The definition of personal data is based on § 4 (a) of Act no. 101/2000 Sb., on personal data protection and on the amendment of certain other acts, as amended (the Personal Data Protection Act hereinafter). Under this provision, personal data includes any information concerning a specific or specifiable data subject. A data subject is considered specific or specifiable if it can be directly or indirectly identified, especially based on a number, a code, or one or more elements specific to its physical, physiological, mental, economic, cultural, or social identity.
All the data you provide as user, i.e. especially your name, surname, phone number, and e-mail address, and potentially other data such as your date of birth, street address, education, gender, etc.
Your personal data is used solely for analyses, presentations, promotions, surveys and assessments, i.e. especially for the purposes of voting analysis by the vote organizer. Your personal data will also be used for improving and expanding the services provided to you (especially overall improvements to the application functionality, added functionalities, expanded voting options and possibly informational mailings by the organizer)
No. Voting results will always be interpreted in a way that prevents their direct connection with your identity. Our aim in this is to protect the anonymity of your vote. This does not, however, apply if you enter your name, e-mail or other personal data in the optional section for a particular vote.
Will my personal data be used for commercial purposes?
No. Sensitive data in the sense of § 4 (b) of the Personal Data Protection Act, i.e. personal data about your national, racial, or ethnic origins, political stances, membership in trade unions, religion and personal philosophy, sentencing for a criminal offense, health condition, or sexual orientation, and genetic and biometric data enabling your direct identification or authentication, will not be processed. If their processing ever does happen to occur, you will explicitly be asked for your consent again.
Your personal data controller will be the limited liability Czech company Demokracie 2.1 s.r.o., business ID 036 80 941, with its registered office (its headquarters) at Zapova 1559/18, Smíchov, 150 00 Prague 5, entered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File no. 236242, e-mail address email@example.com (“Controller” hereinafter), as the operator of the “d21.me” voting application (the “Application” hereinafter).
You are providing your personal data voluntarily.
You are providing your personal data for an unlimited period. The controller is entitled to process your personal data in its full scope until you request its removal from the controller’s system.
Yes, you can withdraw your consent any time. Just ask the controller in writing or via an e-mail from your e-mail address to erase your personal data, and the controller will perform the erasure without undue delay.
Your personal data will be processed by the controller both manually and automatically through its employees and external processors authorized by the controller on the basis of written contracts in the meaning of Section 6 of the Personal Data Protection Act.
Your personal data will be processed exclusively by your data controller or its contracted processor, who, under their contract executed with the controller, will be bound to protect your personal data at least in the same scope as the controller itself.
Yes, but only if you have provided your personal data within a vote organized by an entity (for example the town or city you live in) to whom your personal data will be provided at its request by your personal data controller (usually for the purposes of organizing another vote, delivering information, etc.). In all cases, however, only the data that you provided within the voting organized by this particular organizer will be provided. Even in this case, the organizer will not be able to find out how you voted. Your personal data will not be provided to any other vote organizer without your consent.
No. Your personal data controller and their data processor will not provide your personal data to any third parties except for the persons providing administrative and technical support for the application’s operation. The employees at your personal data controller or processor and other natural persons processing your personal data based on a contract with your data administrator or processor, as well as other persons who will be required by law and their duties to come into contact with your personal data in the files of the administrator or processor, will be bound by a confidentiality commitment concerning the personal data itself and any security measures whose publication might threaten your personal data’s security. Their confidentiality commitment will remain even if their employment or the corresponding task ends.
Your rights arise primarily from Sections 12 and 21 of the Personal Data Processing Act.
You are above all entitled to ask your data controller for information on your personal data processing, which the controller is obligated to give you without delay. The contents of this information are defined by Section 12 (2) of the Personal Data Protection Act. The controller is entitled to charge for the information provision, in an amount not exceeding the information provision costs actually incurred. The processor may fulfill this obligation of your personal data controller to provide information about your data processing to you.
Furthermore, if you find out or suspect that the administrator or processor is performing your personal data processing in conflict with the privacy protection due a personal data processing data subject or with the Personal Data Protection Act, and especially if your personal data is inaccurate with regard to the purpose of its processing, you are entitled to ask the controller or processor for an explanation and/or request that this condition be remedied, including blocking, correction, complementation, or removal of your personal data. If your request is found justified, the controller or processor will remedy the situation without delay.
Yes, the controller sent this notification on April 13th, 2015, and is registered at the Personal Data Protection Supervisory Authority under ID no. 00058176.
The administrator and the processor are liable to take appropriate measures for prevention of unauthorized or inadvertent access yo your personal data, their change, destruction or loss, unauthorized transfers, other unauthorized processing or other misuse of your personal data. This obligation remains even after the processing of your personal data concludes.
The controller may change these conditions for your personal data protection from time to time. However, if such a change causes any limitation to your rights arising from the above-mentioned principles, this requires your consent. All changes to the principles for your personal data protection will be published on the controller’s website, and you will be notified of any significant changes directly. Previous versions of these personal data protection principles will be archived, and you will have access to them. If you do not agree with the new wording of these principles after they are changed, you may withdraw your consent to the processing of your personal data at any time.