Personal Data Protection


We recognise the importance of protection of the personal data of our customers and business partners. This site provides a comprehensive and structured overview of the information we collect concerning the identification of persons and when we collect them.

Information on personal data protection

This site will tell you everything about the personal data processing that we carry out. If we process your personal data, you will find here detailed information on your rights and the manner in which your rights can be exercised. You will find more details on each individual processing, your rights and the manner in which your rights may be exercised under the following links designating specific groups of persons whose personal data are being processed, or specific types of processing.

  1. Employee personal data
  2. Marketing (information on services and goods, including commercial communications and data profiling)
  3. Suppliers of goods and services and their representatives
  4. Conference and event participants

Key characteristics of each individual processing

  1. Employee personal data – processing of employees’ personal data to ensure compliance with the employer’s legal obligations (performance of employment obligations) and the exercise and protection of the employer’s rights and legal interests, or processing based on the employee’s consent, as the case may be.

    Comprehensive information on the processing, including details of your rights, the requirements for exercising your rights and the manner in which your rights may be exercised, is available HERE.

  2. Marketing – collection and processing of data for the purposes of identifying the best service offer for customers, promoting sales and building the Company’s reputation.

    Comprehensive information on the processing, including details of your rights, the requirements for exercising your rights and the manner in which your rights may be exercised, is available HERE.

  3. Goods or service suppliers and/or their representatives contact information – retention of contact data used for entering into and data necessary for the performance of contracts with the suppliers of goods or services; retention of any contact information of the suppliers’ representatives (employees, statutory representatives or other designated persons).

    Comprehensive information on the processing, including details of your rights, the requirements for exercising your rights and the manner in which your rights may be exercised, is available HERE.

  4. Conference and other event participants data – retention and processing of the personal data of conference or similar event participants and attendees in order to ensure their participation in the event.

    Comprehensive information on the processing, including details of your rights, the requirements for exercising your rights and the manner in which your rights may be exercised, is available HERE.


↑ Back to overview

I. EMPLOYEE PERSONAL DATA

  1. CONTROLLER

    The personal data controller is Blue Events, s.r.o. with its registered office located at Vysokovská 1336/15, 193 00 Prague 9, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Entry No. 65675 (hereinafter the „Controller“).

  2. YOUR RIGHTS

    You have the following rights in respect of the personal data processing concerned:

    1. ACCESS – The right to be informed whether or not your personal data are being processed. If your personal data are being processed, you have the right to obtain information about the processing in the prescribed extent and the right to obtain, under certain conditions, a copy of the processed personal data;

    2. RECTIFICATION – The right to request rectification if the personal data processed are inaccurate, or the right to request completion if the data are incomplete;

    3. ERASURE (right to be forgotten) - The right to request, under certain conditions stipulated by law (withdrawal of consent, termination of contract, unlawful processing), erasure of the personal data;

    4. RESTRICTION OF PROCESSING – The right to request marking and, if applicable, restriction (suspension) of the processing pending verification of accuracy of the data, lawfulness of the processing or response to an objection or to ensure protection of your interests (exercise or protection or defence of rights and legitimate interests);

    5. COMPLAINT – The right to lodge a complaint to the Office for Personal Data Protection against the Controller, the processing or the terms and conditions of exercising your rights. See www.uoou.cz for the contact details and other information about the Office;

    6. WITHDRAWAL OF CONSENT – concerning the use of photographs. Your consent may be withdrawn at any time (in writing). The withdrawal of consent shall not affect the lawfulness of the processing of personal data carried out before the withdrawal. In consequence of your withdrawal of consent, the photographs used by the Controlled on the grounds of your consent will be erased.

    You can find details of individual rights, their characteristics and the conditions under which the rights arise and may be exercised HERE.

    The Controller has not designated a DATA PROTECTION OFFICER.

  3. PURPOSE OF PROCESSING

    The Controller processes personal data for the purpose of:

    Performance of the employment obligations between the employee and the employer. Compliance with the employer’s legal obligations (obligatory records pursuant to the Labour Code, social and health insurance, tax obligations) and contractual obligations.

    Promoting sales and customer care in the case of an employee’s photograph.

  4. LEGAL GROUND FOR PROCESSING

    The legal ground for the processing of personal data is: compliance with the legal obligations to which the Controller is subject pursuant to the labour, social security and tax regulations (Art. 6(1)(c) of the GDPR) and performance of the contract with the employee (Art. 6(1)(b) of the GDPR).

