Accessible Transport Challenge Application
CONSENT TO THE PROCESSING OF PERSONAL DATA
1. By granting this consent to the processing of personal data the client provides the company WEB Project, s.r.o., ID No.: 28596935, registered seat at Dlouhá 730/35, Staré Město, 110 00 Praha 1, the Czech Republic, incorporated in the Commercial Register maintained by the Municipal Court in Ostrava, section C, file 44123 (hereinafter referred to as the “processor“) with a consent to process his or her personal data under the terms and conditions stipulated herein.
2. The processor is duly fulfilling its obligations arising from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), (hereinafter as “GDPR“). Since the personal data might be processed in connection with conclusion of the contract using the online form, the processor pursuant to GDPR hereby informs clients who are data subjects (hereinafter as “data subjects”) on processing thereof and on terms and conditions of granting consent to the processing of personal data according to Sec. 1.
3. The processor shall process personal data provided by a data subject within the online form on webpages leadspicker.com and aplicationform.io. Based on this online form the contract between a client and the processor is concluded pursuant to Terms and Conditions of the Leadspicker Online Service. The processor connects its clients with business accelerators, incubators and third parties that organize events, competitions, trade shows or other activities for start-ups, and also with investors or other organizations that provide grants, subsidies or other means of funding to start-ups, as well as with providers of services that are essential or useful for further development or operation of start-ups. The processor informs clients on possibilities to participate in programs of business accelerators and incubators and other events, competitions, trade shows or similar activities focused on development and innovations for start-ups, or even on possibilities of funding their activities, especially using grants and subsidies, as well as on other services related to development and further operation of start-ups and providers of such services, all that with respect to identified needs of start-ups in respective phase of their development.
Identity of the controller and contact details:
WEB Project, s.r.o.
ID No.: 28596935
registered seat at Dlouhá 730/35, Staré Město, 110 00 Praha 1, the Czech Republic
postal address: Vodičkova 30, Praha 1 – Nové Město, 110 00, the Czech Republic
E-mail address: firstname.lastname@example.org
In order to communicate with the controller data subjects shall use primarily e-mail or also postal service.
Processed categories of personal data:
- Contact details of clients – especially names, addresses, e-mail addresses, contact detail to social networks, IP addresses or phone numbers;
Legal basis of processing:
Solemn, unrestricted and informed consent of data subjects.
Purposes of processing:
The processor shall process personal data for purposes of direct marketing, including sending advertisements, and for purposes of providing personal data to third parties that shall further collect and process such personal data especially for purposes of direct marketing.
Recipients or categories of recipients of the personal data:
The processor shall provide personal data to third parties, especially private and public bodies for purposes of further processing and collecting of personal data.
The period for which the personal data will be stored and the criteria used to determine that period:
Personal data shall be stored by the processor over the period of 10 years.Cookies are stored within clients’ devices and therefore with data subjects. The web interface cannot utilize this personal data unless the data subject revisits webpages of the processor. Clients can delete cookies from their devices at any time.
Rights of data subjects:
According to GDPR a data subject is endowed with following rights:
Right of access by the data subject
According to Art. 15 of GDPR the data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
- The purposes of the processing;
- The categories of personal data concerned;
- The recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- The existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- The right to lodge a complaint with a supervisory authority;
- Where the personal data are not collected from the data subject, any available information as to their source;
- The existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) of GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Right to rectification
According to Art. 16 of GDPR the data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (‘right to be forgotten’)
According to Art. 17 of GDPR the data subject shall have the right to obtain from the processor the erasure of personal data concerning him or her without undue delay and the processor shall have the obligation to erase personal data without undue delay where one of the following grounds applies: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed:
- The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of GDPR, or point (a) of Article 9(2) of GDPR, and where there is no other legal ground for the processing;
- The data subject objects to the processing pursuant to Article 21(1) of GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of GDPR;
- The personal data have been unlawfully processed;
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which - the controller is subject;
- The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of GDPR.
Right to restriction of processing
According to Art. 18 of GDPR the data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
- The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- The processor no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
- The data subject has objected to processing pursuant to Article 21(1) of GDPR pending the verification whether the legitimate grounds of the processor override those of the data subject.
Persons with access to personal data
Access to personal data shall have the processor and its employees and members, and also third parties which gained personal data from the processor based on this consent – i.e. processors and controllers who provide sufficient guarantee that they shall process personal data in compliance with GDPR and who shall sufficiently protect personal data.
The right to lodge a complaint with a supervisory authority
According to Art. 77 of GDPR every data subject shall have the right to lodge a complaint with a supervisory authority. The supervisory authority in the Czech Republic is Úřad pro ochranu osobních údajů. Webpage of the supervisory authority.
Legal or contractual obligation to provide personal data, possible ramifications of non-compliance
Personal data are provided voluntarily, there is no obligation to provide personal data. There are no sanctions in case personal data are not provided.
Automated decision-making and profiling
No automated decision-making and profiling shall take place.