Processing of personal data

By this, you grant consent to the company Graffin s.r.o., with its registered office at Hvězdova 870/39, 140 00 Prague, ID No.: 26765951, registered in the public register held at the Municipal Court in Prague, section C, insert 92250, (hereinafter referred to as the “Controller”), to process the following personal data in accordance with Act No. 101/2000 Coll., on the protection of personal data (hereinafter referred to as the “Personal Data Protection Act”):

  1. first name and surname
  2. email
  3. First name, surname, and email are necessary for the purpose of sending feedback. These data are typically secured by a password at both the user and system level. User data is backed up to folders secured by standard procedures of the given technology. Backup devices are located in a different part of the building than the server.
  4. You give your explicit consent to the above processing. Consent can be revoked at any time, for example by sending an email or letter to the contact details of the company marketing@graffin.cz, or to the address Kácov 332, 285 09 Kácov.
  5. The processing of personal data is carried out solely by the Controller.
  6. Please note that according to the Personal Data Protection Act you have the right to:
  • revoke your consent at any time,
  • request information about which personal data we process,
  • request an explanation regarding the processing of personal data,
  • demand access to these data and have them updated or corrected,
  • request the deletion of this personal data,
  • in case of doubts about compliance with the obligations related to the processing of personal data, contact us or the Office for Personal Data Protection.
  • It is necessary to distinguish whether the processing of a given personal data is necessary or not – personal data that is not necessary for the specified purpose must not be processed.
  • Revocation does not always lead to destruction! It is necessary to consider whether there are other reasons for processing and whether destruction would not lead to disproportionate harm to the controller – according to this, it is necessary to deal with the data and inform the applicant.