If you are our customer, newsletter subscriber or website visitor, you are entrusting us with your personal data. We are responsible for their protection and security. Please familiarise yourself with the personal data protection, policies and rights you have in connection with the GDPR (General Data Protection Regulation).
Who is the data controller?
The controller of your personal data is the company Systers Bio s.r.o., with registered office atVodičkova 736/15, 110 00 Praha 1 Nové Město, ID 117 46 131, registered at the Commercial Register at the Municipal court in Prague, file no. C 353883, which operates the website www.systers.bio. With regards to your personal data (including cookies) we are in the position of administrator: we determine how the personal data will be processed and for what purpose, for how long, and we select any other parties to help us with the processing.
If you want to get in touch with us during the processing, you can contact us at firstname.lastname@example.org.
We declare that, as the administrator of your personal data, we fulfil all legal obligations required by applicable legislation, in particular the Personal Data Protection Act and the GDPR, and therefore that:
- we will process your personal data only on the basis of a valid legal reason, namely legitimate interest, fulfilment of a contract, legal obligation or granted consent,
- according to Article 13 of the GDPR, we fulfil the obligation to provide information even before starting the processing of personal data,
- we will enable and support you in exercising and fulfilling your rights according to the Personal Data Protection Act and the GDPR.
Extent of personal data and processing purposes
We process personal data that you entrust to us yourself for the following reasons (to fulfil these purposes):
- provision of services, fulfilment of a contract
Your personal data such as your email and telephone number are indispensable for us to fulfil the contract (e.g. delivery of goods).
If you are a customer, your personal data (invoice data) are indispensable for us to comply with the legal obligation to issue and register invoices.
- marketing - sending newsletters
We use your personal data (phone number, email, name), also what you click on in the email and when you most often open it for the purpose of direct marketing - sending business communications. If you are our customer, we do so out of legitimate interest, as we reasonably assume that you are interested in our news, until you unsubscribe yourself.
If you are not our customer, we only send you newsletters based on your consent, until you unsubscribe yourself. In both cases, you can withdraw this consent by using the unsubscribe link in each received email, or by requesting it via telephone.
- advanced marketing on the basis of consent
Only on the basis of your consent can we also send you inspiring offers from third parties or use your email address, for example, for remarketing and targeting advertising on Facebook, until you unsubscribe yourself. This can of course be revoked at any time via our contact details.
- photographic documentation, references
Only based on your consent can we use your photos, references, feedback, etc., until you withdraw your consent. We keep your personal data for the duration of the statute of limitations, unless the law stipulates a longer period for their retention or unless we stated otherwise in specific cases.
- security and protection of personal data
We protect personal data to the maximum extent possible using modern technologies that correspond to the level of technical development. We protect them as if they were our own. We have adopted and we maintain all possible (currently known) technical and organisational measures that prevent misuse, damage or destruction of your personal data.
- disclosure of personal data to third parties
Our employees and associates have access to your personal data. In order to ensure specific processing operations that we cannot provide on our own, we use the services and applications of processors who can protect data even better than us and specialise in the specific processing. They are the following providers:
- Facebook - FB pixel
- Google – Google Analytics and Adwords
It is possible that in the future we will decide to use other applications or processors to facilitate and improve the quality of processing. We promise you, however, that in such a case, when choosing, I will place at least the same demands on security and quality of processing on the processor as I place on myself.
Transfer of data outside the European Union
We process data exclusively in the European Union or in countries that guarantee an adequate level of protection based on the decision of the European Commission.
Your rights in connection with the protection of personal data
You have a number of rights in connection with the protection of personal data. If you wish to exercise any of these rights, please contact us via email: email@example.com.
You have the right to information, which is already fulfilled by this information page with the principles of personal data processing.
Thanks to the right of access, you have the right to request information from us at any time and we will provide you with proof of what personal data we process and why within 14 days.
If any of your personal information changes or you find your personal data to be out of date or incomplete, you have the right to complete and change your personal data.
You can exercise the right to restrict processing if you believe that we are processing your inaccurate data, if you believe that our processing is unlawful, but you do not want to delete all data, or if you have raised an objection to the processing.
You can restrict the extent of personal data or processing purposes. (For example, by unsubscribing from the newsletter, you limit the purpose of processing for sending business communications.)
Right to data portability
If you would like to take your personal data and transfer it to someone else, we will proceed in the same way as when exercising the right of access - the only difference being that we will deliver the information to you in a machine-readable format. Here we need at least 30 days.
Right to erasure (to be forgotten)
Your other right is the right to erasure (to be forgotten). We don't want to forget you, but if you wish, you have the right to request it. In this case, we will delete all your personal data from our system and from the system of all sub-processors and backups. We need 30 days to ensure the right to erasure.
In some cases, we are bound by a legal obligation, and, for example, we must register issued bookkeeping documents for a period specified by law. In this case, we will delete all such personal data that are not bound by another law. We will inform you by e-mail about the completion of the erasure.
Complaint to the Office for Personal Data Protection
If you feel that we are not handling your data in accordance with the law, you have the right to contact the Office for Personal Data Protection with your complaint at any time. We will appreciate it if you first inform us of this suspicion so that we can do something about it and rectify any errors.
Unsubscribing from newsletters and business communications
We send you emails with inspiration, articles or products and services if you are our customer, based on our legitimate interest.
If you are not yet a customer, we only send them to you provided we have your consent. In both cases, you can unsubscribe from our emails by clicking on the unsubscribe link in each email you receive.
We would like to assure you that our employees and coworkers who will process your personal data are obliged to maintain confidentiality about personal data and about security measures, the disclosure of which would endanger the security of your personal data. At the same time, this confidentiality continues even after the end of your contractual relations with us. Without your consent, your personal data will not be released to any other third party.