the same purposes and in any case in such a way as to guarantee the security, integrity and confidentiality of the data in compliance with the organizational, physical and logical measures provided for by the provisions in force. In the processing carried out by Vessel Global s.r.o. on personal data there is no automated decision-making process that may produce legal effects that concern you or that significantly affects your person in a similar way.
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. IP addresses or domain names of computers used by users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
Such data, which are necessary for the fruition of web services, are also processed in order to:
- Obtain statistic information about the usage of services (most viewed pages, number of visitors per time frame or daily, visitors’ geographic areas, etc.);
- monitor the correct functioning of the services offered;
- carry out controls and security monitoring;
- fulfil legal obligations, observe authority requests, bodies and public organizations, for the exercise of rights, including those of third parties where appropriate, in judicial proceedings and, where provided for, in administrative proceedings or in arbitration or conciliation proceedings.
Navigation data are not stored for more than 160 days and are immediately deleted after their collection (except when needed by judicial Authorities to verify crimes).
FREELY COMMUNICATED DATA
The elective and facultative sending of messages to the contact addresses published on the website or through the form, or differently found, involve the acquisition of the sender’s contact details, necessary to reply and provide the requested information, as well as all the data and information that the sender spontaneously includes in the communications.
DATA COLLECTED THROUGH THE SUPPLY OF THE ACQUIRED SERVICES
Biographical details, such as name and surname, date and place of birth, domicile or residence; tax information, such as tax code and VAT number and bank details, such as IBAN code, may be collected and processed in order to provide the requested service, for the management of the necessary fulfilments such as invoicing, performance of contractual obligations, fulfilment of legal obligations.
LEGAL BASIS OF THE PROCESSING
The legal basis of the processing of the above-mentioned personal data for the above-mentioned purposes is Art.6 paragraph 1 letters b), c) and f) of the Regulation:
- The processing is necessary to the execution of a contract of which the data subject is party or to the execution of pre-contractual measures undertaken at the request of the above-mentioned data subject;
- The processing is necessary in order to comply with a legal obligation to which the data controller is subjected;
- The processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child, do not prevail.
The management and storage of personal data will take place on servers located outside the European Union owned by Vessel Global s.r.o. and/or third-party companies appointed and duly appointed as Data Processors and ensuring data protection levels in compliance with European legislation. In any case, it is understood that Vessel Global s.r.o., should it become necessary, will be entitled to transfer the management and/or storage of personal data to the European Union, ensuring also in this case that such transfer will take place in accordance with the applicable legal provisions by entering, if necessary, into agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission. Data will be processed by the data controller and its appointees mainly with manual and electronic systems protecting the privacy of personal data through technical and organizational security measures, in order to ensure an adequate level of security (e.g. by preventing access to the data to unauthorized persons, except where required by law, or ensuring the ability to restore access to the data in the event of physical or technical incidents).
DATA CONCERNING THIRD PARTIES AND MINORS
Please note that any communication you make to the subject of personal data referring to third parties (family members, partners, family members or third parties) will be under your full responsibility. it will be your task to inform these people of their rights in relation to the processing of their personal data carried out by the subject and to make sure you have their consent to the processing where required by law, unless the law does not allow you to express it on their behalf. In the case of data relating to minors, to also have legal title to the communication, thus relieving Vessel Global s.r.o. from any and all responsibility and burden towards these subjects.
Above mentioned data may be shared with the subjects defined by the Regulations as “Recipients”:
- subjects who typically act as external data processors, with whom the Data Controller has stipulated service agreements.
- Individuals authorized by the Data Controller to process personal data, collaborators, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality.
- Entities acting as autonomous data controllers such as public supervisory bodies or judicial authorities.
RIGHTS OF DATA SUBJECTS
As a data subject, you have the right to access your personal data and ask for any rectification, cancellation, limitation of processing, pursuant to Article 13, paragraph 2, letter (b).
You also have the right to complain to a supervisory authority, pursuant to art. 13, paragraph 2, letter (d).
Art. 15 EU Reg. 2016/679 also recognizes the following rights:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;
- to obtain indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identity of the data controller, and if appointed, the managers and the representative appointed under art. 3, paragraph 1, REG. UE 2016/679; e) the subjects or categories of persons to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
- to obtain: a) the updating, rectification or rather, when you are interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
- to oppose, in its entirety or in part: a) for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for the purposes of direct marketing by automated means extends to traditional methods and that in any case the interested party may exercise the right of opposition even only in part. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two. Where applicable, he also has the rights under Articles 16-21 EU REG. 2016/679 (Right of rectification, right to be forgotten right to limitation of processing, right to data portability, right to object), as well as the right to complain to the Supervisor Authority. The data subject is also granted the right to be informed in a short time (maximum one month) that the request for the activation of one or more of the above-mentioned rights has been taken in charge.
The data controller will process only strictly necessary personal data and only for the time required to fulfil the above-mentioned purposes and, however, for the time required by the Italian and European law, also for the purpose of defending or enforcing a right in court. Moreover, the data controller could keep personal data, specifying the reasons of its decision, for the time necessary to comply with tax obligations and for any checks by the Authorities, pursuant to art. 13 paragraph 2 letter a.
Your personal data will not be object of distribution and/or communication to third parties except when used in the following instances. Your personal data will be accessible to the data controller and any authorized personnel.
Your data may also be accessible to companies/professional studies that provide assistance, advice or collaboration to the owner. Your data may also be communicated, without the need for express consent pursuant to art. 6 letter b) and c) EU REG. 2016/679 for the purposes of the law to supervisory bodies and judicial authorities, following inspections or checks, to all inspection bodies responsible for checks and controls on the regularity of legal requirements, including the scope of prevention/repression of any illegal activity also related to access to the website. In this section we provide you with information about circumstances in which your personal data may be disclosed for the provision of the service both within and outside the European Economic Area (EEA). The transfer of data to these third parties is protected by appropriate prevention methods. We have taken all necessary steps to ensure that the third parties involved process the information provided in accordance with the requirements of GDPR.
Name of the third parties, processed activities, data localization, privacy law of the third parties:
- Twitter (twitter.com)
- Linkedin (linkedin.com)
- Google Inc., statistical analysis of the visits, United States (https://policies.google.com/privacy)
- org, Content Management System, Netherlands (https://wordpress.org/about/privacy/)
- PURSUIT OF RIGHTS
You may at any time exercise your rights or request further information in relation to this document by sending an e-mail to the following address:
To contact the DPO, you can write to: firstname.lastname@example.org
In addition, you always have the right to lodge a complaint with the privacy authority for the protection of personal data, which can be contacted through the site: https://www.uoou.cz/.