    An employee’s photograph may be used on the grounds of the employee’s consent.

  5. SCOPE OF THE DATA being processed

    The Controller processes the following data for the above purpose:

    Employees’ identification and contact data, their qualification data, information on the progress of employment (particularly the time worked, wage, statutory deductions, liability claims, disciplinary matters, workplace injuries and occupational diseases, annual leave periods, bank account number, and/or the number of children and their age, if applicable), the health insurance company, personal identification (“birth”) number, data related to tax records (in the event of spouse/child relief, also the data on the spouse and children, including their personal identification (“birth”) numbers).

    An employee’s photograph, if the employee has given his/her consent.

  6. PROVISION OF DATA IS MANDATORY

    The processing of personal data related to the performance of employment obligations by the employer is required by law or necessary for the performance of the contract with the employee.

    Provision of data by the employee is therefore mandatory; failure to provide mandatory data may constitute violation of labour discipline, and may lead to the obligation to compensate the damage incurred; the damage may take the form of e.g. public law sanctions (fines) imposed upon the employer for an offence of the failure to submit to a public authority (e.g. the Regional Social Security Administration Office) the mandatory report (e.g. the registration of an employee for the purposes of insurance).

    Employee’s consent to use his/her photograph is optional.

  7. PERIOD for which the personal data are stored and processed

    The Controller processes personal data as follows: for the period stipulated by the applicable law in the case of each individual processing of personal data required by law; for the period of performance of employment obligations in the case of data necessary for the performance of fundamental employment relationship (under employment contract, agreement to perform work, or agreement to complete a job), or even further, if it is necessary for the performance of partial obligations (e.g. a non-competition clause) or for the exercise or defence of the Controller’s rights (e.g. liability for damage, dispute concerning invalidity of termination of employment, proof of compliance with public law obligations, payment of claims, etc.).

    In the case of photographs, until withdrawal of consent.

  8. PLACE where the personal data will be processed

    The place of processing of personal data is: the Controller’s offices and establishments, including the Controller’s registered office.

  9. THIRD COUNTRY

    In the course of personal data processing, personal data are NOT transferred outside the EU.

  10. PROCESSOR

    A personal data processor pursuant to Art. 4(8) of the GDPR or a third party authorised by the Controller to process personal data may be engaged in the processing of personal data. In such cases, the Controller will minimise the risk of unauthorised disclosure, destruction, processing or loss of the personal data.

  11. AUTOMATED DECISION-MAKING AND PROFILING

    Automated decision-making means decisions that are made by automated means or based on the output of automated processes, without human intervention/volition.

    Profiling means the use of personal data to evaluate certain personal aspects relating to a natural person, e.g. to predict that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, etc.

    In connection with the processing of personal data, automated decision-making WILL NOT be used.

    In connection with the processing of personal data, profiling WILL NOT be used.


↑ Back to overview

II. MARKETING

  1. CONTROLLER

    The personal data controller is Blue Events, s.r.o. with its registered office located at Vysokovská 1336/15, 193 00 Prague 9, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Entry No. 65675 (hereinafter the „Controller“).

  2. YOUR RIGHTS

    You have the following rights in respect of the personal data processing concerned:

    1. WITHDRAWAL OF CONSENT – Your consent may be withdrawn at any time in the manner stipulated HERE. The withdrawal of consent shall not affect the lawfulness of the processing of personal data carried out before the withdrawal. Upon your withdrawal of consent, the processing of your data for marketing purposes will be terminated;

    2. ACCESS – The right to be informed whether or not your personal data are being processed. If your personal data are being processed, you have the right to obtain information about the processing in the prescribed extent and the right to obtain, under certain conditions, a copy of the processed personal data;

    3. RECTIFICATION – The right to request rectification if the personal data processed are inaccurate, or the right to request completion if the data are incomplete;

    4. ERASURE (right to be forgotten) – The right to request, under certain conditions stipulated by law (withdrawal of consent, termination of contract, unlawful processing), erasure of the personal data;

    5. RESTRICTION OF PROCESSING – The right to request marking and, if applicable, restriction (suspension) of the processing pending verification of accuracy of the data, lawfulness of the processing or response to an objection or to ensure protection of your interests (exercise or protection or defence of rights and legitimate interests);

    6. COMPLAINT – The right to lodge a complaint to the Office for Personal Data Protection against the Controller, the processing or the terms and conditions of exercising your rights. See www.uoou.cz for the contact details and other information about the Office;

    7. PORTABILITY – The right to receive, under certain conditions stipulated by law, personal data for the purposes of their further processing by another person designated by you and to transmit those data to such person or to request that the data be transmitted directly to the other person for processing.

