Privacy Policy of Gaze Brothers s.r.o. when Providing Services
1. Introductory provisions and definitions
1.1. This document contains important information regarding the protection of personal data by Gaze
Brothers s.r.o., ID No.: 175 21 513, with registered office at Novovysočanská 2509/3b, Libeň,
190 00 Prague 9, the Czech Republic (hereinafter referred to as "the Company").
1.2. This document contains information on the principles and procedures for the processing of
personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of
the Council of 27 April 2016 on the protection of natural persons with regard to the processing
of personal data and on the free movement of such data, and repealing Directive 95/46/EC
(hereinafter referred to as "GDPR").
1.3. Further in this document, the following terms, when capitalised, shall have the following
meanings:
"Contract" means the legal act by virtue of which the Company undertakes to provide services
to you, whether paid or free of charge.
" " means the software for creating and hosting a booking system as required
by the User.
" " means the end-user software used to make reservations with Users of
"User" means a user of the appoints.cz website or other products or services of the Company.
"Appoints Website" means the www.appoints.cz website
2. General information
2.1. Identification and contact details of the controller: the controller is the Company; the contact e-
mail of the controller is info@appoints.cz.
2.2. The controller is not an obligated person under Article 37 of the GDPR and therefore has not
appointed a data protection officer.
2.3. The controller does not transfer personal data to third countries or international organisations.
2.4. The Company does not carry out profiling or automated individual decision-making within the
meaning of Article 22 of the GDPR.
2.5. Where personal data are processed for the performance of a contract or legal obligation, the
provision of the data is a legal requirement. Where personal data are processed on the basis of
the data subject's consent, the provision of the data is a contractual requirement.
2.6. The supervisory authority is the independent public authority competent for the protection of
personal data in the country concerned. The supervisory authority in the place of the Company's
registered office is the Office for the Protection of Personal Data with its registered office at Pplk.
Sochora 27, 170 00 Prague 7 the Czech Republic.
3. Handling of personal data when providing services to businesses
3.1. Management of personal data
The Company acts as a data controller in relation to the personal data of Users and individuals
contract performance (conclusion of the contract and communication with the User) or the
performance of legal obligations (bookkeeping, issuing tax receipts, etc.).
For this purpose, the Company processes in particular the following personal data: name,
surname, name, registration number, VAT number, residential or registered office address,
telephone number and e-mail address.
Appoints System
Appoints Application
the Appoints System.
who visit the Appoints website. Personal data is processed by the Company for the purpose of
The Company also processes the data it obtains from the User or other natural persons by using
log files (IP address or other online ID). This data is processed by the Company on the basis of
its legitimate interest or the consent of the data subject.
In the event that the Company intends to process personal data other than that referred to in
this article or for other purposes, it does so only on the basis of validly granted consent to the
processing of personal data.
The Company does not process special categories within the meaning of Article 9 of the GDPR,
nor does it process personal data relating to criminal convictions and criminal offences within
the meaning of Article 10 of the GDPR.
Users' personal data is processed for the duration of the contractual relationship and
subsequently for a maximum of 5 years after the termination of the contractual relationship.
Personal data processed for the performance of obligations arising from specific legal
regulations are processed for the period of time provided for by such legal regulations. If it is
necessary to use personal data to protect our legitimate interests, the Company processes
personal data for the period necessary to exercise these rights.
We obtain personal data directly from data subjects when concluding the Contract. The
Company always informs the data subjects which of the personal data they must provide for the
purpose of the performance of the Contract.
3.2. Processing of personal data
The Company provides the User with data space for the purpose of storing data operated within
of natural persons. In relation to personal data that the User stores on the Company's servers
(persons who make a reservation with the User on the User's website), the Company is the data
processor. The controller of this personal data is the User.
Notice to the User
If you collect personal data of natural persons through questionnaires, you become a data
controller and are obliged to comply with all the rules of data protection set out in the GDPR and
other legislation governing this issue. The Company shall not be liable for any breach of the
privacy rules by Users.
Notice to End Users.
