English in Levels s.r.o.

Gorkeho 2069, 530 02 Pardubice, Czech Republic

http://www.englishinlevels.com

Zdeněk Vaníček


Users of English in Levels sites

Business activities of the company

Processed personal info
  • Name
  • Email
Recipients or categories or recipients of personal data, including recipients in third countries or international organizations

  • IT vendors
  • Accounting company

Details on recipients of personal data are described in section Details of the processor(s)

Details

Persons who have access to data subjects' personal data.

Presumed deadlines for erasure of individual categories (if possible)

Due to current accounting legislation, clients who paid for English in Levels services can be erased in 10 years after the latest invoice.

Details

Presumed deadlines for erasure of data subjects' personal data.

Access rights (job or employee's name)

  • Customer service employees
  • Accountants

Details

Information about who is authorized to process data subjects' personal data.

Confidentiality measures (admission management; access management; system; data classification) and integrity measures (transfer and handling management)

  • All IT systems are secured by username and password and by two-factor authentication (when possible)
  • Printed documents are securely stored at accounting company

Details

A specific way or ways to secure a subject's personal data.

Availability and resilience of the processing systems and services (availability management, swift recovery after an accident)

  • Data are regularly backed-up to secure locations
  • Printed records of invoices are also stored as a backup

Details

The data specify how the service or system processing a subject's personal data is resilient to an outage and how quickly after such incident the service or system renews its operation.

Procedures for regular review and assessment of measures (management of personal data protection, incident management, standard protection of personal data, processing management)

Process of processing personal data is reviewed on yearly basis.

Details

Reviewing the course of processing of a subject's personal data, updating of information about the processing and of the personal data as such.

Legal grounds for processing

Legitimate interests of the controller (providing requested services)

Details

Legal facts giving ground to to processing of the personal data.

From whom does my organization receive personal data?

From the customers themselves

Details

Information whether the processed personal data comes from the data subjects, the organization's own activities or other sources.

Is provision of personal data obligatory and what does this requirement arise from?

Prerequisite for providing the offered services (eg. online courses).

Details

If personal data are provided by the data subjects, this states the reason why the organization needs the data and whether their provision is obligatory.

Are automated decisions or profiling used?

No

Details

This entry states whether automated decisions (without human interventions), including profiling (forecasting future behaviour), take place in the organization based on a subject's personal data.

Details of the processor(s)

  • Google Analytics / Google Inc., Ireland
  • Google Tag Manager / Google Inc., Ireland
  • Facebook / Facebook Inc., Ireland
  • Active 24 hosting / Active24 s.r.o., Czech Republic

Details

This field states information about the processor(s) of personal data whom the company engaged in the processing of the data subject's personal data.

Marketing and advertising

Processed personal info
  • Name
  • Email
Recipients or categories or recipients of personal data, including recipients in third countries or international organizations

IT vendors

Details

Persons who have access to data subjects' personal data.

Presumed deadlines for erasure of individual categories (if possible)

All personal data stored for marketing purposes can be erased in 90 days after receiving the request.

Details

Presumed deadlines for erasure of data subjects' personal data.

Access rights (job or employee's name)

  • Marketing employees
  • Software engineers

Details

Information about who is authorized to process data subjects' personal data.

Confidentiality measures (admission management; access management; system; data classification) and integrity measures (transfer and handling management)

All IT system are secured by username and password

Details

A specific way or ways to secure a subject's personal data.

Availability and resilience of the processing systems and services (availability management, swift recovery after an accident)

Data are regularly backed-up to secure locations

Details

The data specify how the service or system processing a subject's personal data is resilient to an outage and how quickly after such incident the service or system renews its operation.

Procedures for regular review and assessment of measures (management of personal data protection, incident management, standard protection of personal data, processing management)

Process of processing personal data is reviewed on yearly basis.

Details

Reviewing the course of processing of a subject's personal data, updating of information about the processing and of the personal data as such.

Legal grounds for processing

Consent of the data subject

Details

Legal facts giving ground to to processing of the personal data.

From whom does my organization receive personal data?

From customers themselves.

Details

Information whether the processed personal data comes from the data subjects, the organization's own activities or other sources.

Is provision of personal data obligatory and what does this requirement arise from?

It is not. Users can unsubscribe from marketing messages any time without any consequences.

Details

If personal data are provided by the data subjects, this states the reason why the organization needs the data and whether their provision is obligatory.

Are automated decisions or profiling used?

No

Details

This entry states whether automated decisions (without human interventions), including profiling (forecasting future behaviour), take place in the organization based on a subject's personal data.

Where does the organization store the consents to processing of personal data?

In an electronic database

Details

The place where the organization stores the subject's consent to processing of personal data.

The attached summary shows you individual rights that data subjects may claim according to GDPR.

View data subjects' rights

Copyright GDPRset.com in cooperation with Legal-Partners.org