    In addition, you have the following right:

    • RIGHT TO OBJECT – The right to request that your personal data be no longer processed for a task carried out in the public interest, for the legitimate interests pursued by the Controller or by a third party or for marketing purposes.

    You can find details of individual rights, their characteristics and the conditions under which the rights arise and may be exercised HERE.

    The Controller has not designated a DATA PROTECTION OFFICER.

  3. PURPOSE OF PROCESSING

    The Controller processes personal data for marketing purposes: Sending information about the Controller’s services, or information about the goods and services of partners of the conferences and similar events organised by the Controller, including a direct offer of the partners’ goods or services. The commercial communications take into account the addressee's anticipated needs, interests and preferences based on data profiling using the data on the addressee’s participation in the events (conferences) organised by the Controller.

  4. LEGAL GROUND FOR PROCESSING

    The legal ground for the processing of personal data is: consent of the data subject (Art. 6(1)(a) of the GDPR).

  5. SCOPE OF THE DATA being processed

    The Controller processes the following data for the above purpose:

    Identification and contact data, i.e. the first name, surname, academic title, phone number, email address, information on attending the Controller’s previous events (conferences) which the person participated in or at least registered for, job position and information on the employer.

  6. PROVISION OF DATA IS VOLUNTARY

    The provision of personal data is voluntary.

  7. PERIOD for which the personal data are stored and processed

    The Controller processes personal data for the purpose stipulated in Paragraph 3: until withdrawal of consent.

  8. PLACE where the personal data will be processed

    The place of processing of personal data is: the Controller’s offices and establishments, including the Controller’s registered office.

  9. RECIPIENTS to whom the personal data may be disclosed

    The personal data are disclosed to the following recipients (categories of recipients): NO RECIPIENTS.

  10. THIRD COUNTRY

    In the course of personal data processing, personal data are NOT transferred outside the EU.

  11. PROCESSOR

    A personal data processor pursuant to Art. 4(8) of the GDPR or a third party authorised by the Controller to process personal data may be engaged in the processing of personal data. In such cases, the Controller will minimise the risk of unauthorised disclosure, destruction, processing or loss of the personal data.

  12. AUTOMATED DECISION-MAKING AND PROFILING

    Automated decision-making means decisions that are made by automated means or based on the output of automated processes, without human intervention/volition.

    Profiling means the use of personal data to evaluate certain personal aspects relating to a natural person, e.g. to predict that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, etc.

    In connection with the processing of personal data, automated decision-making WILL NOT be used.

    In connection with the processing of personal data, profiling WILL be used. Specifically, profiling will be used to determine preferences according to the participant’s job position and previous participation in the Controller’s conferences.


↑ Back to overview

III. GOODS OR SERVICE SUPPLIERS AND/OR THEIR REPRESENTATIVES CONTACT INFORMATION

  1. CONTROLLER

    The personal data controller is Blue Events, s.r.o. with its registered office located at Vysokovská 1336/15, 193 00 Prague 9, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Entry No. 65675 (hereinafter the „Controller“).

  2. YOUR RIGHTS

    You have the following rights in respect of the personal data processing concerned:

    1. ACCESS – The right to be informed whether or not your personal data are being processed. If your personal data are being processed, you have the right to obtain information about the processing in the prescribed extent and the right to obtain, under certain conditions, a copy of the processed personal data;

    2. RECTIFICATION – The right to request rectification if the personal data processed are inaccurate, or the right to request completion if the data are incomplete;

    3. ERASURE (right to be forgotten) – The right to request, under certain conditions stipulated by law (withdrawal of consent, termination of contract, unlawful processing), erasure of the personal data;

    4. RESTRICTION OF PROCESSING – The right to request marking and, if applicable, restriction (suspension) of the processing pending verification of accuracy of the data, lawfulness of the processing or response to an objection or to ensure protection of your interests (exercise or protection or defence of rights and legitimate interests);

    5. COMPLAINT – The right to lodge a complaint to the Office for Personal Data Protection against the Controller, the processing or the terms and conditions of exercising your rights. See www.uoou.cz for the contact details and other information about the Office;

    In addition, you have the following right:

    • RIGHT TO OBJECT – The right to request that your personal data be no longer processed for a task carried out in the public interest, for the legitimate interests pursued by the Controller or by a third party or for marketing purposes.

