GDPR Compliance

Your data protection rights under EU regulation

At Enchanted Fen, we take your privacy seriously. This page outlines your rights under the General Data Protection Regulation (GDPR) and explains how we handle your personal data in compliance with this regulation.

Data Controller

Enchanted Fen s.r.o. is the data controller responsible for your personal data. Our contact details are:

Enchanted Fen s.r.o.
Vinohradska 1024/25
120 00 Prague 2
Czech Republic
Email: [email protected]

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data that we hold. We may charge a small fee for this service if the request is excessive or repetitive.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data, under certain conditions. This right is also known as the "right to be forgotten." We will comply with erasure requests unless we have a legitimate reason to retain the data, such as legal obligations.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions. When processing is restricted, we can store the data but not use it further without your consent.

Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions. This includes processing for direct marketing purposes, which you can object to at any time.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions. The data will be provided in a commonly used, machine-readable format.

Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing that occurred before you withdrew consent.

How to Exercise Your Rights

If you wish to exercise any of the rights outlined above, please contact us using the following methods:

  • Email: [email protected]
  • Post: Enchanted Fen s.r.o., Vinohradska 1024/25, 120 00 Prague 2, Czech Republic

We aim to respond to all legitimate requests within one month. Occasionally it may take longer if your request is particularly complex or you have made multiple requests.

Data We Process

We process several categories of personal data depending on how you interact with us:

  • Contact Information: Name, email address, company name when you reach out to us
  • Communication Records: Records of correspondence when you contact us
  • Website Usage Data: Information about how you use our website, collected through cookies and similar technologies
  • Business Information: Company details and project requirements when you become a client

Legal Basis for Processing

We only process your personal data when we have a valid legal basis. The legal bases we rely on include:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose
  • Contract: Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • Legal Obligation: Processing is necessary for us to comply with the law
  • Legitimate Interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including satisfying legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your data, and the applicable legal requirements.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

International Transfers

Your personal data is primarily stored and processed within the European Economic Area. If we ever need to transfer your data outside the EEA, we will ensure appropriate safeguards are in place to protect your data in compliance with GDPR requirements.

Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first so we can try to resolve the issue. However, you also have the right to lodge a complaint with a supervisory authority. In the Czech Republic, this is the Office for Personal Data Protection (UOOU).

Office for Personal Data Protection
Pplk. Sochora 27
170 00 Prague 7
Czech Republic
Website: www.uoou.cz

Updates to This Information

We may update this GDPR information from time to time. We will notify you of any significant changes by posting a notice on our website or by contacting you directly if appropriate.

Last updated: January 2024

We use cookies to enhance your browsing experience and analyze site traffic. By clicking "Accept All", you consent to our use of cookies. Learn more