GENERAL PRINCIPLES OF PERSONAL DATA PROCESSING
A personal data processor is a person who performs any actions with Personal Data, including storing, saving, modifying, providing access to third parties, making a request, using or transmitting personal data.
An authorized processor is a person who has been authorized by the Data Controller under a contract for the processing of personal data, who process personal data to provide goods or services; in cooperation with CarProf for the implementation of joint projects or events or for the implementation of other cooperation. Information about authorized processors can be obtained by asking a question at firstname.lastname@example.org.
A data subject is a natural person who uses, has used or has expressed a desire to use the products or services of the Controller and whose data is processed by the Data Controller in accordance with the general principles of processing personal data.
Personal data - any information about the Data Subject that is known to the Personal Data Processor as a result of its publication or creation (for example, as a result of using the Services), which the Personal Data Processor received in the course of providing the Service (for example, as a result of registration for products or services, participation in surveys, advertising and marketing campaigns), or as a result of a request by the Data Subject to perform a disclosure operation (for example, subscribing to a newsletter).
"Personal data processing" means any operation or set of operations that are performed with personal data or with sets of personal data, whether by automated means such as collecting, recording, organizing, structuring, storing, adapting and modifying, retrieving, consulting, using, disclosure by transmission, distribution or other provision, equalization or combination, limitation, erasure or destruction, or any combination of the above, regardless of the means or methods used.
A third party is a natural or legal person who is not a Data Subject, Controller or Authorized Processor.
II Consent of the data subject
For the purposes of such processing of Personal Data, which requires the consent of the Data Subject, the Processor must obtain the consent of the Data Subject, which the Data Subject may give in the form of an application (for example, if the Data Subject provided the Processor with his contact details, he thereby consented to receive information and offers about the products and services of the Processor) or through a clear affirmative action (for example, by indicating preferences in the appropriate place on the website).
Consent (with the exception of data provided to comply with transactions and legal obligations) can be revoked by the Data Subject at any time by notifying the Data Controller by e-mail email@example.com or by any other simple means provided to the Data Subject by the Data Controller (for example, in the case of personalized offers and advertisements transmitted over the public data network, unsubscribe information is provided there and the opt-out is included).
III Objectives and principles of personal data processing
The Personal Data Processor processes Personal Data for the purpose of concluding and fulfilling agreements or ensuring their implementation, including:
Decide before entering into a contract whether to provide a service or sell a product and on what terms;
To fulfill the obligations assumed before the Data Subject in relation to the supply of goods and services, as well as the promotion of their content and quality;
Disclose and transfer Personal data of the company associated with the Data Controller as part of the contract; to persons participating in the execution of the contract; database administrators (for example, the Commercial Register), registers of unfulfilled obligations, as well as service providers (for example, auditors, consultants) related to the performance of the contract by the Data Controller;
To exercise and defend violated or contested rights (including assistance to third parties).
The Personal Data Processor processes Personal Data in accordance with the law or other regulations in order to:
Assess the reliability of the Client;
Assess internal and external risks; for auditing, analyzing or evaluating the business and its effectiveness;
Ensure the protection of the rights of the data subject (including checking and correcting, supplementing or deleting personal data);
Perform other duties in accordance with the law (for example, transfer data to a procedural authority).
The Personal Data Processor processes Personal Data with the consent of the Data Subject, in particular in order to:
Offer the Data Subject products and services provided on behalf of the Processor (for example, offer new products and / or services by email). Offers do not include notices related to the provision, management or performance of a product or service contract (for example, termination of a contract with a legal entity, reminder to pay an invoice);
Better understand the expectations of the Data Subject in relation to the products and services provided by the Data Processor (for example, personal surveys, market research, aggregated statistical analyzes of consumer behavior, personalized website, etc.) and offer personalized products or services;
Offer the Customer the goods and / or services of carefully selected cooperation partners (for example, segments (special offers);
Organize consumer games and campaigns.
The Personal Data Processor processes Personal Data in the event of a legitimate interest for the transfer of Personal Data within companies associated with the Main Processor for internal administration purposes (including Administration, support services).
The Personal Data Processor must not transfer, rent or otherwise transfer Personal Data to Third Parties or use them by Third Parties (except for the cases and within the limits specified in these General Principles for the Processing of Personal Data).
When processing personal data, the processor of personal data is guided by the principles provided by the legislation on the protection of personal data.
The processor of personal data has the right to record all notifications and orders of the Data Subject, data by means of communication (e-mail, telephone, etc.), as well as other actions performed by the Data Subject for consumption and, if necessary, to use these records to confirm orders or other actions.
To fulfill the purposes of processing personal data, a Personal Data Processor may use Authorized Processors (for example, to perform an analysis of benefits for customers).
IV Personal data protection and liability
The processor of personal data must ensure a high level of protection of personal data, adequate security of personal data, including against unauthorized or illegal processing, as well as accidental loss, destruction or damage, using appropriate technical or organizational measures.
The processor of personal data provides access to Personal Data only to trained employees who have the right to process Personal Data and only to the extent necessary to achieve the purposes of processing Personal Data.
The processor of personal data is responsible for compliance with the requirements provided for by the legislation governing the protection of personal data.
The personal data processor confirms that:
We protect Personal Data and have taken all necessary measures to protect the security of Personal Data;
We collect Personal Data for precisely and clearly defined and legitimate purposes and do not process it in a way that conflicts with these purposes;
We limit the processing of Personal Data to the minimum necessary to achieve the purposes of Personal Data described in these General Principles;
We process Personal Data for as long as it is necessary to fulfill the purposes of processing Personal Data or to fulfill obligations arising from the law;
V Protection of the rights of the data subject
The data subject has the right to access the Personal data stored by the controller and to receive additional information about the processing of his Personal data.
The data subject has the right at any time to file claims and complaints regarding the processing of his Personal data, including the right to seek termination of the processing of Personal data relating to him, disclosure of Personal data or access to them and / or erasure or destruction of the collected data, if such a right is provided for by law on the protection of Personal data.
We assume that any consumption of products or services by minors will be under parental control. A minor Data Subject must obtain the consent of their parents or legal guardians before providing their name, address, email address or any other personal information to anyone on the Internet.
If the Data Subject believes that the Controller has violated their rights in relation to the processing of Personal Data, he has the right to contact the Controller by e-mail firstname.lastname@example.org and demand that the violation be stopped. The data subject has the right at any time to apply for the protection of their data to the Data Protection Inspectorate or to a court.
VI Changes to the general principles of personal data processing
CarProf has the right to unilaterally change the general principles of Personal Data at any time, taking into account the legislation governing the protection of Personal Data.
What are cookies?
A cookie is a text file that is sent and stored on the user's computer of the web pages that he visits. The cookie is stored in the files directory of the user's web browser. If the User has previously visited a web page, the browser reads the cookie and transmits the relevant information to the website or element that originally stored the cookie. More information on cookies is available at www.aboutcookies.org.
Cookies allow us to track website usage statistics, header popularity and website activity. The information obtained from cookies is used to improve the usability and content of the website.
Cookies help us deliver our services according to your wishes and habits. Cookies are commonly used to collect statistics, remember your search preferences, serve targeted ads, improve the relevance of your ads, help you sign up for services, and protect your information.
Rejecting a cookie
The user has the right to refuse the storage of cookies on the computer. If desired, the User must change the settings of his web browser. For a better overview, it is recommended to examine the cookie management options in the user's web browser.