    You can find details of individual rights, their characteristics and the conditions under which the rights arise and may be exercised HERE.

    The Controller has not designated a DATA PROTECTION OFFICER.

  3. PURPOSE OF PROCESSING

    The Controller processes personal data for the purpose of performance of a contract and for the legitimate interests pursued by the Controller: recording potential goods or service suppliers’ identification and contact data for the purposes of contract negotiation, recording any communication related to supplier contract negotiation (to prove the content of a contract or pre-contractual liability, etc.), execution and performance. Concerning the performance of a contract, the data include the documents and correspondence relating to the performance of contractual obligations as evidence of the manner in which the contract is discharged and the rights are exercised and protected.

    If the supplier is not the sole party to the contract, the data of its employees, statutory representatives or other persons designated to negotiate, execute or ensure performance of the contract, are recorded.

  4. LEGAL GROUND FOR PROCESSING

    The legal ground for the processing of personal data is:

    • if the supplier is a natural person: the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) in relation to the register of potential suppliers, and the steps necessary prior to entering into and performing a contract with the data subject (Article6(1)(b) of the GDPR) in the phase of entering into, and performance of, the contract with the data subject;

    • if the supplier is a legal entity: the legitimate interests pursued by the Controller (Article 6(1)(f) of the GDPR) in relation to the supplier register and the negotiation and performance of a contract, where the personal data of the supplier’s representatives are undergoing processing.

  5. SCOPE OF THE DATA being processed

    The Controller processes the following data for the above purpose:

    • if the supplier is a natural person: identification and contact data, i.e. the first name, surname, academic title, subject of business and place of business, as well as the data relating to the contractual obligation, including related communication on contract negotiation and contract performance;

    • if the supplier is a legal entity: identification and contact data of the legal entity’s representative (business contact information), job position, and communication relating to the negotiation and performance of the contract with the employer.

  6. PROVISION OF DATA IS NECESSARY

    The provision of personal data, if connected with the entering into, and performance of, a contract, is necessary. Without the data, the contract cannot be concluded or performed.

  7. PERIOD for which the personal data are stored and processed

    The Controller processes personal data as follows: for the necessary period of time, i.e. for the entire period of cooperation or potential cooperation with the data subject. In the case of contractual obligations, until the fulfilment of the obligation and for the duration of the applicable statutory time limits, including e.g. the deadlines for notification of defects, the periods under the statute of limitations and the statute of repose in the context of possible claims arising from a contract. In addition, prescribed data and documents may be retained for the prescribed period, as laid down by the applicable law (e.g. tax records, etc.).

  8. PLACE where the personal data will be processed

    The place of processing of personal data is: the Controller’s offices and establishments, including the Controller’s registered office.

  9. RECIPIENTS to whom the personal data may be disclosed

    The personal data will be disclosed to the following recipients (categories of recipients): NO RECIPIENTS.

  10. THIRD COUNTRY

    In the course of personal data processing, personal data are NOT transferred outside the EU.

  11. PROCESSOR

    A personal data processor pursuant to Art. 4(8) of the GDPR or a third party authorised by the Controller to process personal data may be engaged in the processing of personal data. In such cases, the Controller will minimise the risk of unauthorised disclosure, destruction, processing or loss of the personal data.

  12. AUTOMATED DECISION-MAKING AND PROFILING

    Automated decision-making means decisions that are made by automated means or based on the output of automated processes, without human intervention/volition.

    Profiling means the use of personal data to evaluate certain personal aspects relating to a natural person, e.g. to predict that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, etc.

    In connection with the processing of personal data, automated decision-making WILL NOT be used.

    In connection with the processing of personal data, profiling WILL NOT be used.


↑ Back to overview

IV. CONFERENCE AND EVENT PARTICIPANTS DATA

  1. CONTROLLER

    The personal data controller is Blue Events, s.r.o. with its registered office located at Vysokovská 1336/15, 193 00 Prague 9, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Entry No. 65675 (hereinafter the „Controller“).

