Privacy and Cookies Policy
In accordance with art. 13 of the UE regulation 2016/679
Boost.space s.r.o. (Fiscal Code. and VAT CZ05399521 File C 263053 registered at the Municipal Court in Prague) (Controller), as the processing controller, in accordance and for the effects of art 13 of the UE Regulation 2016/679 (Privacy regulation) and subsequent amendments and integrations, collect and then processes personal data of its customers and suppliers (data subject)
1. Purpose and method of processing
Data subject’s personal data are processed during the ordinary controller activity, in order to pursue the following purposes.
- Complete and correct fulfilment of obligations of the contractual relationship established (Contract)
- Administrative and accounting fulfilments strictly linked to the contract
- Fulfilments of specific obligations provided by the Law, a regulation or a community legislation (for example, anti-money laundering provisions)
- Data subject updating on promotional and marketing actions, through the sent of advertising and promotional material (for example, newsletter), thanks to automated tool and/or traditional means of communication.
The processing of personal data takes place under the authority of the controller, by persons specifically put in charge, authorized and trained in processing method, in accordance with art. 29 of the Privacy Regulation, through manual, computerized or telematic tools, with logics strictly related to the purposes and in any case in order to guarantee the confidentiality and safety of personal data. The processing of personal data may also take place, on behalf of the controller, by the Data Processors specifically designated in accordance with art. 28 of the Privacy Regulation.
Personal data will be stored for a fixed period on the basis of nature and duration criteria written in the contract and also on the needs of protection of the interests of the data subject.
2. Legal basis of the processing, nature of the contribution and consequences of any refusal, consent of the subject data.
2.1 Purposes referred to previous paragraph 1, points 1., 2. and 3.
With reference to the purposes in paragraph 1, points 1, 2 and 3, the transfer of personal data is mandatory and it is a necessary requirement for the execution of the Contract; in fact, the missed contribution determines the impossibility to receive the service covered by the Contract itself and, therefore, the legal basis of the relative treatment is the correct execution and management of the Contract.
2.2 Purposes referred to paragraph 1, point 4 above.
With reference to the purpose in paragraph 1, point 4, the transfer is optional, and the missed contribution of the relative consent only determines the impossibility of receiving updates on promotional and marketing initiatives, also by sending advertising and / or promotional material (for example, newsletters).
3. Subjects or categories of subjects to whom personal data can be communicated and scope of communication.
In relation to the purposes of the process indicated above, and within the strictly relevant limits to the same, personal data of the subject party will be or may be disclosed to the following categories of subjects:
(i) to the Financial Administration and other public authorities, where required by law or upon their request;
(ii) to credit institutions for payment orders or other financial instrumental for the execution of the Contract;
(iii) to the external structures and / or companies of which the Controller relies on, whose aim is carrying out activities, instrumental or consequent to the execution of the Contract
(iv) to external consultants (for example, for the management of tax obligations), if not designated in written form by Data Processors;
(v) to external parties that perform control activities, such as auditing company, board of statutory auditors, supervisory body;
(vi) to factoring companies and / or specialized companies or law firms for the recovery of credits and / or for the protection of their interests / rights;
The above-mentioned subjects, to whom the personal data of the data subject will or may be communicated (as not expressly designated as Data Processors), will process personal data as Data Controllers in accordance with Codice Privacy and the Privacy Regulation, in complete autonomy, being unconnected to the original process performed by the controller.
The updated list of the indicated parties and the Data Processors can be provided by the data subject upon request.
The data of the data subject will not be diffused.
If it was necessary for the performance of the Contract, personal data of the data subject may be transferred to EU countries and / or not-EU countries, in full compliance with the provisions of the Privacy Regulation, the provisions and decisions of the authority responsible for privacy, as well as by the community legislation. In particular, the Controller must comply with the provisions of Decisions 2001/497 / EC, 2004/915 / EC and 2010/87 / EU (depending on the case), which require the subscription of the so-called "Standard contractual clauses" between the legal entities involved in the processing of non-EU data.
