Principles of protection and processing of personal data
Protection of personal data
If you are my customer, news subscriber or website visitor, you entrust me with your personal data. I am responsible for their protection and security. Please familiarize yourself with the protection of personal data, policies and rights that you have in connection with the GDPR (Personal Data Protection Regulation).
Who is the administrator?
MgA. Tharindu Jayasundera, MBA., With its registered office in Brno-Židenice, Skorkovského 2718/72, postal code 636 00, IČ: 0837610, DIČ: CZ684624836, a natural person doing business according to the Trade Licensing Act not registered in the Commercial Register. I run the website ceylonwellness.cz. I process your personal data as an administrator, ie I determine how personal data will be processed and for what purpose, for how long and I select any other processors who will help me with the processing.
Contact information
If you would like to contact me during processing, you can contact me at +420 773 578 536 or by e-mail: tharidu.native@gmail.com
I declare
I declare that, as the controller of your personal data, I fulfill all legal obligations required by applicable legislation, especially the Personal Data Protection Act and GDPR, and therefore that: I will process your personal data only for valid legal reasons, especially legitimate interest, performance of the contract; legal obligations or consent granted, I fulfill the information obligation according to Article 13 of the GDPR before starting the processing of personal data, I will enable you and I will support you in exercising and fulfilling your rights under the Personal Data Protection Act and the GDPR.
Scope of personal data and processing purposes
I process personal data that you entrust to me yourself for the following reasons:
● provision of services, performance of the contract
Your personal data in the range: e-mail, name and surname, we absolutely need to fulfill the contract (eg sending access to the application, sending an online course, etc., delivery of goods.
● bookkeeping
If you are a customer, we urgently need your personal data (invoicing data) in order to comply with the legal obligations for the issuance and registration of tax documents.
● marketing - sending newsletters
We use your personal data (e-mail and name), gender, what you click on in the e-mail and when you most often open it for the purpose of direct marketing - sending business messages. If you are our customer, we do so out of a legitimate interest, as we reasonably assume that you are interested in our news, for a period of 5 years from the last order. If you are not our customer, we send you newsletters only with your consent, for a period of 5 years from the grant. In either case, you can revoke this consent by using the unsubscribe link in each email you send.
● advanced consent marketing
Only with your consent can we send you inspiring offers from third parties or use an e-mail address, for example, for remarketing and targeting advertising on Facebook, for a period of 5 years from the approval. This can, of course, be revoked at any time via our contact details.
● photographic documentation - live events such as seminars and courses, references, etc.
We retain your personal data for the duration of the limitation periods, unless the law provides for a longer period for their retention or we have not stated otherwise in specific cases.
Cookies
As we browse my website, we record your IP address, how long you stay on the page, and which page you come from. We perceive the use of cookies to measure website traffic and customize the display of websites as our legitimate interest of the administrator, as we believe that thanks to this we can offer you even better services. Advertising targeting cookies will only be processed with your consent. I can also browse my website in a mode that does not allow the collection of personal data. You can disable the use of cookies on your computer.
Security and protection of personal data
I protect personal data as much as possible using modern technologies that correspond to the level of technical development. I protect them as if they were our own. I have taken and maintain all possible (currently known) technical and organizational measures to prevent the misuse, damage or destruction of your personal data.
Transfer of personal data to third parties
My employees and co-workers have access to your personal information. To provide specific processing operations that I cannot provide on my own, I use the services and applications of processors who can protect data even better than I do and specialize in the processing.
They are providers of the following platforms:
-
operator of applications for communication, web and invoicing: Wix.com (web, email marketing
-
operator of an application for e-mail communication and customer support,
-
Facebook, Instagram, Google,
-
IT service and hosting providers, including Forpsi cloud storage,
-
customer support assistance service providers,
-
providers payment card providers
-
legal service providers, lawyers,
-
providers of printing and postal services,
-
partners cooperating with us in special events for clients. It is possible that in the future I will decide to use other applications or processors, to facilitate and improve processing. However, I promise you that in such a case, when choosing, I will place at least the same demands on the processor for security and quality of processing as for myself.
Data transfer outside the European Union
We process data exclusively in the European Union or in countries that provide an adequate level of protection based on the decision of the European Commission.
Your rights regarding personal data protection
You have many rights in relation to the protection of personal data. If you wish to exercise any of these rights, please contact me via e-mail: tharidu.native@gmail.com
You have the right to information that is already filled in this information page with the principles of personal data processing.
Thanks to the right of access, you can call me at any time and I will show you within 14 days what your personal data is being processed and why. If something changes for you or you find your personal data out of date or incomplete, you have the right to supplement and change your personal data.
You can exercise the right to restrict processing if you believe that I am processing your inaccurate data, if you believe that I am processing illegally, but you do not want to delete all data or if you have objected to the processing. You can limit the scope of personal data or the purposes of processing. (For example, by unsubscribing from a newsletter, you limit the purpose of processing to sending business messages.)
Right to portability
If you would like to take your personal data and transfer it to someone else, we will proceed in the same way as when exercising the right of access - except that I will provide you with the information in machine-readable form. I need at least 30 days here.
Right to delete (be forgotten)
Your next right is the right to delete (be forgotten). If you wish, you have the right to do so. In this case, I will delete all your personal data from my system as well as from the system of all sub-processors and backups. I need 30 days to secure the right to deletion. In some cases, I am bound by a legal obligation, and for example I have to register the issued tax documents for the period stipulated by law. In this case, it will delete all such personal data that are not bound by another law. I will notify you by email when the deletion is complete.
Complaint to the Office for Personal Data Protection
If you feel that I am not handling your data in accordance with the law, you have the right to lodge your complaint with the Office for Personal Data Protection at any time. I will be happy if you inform me of this suspicion first so that I can do something about it and correct any mistakes.
Unsubscribe from sending newsletters and business messages
I send you emails with inspiration, articles or products and services if you are my customer based on my legitimate interest. If you are not a customer yet, I will send them to you only with your consent. In either case, you can unsubscribe from my emails by pressing the unsubscribe link in each email you send.
Secrecy
We would like to assure you that our employees and co-workers who will process your personal data are obliged to maintain the confidentiality of personal data and security measures, the disclosure of which would jeopardize the security of your personal data. At the same time, this confidentiality continues even after the end of our contractual relations with us. Your personal data will not be passed on to any other third party without your consent. These principles of personal data processing apply from 17 November 2020.