Principles of use of data, personal data and their processing
This policy summarizes and describes the information and data we process, how we process and how long they are stored.
You will also find your rights under the General Data Protection Regulation (GDPR) and how to exercise them.
The principles apply to the company:
Museum of the Mladá Boleslav Region, contributory organization
Old Town Square – Castle 1
Tel .: +420 326 325 616
The Museum of the Mladá Boleslav Region, p. O. Has appointed a Commission for the Protection of Personal Data.
For what reasons we process the data
We process information and personal data for three main reasons.
a) Legal reasons – record arising from the law (eg contractual relationship)
b) Data analysis and advertising purposes – a record resulting from the operation
c) In the case of processing on the basis of consent that can be revoked
What data do we process and in what way
All data that you leave us during any cooperation or communication with the Museum of Mladoboleslav, p. O., Or while browsing our website, or when inquiring or using our services and our offer, we divide into two groups:
According to the group to which the data belong, we treat them as follows:
Anonymized data are those data and information that cannot be used in any way, even by simple pairing or combination of these data, to identify the person to whom they belong. Anonymized data, such as, in particular, cookies, device identifiers, website browsing records, IP addresses, date and time of visit or use of our services and websites, server information (for example, search queries on our website), geolocation data , or we process personal preferences automatically in secure applications and on the company’s own servers.
We do not pair data with specific users so that they can be identified as their personal data.
Non-anonymized data are such data that can be easily paired with a specific user or customer and their combination can be used to obtain personal data of an individual. In particular, name, surname, address, age, birth number and date of birth, telephone contact, e-mail address, ID number, VAT number, account number, nationality, document numbers, marketing photo documentation, camera records necessary to protect health and property, data the processing of which is required by law, instructions of employees, copies of other personal documents and more…
We process this data only in secure applications that meet the requirements of GDPR and in the company’s internal repository with limited access, where only trained and competent employees work with them. In printed form, we store such information in locked archives and authorized and trained employees work with them in accordance with the observance of personal data protection. We then store and process all data in accordance with the internal directive on the handling of personal data, the public part of which we can provide for your view upon request, see your rights below.
How long we process data:
We process all information and personal data according to the nature of the purpose for which they are stored.
We process data for analysis, service improvement and advertising purposes with your consent for as long as is strictly necessary for the purposes for which the data was collected.
We keep the data obtained through the website, such as cookies and records of the use of these services, for the time strictly necessary. You can limit their storage, for example, through the Google Analytics Opt-out Browser Add-on.
We keep information and data resulting from contractual relations (invoices, contracts, receipts, etc.) for the period resulting from the law.
Data stored and processed by third parties:
When using third-party applications, we make sure that the data is stored and transmitted in encrypted form and that the application complies with the Data Protection Regulation (GDPR).
What are your rights:
Under the General Data Protection Regulation, you have the right to access, rectify, transfer and delete your data, unless prevented by a legislative purpose.
You also have the right to receive information about how your data is handled.
How you can exercise your rights:
a) You can request information on data processing or storage via e-mail at firstname.lastname@example.org or in writing to the company’s registered office. Depending on the nature of the data, you may be asked to provide proof of identity before submitting the information.
b) You can exercise the right to delete data in the same way.
c) The right to disagree with us processing your data for the purposes of direct marketing, which you can exercise by sending your disagreement to e-mail: email@example.com.
All information on the rights and obligations arising from the General Data Protection Regulation (GDPR) can be found on the website of the Office for Personal Data Protection (https://www.uoou.cz).
We reserve the right to make changes, modifications and updates to this document at any time.
Date of effect of this document: 24. 5. 2018