4. Rights of the data subject.
Articles 15 and seq. of the Privacy Regulation give the data subject the right to obtain:
The data subject also has the right:
To know the detailed and constantly updated list of subjects to whom the personal data of the data subject may be communicated and to exercise the rights set up in articles 15 and seq. of the Privacy regulation, the company can contact the Data Controller:
Boost.space s.r.o. (Fiscal Code. and VAT CZ05399521 File C 263053 registered at the Municipal Court in Prague)
V jámě 1371/8, Nové Město, 110 00 Praha 1, tel: +420732646464, email email@example.com
Place and date
In accordance with art. 13 of the European Regulation n. 679 of 2016 (the "Privacy Regulation"), as well as the Recommendation n. 2 of 2001 adopted in accordance with art. 29 of the Directive n. 95/46 / EC, Boost.space s.r.o. wants to inform all users and / or visitors of the site www.boost.space (respectively "Users" and "Website"), regarding the use of personal data, log files and cookies collected through the Website.
1. Owner, Data Processors and Data Protection Officer
The personal data processor is Boost.space s.r.o. (Fiscal Code. and VAT CZ05399521 File C 263053 registered at the Municipal Court in Prague), registered office in V jámě 1371/8, Nové Město, 110 00 Praha 1, e-mail firstname.lastname@example.org (hereinafter the "Owner").
The updated list of designated data processors may be provided upon request by data subjects and / or Users.
The company has not appointed a Data Protection Officer.
2. Information collected automatically by the Website - Cookies
a) Information collected automatically
As all websites, our site also uses log files, in which information collected automatically during visits are stored. The information systems and software procedures used to make the Website work properly, in fact, automatically acquire some information during the use, the transmission of which is implied in the use of Internet communication protocols.
The information collected are the following:
This information is processed in an automated form and collected only in aggregate form in order to verify the right operation of the Site.
Cookies are distinguished in:
a. Technical cookies: they are used to browse or to provide the required service. Without the use of these cookies, some operations could not be completed or would be more complex and / or less secure.
b. Profiling cookies: they are used to track navigation and create profiles based on tastes, habits, choices, etc. In this way advertising messages in line with the preferences already shown in the previous online navigation can be transmitted to any device.
Consent is not required for the installation of technical cookies. For the installation of profiling cookies, consent is required: if you do not want the device to receive and store profiling cookies, security settings of the browser can be changed. In fact, through the settings of the browser used for navigation, you can decide whether to delete and / or avoid the installation of cookies on the device used.
It should be noted, however, that by deactivating profiling cookies, it is not possible to fully use certain functions of the website.
3. Personal data that are provided using the Website: for what purpose they will be processed.
Personal data required and provided will help us to access the website www.boost.space (hereinafter the "Website") and to use the following services (the "Website Services"):
Data are processed for the following purposes:
(i) carry out the technical management of the website (ALL);
(ii) acquire, by filling in the appropriate form, the references of website users to satisfy requests for informative / commercial contact (CONTACTS)
(iii) contact the subscribers by sending a periodic newsletter related to the company activities; (NEWSLETTER)
(iiii) analyse preferences, habits, interests and consumption choices, including type, frequency, location of purchases, in order to compile statistics, create specific users’ profiles and carry out predictive activities on future consumption (hereinafter "Profiling Activity")
(v) to execute a PURCHASE AGREEMENT of PRODUCTS -SERVICES (E-COOMERCE)
(vi) give commercial technical information (PRODUCT CATALOG / SERVICES)
(vii) Possibly establish working partnership (WORK WITH US)
(viii) Inform customers about authorized parties to contact in case of interest (RETAILERS)
(ix) Allow access to material exclusively dedicated to registered subjects (PERSONAL AREA)
(x) Allow downloading of technical information on products or services (DOWNLOAD)
Data processing for the aforementioned purposes will be carried out in accordance with Codice Privacy, the Privacy Regulations and all the specific regulations including the provisions of the " Regole del Garante per i programmi di fidelizzazione " of February 24, 2005,and the " Linee guida in materia di trattamento di dati personali per profilazione on-line"of, March, 19, 2015.
In accordance with the " Linee guida in materia di attività promozionale e contrasto allo spam" of July 4, 2013, we highlight that the consent given for the sending of commercial, promotional and marketing communications through automated tools will also extend to the traditional methods of contact.
