Home Virusfree Solutions Resources Customers and support Company Blog
Customer portal CZ Try Virusfree

Privacy and policy

Information regarding personal data protection

Basic information about processing and protection of personal data of the company Excello s.r.o.

Company Excello s.r.o. provides information in accordance with the GDPR (EU) 2016/679 and the act no 101/2000 Sb., about personal data protection, and as amended regarding processing these personal data and free movement of this data and cancellation of the directive 95/46ES and European Parlament and Council (EU) directive 2016/680 about natural person protection in relation to processing personal data by respective institutions towards prevention, investigating, revealing or prosecuting crimes or carrying out of sentence, about free movement of these data.

1. Basic terms glossary

Personal data, is any information about the identified or identifiable natural person with the help of the indentifiers. These are for example the name, identification number, locational data, network identifier, special physical, physiological, genetic, psychic, economical, cultural elements or the social identity of the person

Special category of personal data, so called sensitive data, are data, which testify about ethnical or racial origin, political opinions, faith or philosophical belief, unions membership, health state or sexual life or sexual orientation of the natural person. As a special cathegory of data are considered genetical and biometric data, which are processed towards a unique identification of the natural person. Therefore they have increased level of security during their processing.

Biometric Data are data resulting from a specific technical processing regarding physical or physiological attribute of the behaviour of a natural person, which enables identification, for example delineation of the face or daktyloscopy data.

Genetical data are data regarding hereditary or obtained genetical attributes of the natural person, which provide information about one´s physiology or health.

Record is a structured file of personal data accessible only due to special criteria.

Subject of data, is a person, who can be directly and indirectly identified

Personal data administrator, is natural or corporate person or another subject, which defines the purposes and means for processing personal data.

Practitioner of personal data, is natural or corporate person or another subject, which processes personal data for the adiministrator.

Data protection authority, is an independent institution. It conducts supervision of following the duties set by law during processing of personal data. It accepts suggestions and complaints of the citizens about breaking the law. It provides consultations in the field of personal data protection. Its activity is limited by the act no. 101/2000 Sb., about personal data protection and the GDPR (EU) 2016/679.

Processing, is an operation or a set of operations with personal data or a file of personal data, which is conducted with or without help of automated procedures.

Automated procedures, are procedures, which are used to process personal data through software. For example gathering, recording, sorting, structurizing, saving, adapting, changing, searching, glimpsing, using, making accesible by transferring, spreading, limiting, deleting, destroying.

Profiling is a form of processing personal data residing in their use to evaluate personal aspects of a natural person for analysis or estimation of aspects regarding one´s work efficiency, economical situation, health state, personal preferences, interests, reliability, behaviour, localizing or movement monitoring.

Recipient is a natural or corporate person or another subject, which is provided with personal data. Authorities, which can prospectively obtain the data in terms of one time equiry are not considered az a recipient.

Third party is a natural or corporate person or another subject, which is not a subject of the data, administrator, practitioner nor the person directly subjected to the administrator or practitioner.

Disposal of personal data is a physical destruction of their carrier, physical deleting

2. Subject and the period of processing of the personal data

The company Excello Ltd, accepts policies of processing personal data in accordance with relevant legal regulations and commits to uphold them in its internal affairs and outside the company in order to keep the personal data protected and that particularly in contact with its business partners and third parties. These regulations adjust and determin the rights and duties of the company during any handling of the personal data, whcih are the subject of the personal data protection.

Person data are processed during the period of the duration of the contract or in the period, which is set by law.

3. Effectivity and purpose

This information are obligatory and enforcable for the whole company, it adjusts handling with all personal data of the subject of the data, especially with data of the customers, business partners and providers. It follows the article 40 of the GDPR 2016/679. They take effect after their acceptance and publication.

The goal is to ensure the appropriate level of the personal data protection through fulfilling the individual tasks for ensuring the concordance with the GDPR. Therefore the registry for processed personal data, risk of processed personal data for rights and liberties of the subjects of the data, individual policies for handling the personal data were made. Furthermore we established an administrator of personal data, we sent and signed contracts with the affected subjects of the data.

