Personal data protection
The website www.opengate.cz (“Website”) is operated by OPEN GATE – gymnázium a základní škola, s.r.o., with its registered office at Babice, Na Návsi 5, incorporated in the companies register maintained by the Prague Municipal Court, Section C, File 95491, Company No. 27089941, Tax Reg. No. CZ27089941, Czech Republic (“OPEN GATE”). The Website may contain links to other websites operated by affiliates such as The Kellner Family Foundation (“Affiliates” or “Affiliated Companies” and “Affiliates’ Websites” or “Affiliated Companies’ Websites”).
To access the Website, you are not obliged to give OPEN GATE any personal data, including e.g. your e-mail address.
If in any communication between you and OPEN GATE, OPEN GATE happens to obtain your contact information, OPEN GATE will not use it for any purpose other than communicating with you. If your communication is delivered to OPEN GATE, but on account of its content was intended for an Affiliate (e.g., The Kellner Family Foundation), OPEN GATE is not obliged to forward the communication to the relevant Affiliate; in this case OPEN GATE may (but is not obliged to) provide you with contact information for the relevant Affiliate for you to contact it directly.
Affiliated Companies’ Websites
If you visit any Affiliated Companies’ Websites, please be aware that they may have different policies on privacy. OPEN GATE shall not be held liable in any manner for the procedures and policies of the operators of other websites, including Affiliated Companies’ Websites.
Links to other websites
The Website may also contain links to websites other than Affiliated Companies’ Websites. When you visit any of those websites, you should familiarise yourself with their measures for personal data protection. OPEN GATE shall not be held liable in any manner for the procedures and policies of the operators of other websites.
Advice on rights
Should I enter into communication with OPEN GATE and, further to such communication, OPEN GATE processes my personal data (such as the given name and surname, and contact information) OPEN GATE assumes the position of personal data controller (“Controller”). For such cases, the Controller sets out my rights to my personal data.
Advice on rights under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – this Regulation 2016/679 is hereinafter referred to as the General Data Protection Regulation, or GDPR. GDPR is effective as of 25 May 2018.
I have the following rights as a natural person whose personal data are processed by the Controller:
- under Article 13 GDPR
- I have the right to request access to my personal data from the Controller.
- I have the right to request the rectification or erasure of my personal data or restriction of the processing thereof, and to object to the processing thereof, as well as the right to data portability.
- I have the right to lodge a complaint with a supervisory authority.
- The provision of my personal data to the Controller is not a statutory or contractual requirement; I am not therefore obligated to provide my personal data to the Controller.
- under Article 15 GDPR – the right of access to my personal data
- I have the right to obtain from the Controller confirmation as to whether or not my personal data are being processed, and, where that is the case, access to my personal data and the following information: a) the purposes of the processing; b) the categories of personal data concerned; c) the recipients or categories of recipient to whom my personal data have been or will be disclosed, in particular recipients in third countries or international organisations; d) the envisaged period for which my personal data will be stored, or, if not possible, the criteria used to determine that period; e) the existence of the right to request from the Controller rectification or erasure of my personal data or restriction of processing of my personal data or to object to such processing; f) the right to lodge a complaint with a supervisory authority; g) where my personal data are not collected from me, any available information as to their source; h) the existence of automated decision-making, including profiling, referred to Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for me.
- I have the right to obtain a copy of my personal data processed by the Controller. The Controller may charge me a reasonable fee based on administrative costs for any further copies. Where I make the request by electronic means, and unless I request otherwise, the information shall be provided in a commonly used electronic form.
- under Article 16 GDPR – the right to rectification of my personal data
- I have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning me. Taking into account the purposes of the processing, I shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- under Article 17 GDPR – the right to the erasure of my personal data
I have the right to obtain from the Controller the erasure of my personal data without undue delay where one of the following grounds applies: a) my personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; b) I withdraw consent on which the processing of my personal data is based, and there is no other legal ground for the processing; c) I object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or I object to the processing pursuant to Article 21(2) GDPR; d) my personal data have been unlawfully processed; e) my personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the Controller is subject. The above grounds do not apply to the extent that the processing of my personal data is necessary: a) for exercising the right of freedom of expression and information; b) for compliance with a legal obligation which requires the processing of my personal data by Union or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller; c) for reasons of public interest in the area of public health; d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR; e) for the establishment, exercise or defence of legal claims.
- under Article 18 GDPR – the right to the restriction of the processing of my personal data
I have the right to obtain from the Controller restriction of the processing of my personal data where one of the following applies: a) I contest the accuracy of my personal data, for a period enabling the Controller to verify the accuracy of my personal data; b) the processing of my personal data is unlawful and I oppose the erasure of my personal data and request the restriction of their use instead; c) the Controller no longer needs my personal data for the purposes of the processing, but I require them for the establishment, exercise or defence of legal claims; d) I object to the processing of my personal data pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the Controller or any third party override my legitimate grounds.
In the event that I have obtained restriction of the processing of my personal data in accordance with the above point, my personal data can be, with the exception of their storage, only processed subject to my consent or on the grounds of the establishment, exercise or defence of legal claims, on the grounds of the protection of the rights of another natural person or legal person or on the grounds of other important objectives of general public interest of the Union or of a Member State.
- under Article 19 GDPR – notification obligation regarding rectification or erasure of my personal data or restriction of processing
- The Controller shall communicate any rectification or erasure of my personal data or restriction of the processing of my personal data to each recipient to whom my personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Controller shall inform me about those recipients only if I request it.
- under Article 21 GDPR – the right to object
I have the right to object, on grounds relating to my own particular situation, at any time to the processing of my personal data which is based on point (f) of Article 6(1) GDPR, including profiling based on those provisions. The Controller shall no longer process my personal data unless the Controller demonstrates compelling legitimate grounds for the processing of my personal data which override my interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
I can exercise my right to object by automated means.
- under Article 34 GDPR – communication of a personal data breach
When my personal data breach is likely to result in a high risk to my rights and freedoms, the Controller shall communicate such breach to me without undue delay.
However, the communication referred to in the above point shall not be required if any of the following conditions are met: a) the Controller has implemented appropriate technical and organisational protection measures, and those measures were applied, in particular those that render my personal data unintelligible to any person who is not authorised to access them, such as encryption; b) the Controller has taken subsequent measures which ensure that the high risk to my rights and freedoms referred to in the above point is no longer likely to materialise; c) it would involve disproportionate effort.
Should you have any questions or suggestions regarding privacy protection when using the Website you can contact firstname.lastname@example.org.