Users have such policies. If you provide Users with your personal information, please address
privacy questions directly to the User, as the User is in the position of data controller. We cannot
be responsible for the privacy policies or security practices used by Users, which may differ from
this Privacy Policy.
What is the purpose of the processing and how do we handle the data?
The Company does not perform any operations with the User's data, including personal data,
except for storing it on the Company's servers, does not interfere with it in any way, does not
modify it, does not disclose it nor transfer it to third parties (except for disclosure to government
authorities in accordance with the law), unless otherwise provided in the Contract. The sole
purpose of handling such personal data is to preserve it and to make it available to the User.
What personal data do we process?
telephone, etc.
For how long do we process personal data?
the Appoints booking system operated by the Company or by visiting its website, such as cookies,
the Appoints system on the Company's servers. The User's data may also include personal data
Use of the Appoints system may be subject to the policies and rules of the relevant User, if the
We only process the personal data of Appoints Booking System End Users that such End Users
enter into the Appoints Booking System. This may include, in particular, name, surname, e-mail,
The Company processes personal data for the duration of the contractual relationship with the
User. After the User cancels the account, all data is deleted.
4. Handling of personal data when providing services to end users
4.1. Management of personal data
The Company acts as a data controller in relation to the personal data of end users. Personal
data is processed by the Company for the purpose of contract performance (conclusion of the
/contract and communication with the User) or the performance of legal obligations
(bookkeeping, issuing tax documents, etc.).
For this purpose, the Company processes in particular the following personal data: first name,
surname, name, registration number, VAT number, residential or registered office address,
telephone number and e-mail address.
system operated by the Company or visiting its website, such as cookies, log files (IP address
or other online ID). The Company processes this data on the basis of its legitimate interest or
the consent of the data subject.
In the event that the Company intends to process personal data other than that referred to in
this article or for other purposes, it does so only on the basis of validly granted consent to the
processing of personal data.
The Company does not process special categories within the meaning of Article 9 of the GDPR,
nor does it process personal data relating to criminal convictions and criminal offences within
the meaning of Article 10 of the GDPR.
Users' personal data is processed for the duration of the contractual relationship and
subsequently for a maximum of 5 years after the termination of the contractual relationship.
Personal data processed for the performance of obligations arising from specific legal
regulations are processed for the period of time provided for by such legal regulations. If it is
necessary to use personal data to protect our legitimate interests, the Company processes
personal data for the period necessary to exercise these rights.
We obtain personal data directly from data subjects when concluding the Contract. The
Company always informs the data subjects which of the personal data they must provide for the
purpose of the performance of the Contract.
We transfer the personal data of end users to Users for whom end users are interested
in making a reservation. Without the transfer of the personal data of end users, it would
not be possible to make a reservation with Users. In relation to the personal data obtained
in this way, Users act as data controllers and therefore the informed consent of the end user to
the transfer of personal data is required for the transfer of personal data.
5. Common provisions
5.1. Rights of data subjects
a) Right of access to personal data: The data subject shall have the right to obtain
confirmation from the Company as to whether or not personal data concerning him or her
are being processed and, if so, to obtain access to such personal data and to the following
information: (a) the purpose of the processing; (b) the categories of personal data
concerned; (c) the recipients to whom the personal data have been or will be disclosed;
(d) the intended period for which the personal data will be stored; (e) the existence of the
right to request the controller to rectify or erase the personal data or to restrict or object to
the processing; (f) the right to lodge a complaint with a supervisory authority; (g) any
available information on the source of the personal data, unless obtained from the data
subject; (h) the fact that automated decision-making, including profiling, is taking place.
The data subject shall also have the right to obtain a copy of the personal data processed.