4. Principles of the personal data protection

Principles of the personal data protection come from the article 5 of GDPR (EU) 2016/679. The article deals with the principles of the personal data processing:

  1. Transparency, legitimacy, correctness
    • Personal data of the subjects are handled in a correct, legitimate and transparent way.
    • The customer enables an easy access to the information regarding handling with their personal data
  2. Use for a specific purpose
    • Personal data are not in the service of Virus Free used for another purpose, than to which were by the subject of the data originally provided for.Personal data can be used for another purpose, than to which were by the subject of the data originally provided for only under circumstances required by law, as are the cases, where national limitation appear, which require passing down the personal data for the purposes of national security, national defence, public order or prevention, investigation and revealing and prosecuting of criminal acts.
    • Using services or obtaining products isn´t conditioned by the approval of the subject with using their data for other purposes than commencment or fulfilling of a legal relation.
  3. Accuracy and minimalization of the personal data
    • Accuracy – integrity and confidentiality of the data
      • Personal data are continuously updated
      • With regards to the purposes of processing the personal data suitable measures are accepted, which secure erasing or corrections incorrect or incomplete information
    • Minimalization - adequacy
      • Personal data are adequate, relevant and have the according range for the specific purposes of their processing.
      • If the purposes of the processing of the personal data wear off, erasing processes are applied on the personal data.
  4. Limitation of storing
    • Personal data data are stored in the form enabeling identification of the subjects of data during the period necessary for the purposes of the processing
    • Archivation of the data
      • Based on taking principles of processing of the personal data into account, particularly adequacy of personal data, we archive personal data only in cases required by law.
  5. Limitation of further forwarding
    • We provide forwarding of personal data to the practitioners only after their fulfilment of all the requirements of the article 28 based on the contract about processing of the personal data.
    • We provide personal data to the third parties only in cases, where national limitations are present, which require forwarding personal data for the purposes of the state security, national defence, public order or prevention, investigation, and revealing and prosecuting of criminal acts.
  6. Integrity and confidentiality
    • We undertake corresponding technical and organizational measures for proper securing the assurance from unauthorised or illegal processing, from a coincidental loss or damage.

5. What personal data do we proccess?

The company Excello ltd. Processes in the services of the Virus Free following personal data:

  • IP address
  • Email of the recipient
  • Email of the sender
  • Message ID
  • Date
  • Time
  • Subject
  • Name of the attachement
  • Name
  • Surname
  • Phone number
  • Position
  • Content of the e-mail

This regulation can be continuously updated, we keep a right to change it. The date of the last change is listed at the end of this valid document

6. Cathegories of the recipients of the personal data

Personal data of the subjects for the purposes of fulfilling of the legal commitment in the sevices of the Virus Free, are declassified based on the contract, which contains duties to process personal data in accordance with the GDPR:

  • Data centres in the area of the EU.
  • Accounting company.
  • Provider conducting maintanance of the informational technologies.

7. Rights of the subjects of the data Virus Free

Excercising of the rights of the subjects of data and claims are dealt with if we are administrators of the personal data, which we get based on the contractual relationship during using the service of Virus Free or in the connection with this contrational relationship. If we don´t have your data available ot we don´t determine the purposes and means of the processing of your personal data, we are not in position of the administrator of your personal data and we are not obliged to react on claims of these subjects. We recommend to turn with excercising your rights and instancis to the relevant administrator of the personal data – administrator of your e-mail box.

Requests for information about personal data processing can be brought forward in written form with an officialy verified signature or in electronic form with an authentic electronic signature, by sending the request by the data box of the subject of the data, or can be dealth with personally after proving the identity of the subject of the data with an ID.

Your requests will be replied by the administrator of the data without unnecessary delay no later than in one month from receiving the request, if there is no reason to prolonging the deadline. Providing information is free, if the requests aren´t obviously unreasonable or inadequate. In inadequate or groundless cases of requests, the administrator of the personal information may bestow an adequate fee regarding the administrative costs connected with the providing of the requested information or statements, or refuse to meet the request. Administrative fee in the undermentioned cases is determined to be 2000CZK

  • Groundless requests – subject of the data isn´t authorised to excercise the right
  • Inadequate requests – subject of the data still repeats requests, or the subject of the data´s requests in great range or the requests mutually contraditional

In case of ambiguity or questions regarding the processing of your personal data you can write us to the address of our company, which is presented by a ling on our web pages: https://www.excello.cz/cs/kontakty-excello-s.r.o, to an e-mail address: info@excello.cz, or through the data box of to the administrator of the data, ID of the data box: 8cv5ehc

administrator of the data is Tomáš Charvát

The contact place in case of questions and complaints of the subjects of the data is the Office for personal data protection, www.uoou.cz

8. Securing personal data

For securing your personal data, suitable technical and organisational measures are implemented, aimed to protect your personal data from accidental or illegal destruction, accidental loss or change, unauthorised publication or access and any other illegal forms of processing

9. Changes

This regulation can be continuously updated, we keep a right to change it. The date of the last change is listed at the end of this valid document

10. Last change

This regulation was published 3rd of September 2018

Company

Excello s.r.o

IČ: 27444899

DIČ: CZ27444899

Prague, Czechia

Useful links

Customer portal Help

This website uses first and third party cookies for advertising purposes. By clicking "Accept", you consent to the use of cookies. Read more about these cookies.

Decline Accept