1 . Protection of personal data
1.2 Retino is controller of personal data of its users according to article 4, bullet 7 of the The General Data Protection Regulation (EU) 2016/679 (“GDPR”). Retino is obliged to process the personal data in compliance with the current legislature, especially with GDPR.
1.3 When signing up, user provides personal data needed for creating the account: name, business name, e-mail address, phone number. This data is collected in order to process the registration and service ordering.
1.4 When signing up, user can opt-in to receive marketing communication. In that case:
- 1.4.1 they agree with Retino using their personal data to send e-mail marketing communication, no more often than 1x a week.
- 1.4.2 this agreement can be withdrawn at any time via contacting firstname.lastname@example.org.
1.5 Retino utilizes sub-contractors for fulfilling its licence agreements and may share personal data with them. Personal data may be stored in third countries. Sub-contractors are verified to follow adequate security standards for processing personal data. Retino has a DPA with all such sub-contractors.
1.6 Retino stores personal data for the time necessary for fulfilling all the obligations arising from the contract between Retino and user, and also for rights enforcement (for the period of 15 years from the conclusion of the contract). After that period of time, the personal data will be erased.
1.7 User has the right to access their personal data accoring to Article 15 of GDPR, correction of their personal data according to Article 16 of GDPR, or limiting the personal data processing according to Article 18 of GDPR. User has the right to ask for erasing their personal data according to Article 17 of GDPR, paragraph 1, bullet a), c)-f). User has the right to raise an objection to personal data processing according to Article 21 of GDPR and also right to personal data transfer according to Article 20 of GDPR.
1.8 User can raise a complaint with designated government body if they think their personal data are not used in compliance with legislature. In Czech Republic, that is Úřad pro ochranu osobních údajů.
1.9 User is not obliged to provide Retino with personal data. However, in that case, Retino cannot enter into contract with the user or fulfill its obligations.
1.10 Retino does not do automatic individual deciding, as described in Article 22 of GDPR.
2. Data processing agreement
2.1 Retino is a processor of the personal data of the clients of the User, according to Article 28 of GDPR. The user is a controller of such data.
2.3 Retino processes common personal data of the User’s clients, which the User has obtained through own business service. Retino uses the data in order to provide its service according to licence agreement.
2.4. Personal data is processed only within Retino or its sub-contractors according to articles 2.6-2.7, and only in the European union area.
2.5. Retino processes personal data for the period of time needed to fulfill its obligations arising from the contract between Retino and its user.
2.7. Retino agrees to processing personal data in compliance with Article 32 of GDPR.
3. Final provisions