In accordance with the article 13 of the Regulation UE 2016/679 (hereinafter “GDPR”), ZENITH RISE osoba rizikového kapitalu s.r.o., with legal address Rybna 716/24, Stare Mesto, 110 00 Prague 1, Czech Republic, as Data controller of the data processing (hereinafter “Data controller”), advises you that your personal data, acquired regarding the business relations established, will be treated respecting the rights and the basic freedom of the natural persons, with particular regard to the right of the personal data protection.

Personal data origins

The personal data subject to processing were, by You, supplied during the registration phase at our offices or by email, as well as through our authorised business personnel with respect to GDPR.

Purpose and legal base of the processing

Your personal data, conferment of which is necessary to establish a contractual relationship as legal base of the process, will be treated for the following purposes:

a) to provide info on the events planned with the data subject;

b) to let the signed agreements and the related tasks be executed by the Data controller directly, including support and auxiliary services potentially asked by the data subject;

c) for the technical, administrative and accounting management of complaints and disagreements as well as to value the subscription from the Data controller to following contractual propositions urged by the data subject;

d) to forward info and service alerts;

e) to the fulfilment of law duties related to the contractual relationship;

f) for the protection of the contractual rights; The data provided could be moreover treated for the following purposes, in case data subject had granted the consent that constitutes the legal base of the processing:

g) internal statistical analysis for a survey of the preferences;

h) direct marketing activity through the forwarding of promotional and advertising material regarding products or services offered by the Data controller; The conferment of the data and the related processing is to be considered optional and always revocable for the mentioned purposes referred to in letters g), and h), while the refusal of conferment for the purposes referred to in letters a), b), c), d), e), f) will make the execution of the contract impossible.

Processing methods and preservation period

Your personal data will be treated in paper form, digitized and inserted in the pertinent data banks to which will access, and then learn about, the authorised personnel of the relative area of competence, they will treat them referring to the instructions received from the Data controller and/or Data processor if nominated. Your personal data will be preserved for a time not superior to the necessity of achieving the purposes for which they are treated. Once ended the contractual relationship, they can be only treated for administrative purposes and/or to give execution to the duties derived from the regulatory and institutional framework pro tempore applicable and in respect of the deadline for the preservation of the only data on civil law nature. In relations to the processing for marketing purposes, in case of display of the requested optional consents, the collected data will be preserved for a time strictly necessary for the management of the purposes above mentioned according to important criteria for the respect of the current norms, for the accuracy and balance between legitimate interest of the Data controller and rights and freedom of the natural person concerned. The Data controller will adopt every care to avoid use of data for indefinite time, proceeding with periodic frequency to verify in an adequate way the effective continuity of the subject’s interest to which the data is referred, to execute the processing for marketing purposes, as above mentioned.

Categories of subjects to which data can be communicated

The data that the Data controller collects and treats for the execution of contracts stipulated and related commitments, the fulfilment of the duties of law connected to the contractual relationship as well as for the protection of the contractual rights, could be communicated to the following third persons or to the categories of subjects mentioned below:

• suppliers of services for information technology assistance;

• banking institutions for the management of proceeds and payments;

• freelancers and societies of auditing of accounts for fulfilment in administration and accounting;

• other potential subjects/public authorities whose communication is necessary for fulfilment of norm duties.

The subjects belonging to the categories above mentioned treat the personal data in quality of Data processor nominated especially by the Data controller. Your data won’t be disseminated. The Data controller reserves to transfer your personal data to a third Country based on adequate guarantees expected by the current norm.

Rights of the person concerned

The GDPR confers you the management of specific rights, of which to ask the processing holder the confirmation that personal data is being treated, and if so, to obtain the access (right to access); the adjustment of wrong personal data, or the integration of incomplete personal data (right of rectification); the elimination of the same data, if one of the cases expected by the GDPR exists (right to erasure); the limitation of the processing when one of the hypothesis expected by the GDPR occurs (right to restriction); to receive in a structured format, of common use and readable by automatic device, the personal data provided by You to the Data controller and to send the same data to another processing holder (right to data portability).  You also have the right to revoke the consent to the processing of your data, at any time, without compromising the admissibility of the processing based upon the consent given previous the suspension and to oppose in any moment to the processing for marketing purposes (right to object), addressing questions to the Data controller, by phone to n. +420721948194 or by sending an e-mail to the following address info@zenith-rise.com. Except any other administrative or jurisdictional complaint, data subject has the right to complain to a supervisor authority, in case that the treatment violates the GDPR.