Terms of personal data protection

I. Basic provisions

1. The controller of personal data pursuant to Article 4 (7) of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of personal data individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "GDPR") is Gama Hard s.r.o, IČ: 25958933 with its registered office at Průmyslová 7, Chrudim 53701 (hereinafter: "administrator").

2. The contact details of the administrator are

   • address: Gama Hard s.r.o, Průmyslová 7, Chrudim 53701

   • e-mail: gamahard@gamahard.cz, telefon: +420 603 525 677

3. Personal data means important information about identified or identifiable natural persons; an identifiable natural person is a natural person that you can directly or indirectly identify, in particular by reference to a specific identifier, for example name, identification number, location data, network identifier or to one or more specific physical, physiological, genetic, mental, economic, cultural elements or the social identity of that natural person.

4. The administrator did not appoint a data protection officer.

II. Legal reason for processing personal data

1. The legal reason for processing personal data is the performance of the contract between you and the controller pursuant to Article 6, paragraph 1, letter b) GDPR. (hereinafter referred to as “Performance of the Contract”) - processing is necessary for the performance of the contract to which he is a party the data subject, or for the implementation of measures taken before the conclusion of the contract at the request of that data subject.

2. There is no automatic individual decision by the administrator within the meaning of Article 22 of the GDPR.

III. Purpose of processing, categories and sources of personal data

Legal reason	Purpose	Data	Data source
Performance of the contract	Order processing or response to a request sent via the contact form	Personal data of clients (contact details)	Contact form, order

IV. Data retention period

1. The administrator stores personal data

   • In the event of a request, we manage the personal data contained in the form only for the purpose of answering or settlement of your inquiry or request / only for the period of negotiations on concluding a contract / maximum 1 year from your requests unless you consent to further processing.

   • In the case of an order, for the time necessary to exercise the rights and obligations arising from the contractual relationship between you and the administrator and the assertion of claims under these contractual relationships. (for a period of 15 years from the end of contractual relationship).

2. After the retention period of personal data, the administrator deletes the personal data.

V. Recipients of personal data (subcontractors of the controller)

1. Recipients of personal data are persons:

   • Providing web / e-shop services (Alexandr Zlesák, DiS. - AZ Computers, IČ 70163278) and other services in connection with the operation of the website / e-shop.

   • Personal data may be provided to the data subject by the provider for the purposes of proper performance of the contract delivery services, as well as to persons to whom administrators provide legal, accounting and IT services in the interest ensuring the proper fulfillment of the obligations set out in generally binding legal regulations. Admin does not have v intends to transfer the personal data of the data subject to a third country, an international organization or other than the above to third

VI. Your rights

1. Under the conditions set out in the GDPR, you have

   • the right of access to his personal data pursuant to Article 15 of the GDPR,

   • the right to correct personal data pursuant to Article 16 of the GDPR, or restrictions on processing pursuant to Article 18 of the GDPR,

   • the right to delete personal data pursuant to Article 17 of the GDPR,

   • the right to object to the processing pursuant to Article 21 of the GDPR a

   • the right to data portability according to Article 20 of the GDPR.

2. You also have the right to file a complaint with the Office for Personal Data Protection if you believe it has been violated your right to personal data protection.

VII. Terms of personal data security

1. The controller declares that it has taken all appropriate technical and organizational measures to secure personal data.

2. The administrator has taken technical measures to secure data repositories and repositories of personal data in paper form, especially passwords, antivirus program, backup, locking.

3. The controller declares that only persons authorized by him have access to personal data.

VIII. Final provisions

1. By sending an order from the online order form or an inquiry from the online inquiry form form, you confirm that you are familiar with the terms of personal data protection and that it is in full you accept.

2. The administrator is entitled to change these conditions. The new version of the terms of privacy will be published on their website.

These conditions take effect on 25.5.2018.