I. Basic Provisions
The controller of personal data according to Article 4(7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, GDPR) is:
BECHERPLATZ a.s.
Company ID: 242 96 091 | Registered address: Vodičkova 682/20, B 18172, Prague, registered at the Municipal Court in Prague (hereinafter referred to as the “controller”).
Contact information:
BECHERPLATZ a.s., Vodičkova 682/20, Prague 1
Phone: +420 353 599 999
Email: restaurace@becherplatz.cz
Website: https://becherplatz.cz/
Branch:
T. G. Masaryka 57, 360 01 Karlovy Vary
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be directly or indirectly identified, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. The controller has not appointed a data protection officer.
II. Sources and Categories of Processed Personal Data
The controller processes personal data provided by you or personal data obtained by the controller based on fulfilling your order. The controller processes your identification and contact details and data necessary for contract fulfillment.
III. Legal Basis and Purpose of Personal Data Processing
The legal basis for processing personal data is the fulfillment of the contract between you and the controller according to Article 6(1)(b) GDPR, the legitimate interest of the controller in providing direct marketing (particularly for sending business communications and newsletters) according to Article 6(1)(f) GDPR, your consent to processing for the purposes of direct marketing (particularly for sending business communications and newsletters) according to Article 6(1)(a) GDPR in connection with § 7(2) of Act No. 480/2004 Coll., on Certain Information Society Services, if there has been no order of goods or services. The purpose of processing personal data is to process your order and perform rights and obligations arising from the contractual relationship between you and the controller; when placing an order, personal data required for successful order fulfillment (name and address, contact) are necessary requirements to conclude and fulfill the contract, without providing personal data, it is not possible to conclude or fulfill the contract from the controller’s side, sending business communications, and conducting other marketing activities. The controller does not engage in automatic individual decision-making pursuant to Article 22 GDPR.
IV. Data Retention Period
The controller retains personal data:
for the period necessary to perform rights and obligations arising from the contractual relationship between you and the controller and assert claims from these contractual relationships (for a period of 15 years from the termination of the contractual relationship)
for the period until the withdrawal of consent to personal data processing for marketing purposes, a maximum of 5 years if personal data is processed based on consent
after the retention period, the controller erases personal data in the Recipients of personal data (controller’s subcontractors)
Recipients of personal data are persons:
involved in the delivery of goods / services / payment processing based on the contract
providing e-shop operation services and other services related to e-shop operation
providing marketing services
The controller does not intend to transfer personal data to a third country (a country outside the EU) or an international organization.
V. Your Rights
Under the conditions specified in the GDPR, you have the right to:
access to your personal data according to Article 15 GDPR
rectification of personal data according to Article 16 GDPR, or restriction of processing according to Article 18 GDPR
erasure of personal data according to Article 17 GDPR
objection to processing according to Article 21 GDPR
data portability according to Article 20 GDPR
withdraw consent to processing in writing or electronically to the address or email of the controller specified in Article III of these terms
Furthermore, you have the right to lodge a complaint with the Office for Personal Data Protection if you believe that your right to personal data protection has been violated.
VI. Personal Data Security Conditions
The controller declares that it has taken all appropriate technical and organizational measures to secure personal data. The controller has implemented technical measures to secure data storage and storage of personal data in paper form, particularly encryption, antivirus program. The controller declares that only authorized persons have access to personal data.
VII. Personal Data Security Conditions
The controller declares that it has taken all appropriate technical and organizational measures to secure personal data. The controller has implemented technical measures to secure data storage and storage of personal data in paper form, particularly encryption, antivirus program. The controller declares that only authorized persons have access to personal data.
VIII. Final Provisions
By submitting the order from the internet order form, you acknowledge that you have become acquainted with the terms of personal data protection and accept them in their entirety. You agree to these terms by ticking the consent via the internet form. By ticking the consent, you confirm that you have become acquainted with the terms of personal data protection and accept them in their entirety. The controller is entitled to amend these terms. The new version of the personal data protection terms will be published on its website, and the new version of these terms will be sent to your e-mail address provided to the controller.
These terms take effect on 22nd February 2022.
