Privacy Notice
This website offer services (e.g. convention registration, contact form, etc.) which you can use. If you do so, the website may collect your personal data (i.e. information which may identify a physical person directly or indirectly) which are necessary in order to deliver the service your requested. Any other personal data above the necessary minimum are optional and website will ask for your consent which you can revoke anytime through sections "My profile" or "Contact" once you log in into the website.
KRAZ z.s. (registered under ICO 07869401) is the controller as defined by Article 4(7) of regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). The controller can be reached using mail at KRAZ z.s., Na dolinach 1272/41, 14000 Prague 4, Czech republic, e-mail kraz@kraz.eu, or contact form (the section "Contact") on this website.
Lawful reason for processing of personal data is fulfilling your order in case you decide to use services offered by this website including convention registration to the convention organized by KRAZ z.s. (i.e. the controller) and registration of an account at this website. All collected data (name, date of birth, state affiliation, and email) are the necessary minimum the controller needs to process your order and deliver services according to the agreement defined through registration rules. The controller cannot proceed without such data.
The controller processes data provided by you only. The controller does not perform any profiling or automatic decision making based on the data as defined by Article 22 of GDPR. Personal data will be supplied to service providers in order to deliver the services (e.g. accommodation, meals, etc.) included in your order. The controller may authorize a person to access personal data if necessary for completion of your order. The controller does not intend to share the data with a country outside EU or any international organization.
The controller keeps the personal data for the duration of the agreement as required by regulations (i.e. up to 10 years after the agreement ends). Once the data are no long needed, the controller will erase the data.
According to GDPR, you have following rights:
- Right to access your personal data as defined by Article 15 of GDPR.
- Right to rectify your personal data as defined by Article 16 of GDPR.
- Right to restrict processing of your personal data as defined by Article 18 of GDPR.
- Right to erasure of your personal data as defined by Article 17 of GDPR.
- Right to object the processing of your personal data as defined by Article 21 of GDPR.
- Right to data portability as defined by Article 20 of GDPR.
- Right to revoke a granted consent using the section "My profile" or by contacting us through the section "Contact".
The controller may update this document as necessary. In such a case, the controller will publish the updated on the website and the controller will notify you using e-mail address you have provided.