Data provided will be processed mainly with IT tools under the Controller authority, by people specifically appointed, authorized and trained to process them in accordance with Article 30 of Codice Privacy and Articles 28 and 29 of Privacy Regulation. Please note that appropriate security measures are also taken in accordance with articles 5 and 32 of the Privacy Regulation to prevent data loss, illegal or incorrect use and unauthorized access.
4. Mandatory or optional nature of the consent for data provision, consequences of any refusal and legal basis of the processing
It is specified that for purposes referred to points (i), (ii) and (v) of art. 3 and eventually the following ones, provision of personal data is mandatory because in the absence you cannot use the services offered by the website.
Instead, provision of personal data is not mandatory but optional for the purposes referred to points (iii) and (iv) of art. 3. Missed provision for the purposes indicated above will not allow us to provide Newsletter, Marketing Services, to carry out profiling activity. So it will be possible to freely decide whether or not to give consent for such purposes and without inhibiting the possibility to access the Services offered by the website.
We remind you that, in any case and at any time, you can request Data Controller to delete data through a simple communication to be sent, without special formalities, to the addresses referred to in the previous art. 1.
In accordance with points (i), (ii) and (v) of previous art. 3 and eventually the following ones, the legal basis of the processing is in fact the execution of the services provided through the Site and required (in accordance with article 6, paragraph 1, letter b of the Privacy Regulation and article 24, paragraph 1, letter b of the Codice Privacy); instead, in accordance with points (iii) and (iv) of the previous art. 3, the legal basis of the processing is any consent freely expressed (in accordance with article 6, paragraph 1, letter a of the Privacy Regulations and Article 23 of the Codice Privacy).
5. To whom and in what field we can transmit data
Data may be communicated, within EU, in full compliance with the provisions of the Codice Privacy and the Privacy Rules, to the following subjects:
(i) financial administration and / or other public authorities, where this is required by law or upon their request;
(ii) facilities, parties and external companies on which the Data Controller relies on for the performance of activities connected, instrumental or consequent to the execution of the Site Services - including the cloud computing storage service - when sending the Newsletter and to the profiling activity;
(iii) external consultants (for example, for the management of tax obligations), if not designated in writing Data Processors.
(iv) credit institutions for eventual goods / services purchasing purposes if foreseen in any part of the site
Information collected automatically by the Site, referred to paragraph 2, as well as some anonymous data relating to the number and type of interactions on activities combined with loyalty purposes in the strict sense, may also be transferred to third party Cloud servers located also Extra UE , resulting in such processing necessary for the execution of the requested Site Services. The legal basis for this treatment is therefore art. 49, paragraph 1, lett. b of the Privacy Regulations and Article 43, paragraph 1, lett. b Codice Privacy.
Please note that at any time you can exercise the rights described in Article. 7 of the Codice Privacy and Articles 15, 16, 17, 18, 20 and 21 of the Privacy Regulation, by sending a written communication to the address of the controller in accordance with art. 1 and, for the effect, obtain:
You can also oppose to the processing of personal data previously provided.
With reference to the Newsletter, we highlight the right to request the termination of the processing carried out through extended to traditional methods of contact. Furthermore, the possibility to execute this right is only partially preserved, by requiring the interruption, for example, of the sending of promotional communications made through one or some of the contact tools for which consent has been given.
7. Duration of the process
Except for legal obligations, personal data will be stored for a specified period, based on the nature of the services provided.
Please note that the data stored for profiling or marketing purposes will be kept for a period not exceeding respectively 12 and 24 months from their registration.
8. Security measures
Through the Website, data are processed in compliance with the applicable law and using appropriate security measures in accordance with the law in force in particular art. 5 and 32 of the Privacy Regulations.
Concerning this point, we confirm, among other things, the adoption of appropriate security measures to prevent unauthorized access, theft, disclosure, modification or unauthorized destruction of data processed.
The controller reserves the right to make changes to this Privacy Notice. In this case, users will be informed promptly, when they will use the website again.
This policy was issued in Prague on the 08.04.2020