  2. YOUR RIGHTS

    You have the following rights in respect of the personal data processing concerned:

    1. ACCESS – The right to be informed whether or not your personal data are being processed. If your personal data are being processed, you have the right to obtain information about the processing in the prescribed extent and the right, under certain conditions, to obtain a copy of the processed personal data;

    2. RECTIFICATION – The right to request rectification if the personal data processed are inaccurate, or the right to request completion if the data are incomplete;

    3. ERASURE (right to be forgotten) – The right to request, under certain conditions stipulated by law (withdrawal of consent, termination of contract, unlawful processing), erasure of the personal data;

    4. RESTRICTION OF PROCESSING – The right to request marking and, if applicable, restriction (suspension) of the processing pending verification of accuracy of the data, lawfulness of the processing or response to an objection or to ensure protection of your interests (exercise or protection or defence of rights and legitimate interests);

    5. COMPLAINT – The right to lodge a complaint to the Office for Personal Data Protection against the Controller, the processing or the terms and conditions of exercising your rights. See www.uoou.cz for the contact details and other information about the Office;

    You can find details of individual rights, their characteristics and the conditions under which the rights arise and may be exercised HERE.

    The Controller has not designated a DATA PROTECTION OFFICER.

  3. PURPOSE OF PROCESSING

    The Controller processes personal data for the purpose of performance of a contract and for the legitimate interests pursued by the Controller, i.e. to ensure participation in a conference or another event organised by the Controller of the applicant or of a person enrolled in the Controller’s conference or another event by the person’s employer, particularly in the context of fulfilment of his/her work-related tasks.

  4. LEGAL GROUND FOR PROCESSING

    The legal ground for the processing of personal data is:

    • the steps necessary prior to entering into and performing a contract with the data subject (Article6(1)(b) of the GDPR), if the application for participation is submitted by a natural person outside his/her employment relationship, in the phase of entering into, and performance of, the contract with the data subject (attending a conference or another event organised by the Controller);

    • the legitimate interests pursued by the Controller (Article6(1)(f) of the GDPR), if the application for the participation of a natural person is submitted by a person other than the participant (i.e. by a legal entity/corporation) in the context of fulfilment of the natural person’s office or employment duties, in order to prove due performance of the contract with the client.

  5. SCOPE OF THE DATA being processed

    The Controller processes the following data for the above purpose:

    • if the participant is a natural person: identification and contact data, i.e. the first name, surname, academic title, subject of business and place of business, as well as the data relating to the contractual obligation, including related communication on contract negotiation and contract performance;

    • if the participant is a legal entity: identification and contact data of the legal entity’s representative (business contact information), job position, and communication relating to the negotiation and performance of the contract with the employer.

    • for a person participating as an employee, a statutory body or another similar body of a legal entity: the first name, surname, academic title, job position, phone number, email address, title.

  6. PROVISION OF DATA IS NECESSARY

    The provision of personal data, if connected with the entering into, and performance of, a contract, is necessary. Without the data, the contract cannot be concluded or performed.

  7. PERIOD for which the personal data are stored and processed

    The Controller processes personal data as follows: contract documentation necessary for the performance of contractual obligations for the period of performance of the underlying contract and further for the retention period of 10 years from the discharge of the contract as laid down by the applicable legislation (tax records).

  8. RECIPIENTS to whom the personal data may be disclosed

    The personal data will be disclosed to the following recipients (categories of recipients): NO RECIPIENTS.

  9. PLACE where the personal data will be processed

    The place of processing of personal data is: the Controller’s offices and establishments, including the Controller’s registered office.

  10. THIRD COUNTRY

    In the course of personal data processing, personal data are NOT transferred outside the EU.

  11. PROCESSOR

    A personal data processor pursuant to Art. 4(8) of the GDPR or a third party authorised by the Controller to process personal data may be engaged in the processing of personal data. In such cases, the Controller will minimise the risk of unauthorised disclosure, destruction, processing or loss of the personal data.

  12. AUTOMATED DECISION-MAKING AND PROFILING

    Automated decision-making means decisions that are made by automated means or based on the output of automated processes, without human intervention/volition.

    Profiling means the use of personal data to evaluate certain personal aspects relating to a natural person, e.g. to predict that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, etc.

    In connection with the processing of personal data, automated decision-making WILL NOT be used.

    In connection with the processing of personal data, profiling WILL NOT be used.


↑ Back to overview

WITHDRAWAL OF CONSENT TO THE PROCESSING OF PERSONAL DATA

If you wish to withdraw your consent to the processing of personal data for marketing purposes, please enter your email address and confirm your withdrawal by clicking the send button.