The Company also processes data obtained from end users by using the Appoints booking
b) Right to rectification of personal data: the data subject has the right to have inaccurate
personal data concerning him or her rectified or incomplete personal data completed
without undue delay.
c) Right to erasure of personal data: the data subject has the right to have us erase
personal data concerning him or her without undue delay if: (a) the personal data are no
longer necessary for the purposes for which they were collected or otherwise processed;
(b) the data subject withdraws the consent on the basis of which the data were processed
and there is no further legal basis for the processing; (c) the data subject objects to the
processing and there are no overriding legitimate grounds for the processing; (d) the
personal data have been unlawfully processed; (e) the personal data must be erased in
order to comply with a legal obligation under Union or Czech law; (f) the personal data
were collected in connection with the offering of information society services. However,
the right to erasure does not apply if the processing is necessary for compliance with legal
obligations, for the establishment, exercise or defence of legal claims and in other cases
provided for in the GDPR.
d) Right to restrict processing: the data subject has the right to have us restrict processing
in any of the following cases: (a) the data subject disputes the accuracy of the personal
data for the period of time necessary for us to verify the accuracy of the personal data; (b)
the processing is unlawful and the data subject objects to the erasure of the personal data
and requests instead that we restrict its use; (c) the Company no longer needs the
personal data for the purposes of the processing but the data subject requires it for the
establishment, exercise or defence of legal claims; (d) the data subject objects to the
processing until it is verified that our legitimate grounds override those of the data subject.
e) Right to object to processing: the data subject shall have the right to object at any time,
on grounds relating to his or her particular situation, to processing of personal data
concerning him or her which we process on the grounds of legitimate interest. In this case,
the Company shall no longer process the personal data unless it can demonstrate
compelling legitimate grounds for the processing which override the interests or rights and
freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
f) Right to object to processing for direct marketing purposes: If we process your
personal data for direct marketing purposes, you have the right to object to such
processing at any time. In this case, the Company will not process the personal data
further.
g) Right to data portability: the data subject has the right to obtain the personal data
concerning him or her that he or she has provided to us in a structured, commonly used
and machine-readable format and to transmit such data to another controller without
hindrance from the Company, provided that: a) the processing is based on consent and
b) the processing is carried out by automated means. In exercising his or her right to data
portability, the data subject shall have the right to have personal data transmitted directly
from one controller to another controller, if technically feasible.
h) Right to lodge a complaint with the supervisory authority: If the data subject
considers that we are not processing his or her personal data in a lawful manner, he or
she has the right to lodge a complaint with the supervisory authority. The supervisory
authority is the Office for Personal Data Protection with its registered office at Pplk.
Sochora 27, 170 00 Prague 7 the Czech Republic, e-mail: posta@uoou.cz, tel.: 234
665 125.
i) Right to be informed about rectification or erasure of personal data or restriction of
processing: we are obliged to notify individual recipients to whom personal data have
been disclosed of any rectification or erasure of personal data or restriction of processing,
except where this proves impossible or requires disproportionate effort. If the data subject
so requests, we shall inform the data subject of the following recipients
j) Right to be informed in the event of a personal data breach: if a personal data breach
is likely to result in a high risk to the rights and freedoms of natural persons, we are obliged
to notify the data subject of the breach without undue delay
k) Right to withdraw consent to the processing of personal data: if the processing of
some of the personal data is based on consent, the data subject has the right to withdraw
his/her consent to the processing of personal data at any time in writing by sending a letter
of opposition to the processing of personal data to the e-mail address info@appoints.cz.
5.2. Data security methods
The Company uses reasonable and appropriate technical and organisational measures to
secure User Data against unauthorised or accidental disclosure. The technical measures
consist in the application of technologies that prevent unauthorised access to the User's data
by third parties. The Company shall ensure that, in the case of servers located in a data centre
operated by a third party, similar technical and organisational measures are in place at that third
party.
All data is located only on servers located in the European Union or in countries that ensure
protection of personal data in a manner equivalent to the protection provided by the legislation
of the Czech Republic.
5.3. Sending commercial communications, information on direct marketing.
When sending out commercial communications, the Company proceeds in accordance with Act
No. 480/2004 Coll., on Certain Information Society Services, as amended. You can cancel the
sending of commercial communications by using the unsubscribe link in each email sent.
5.4. Recipients of personal data
The Company does not transfer personal data to any other controllers.
The Company uses the following processors of personal data: - legal entities or natural persons
engaged in accounting, which are responsible for accounting operations - legal entities or
natural persons engaged in IT solutions, which are responsible for IT administration and
development of software programs used by the Company - legal entities or natural persons
engaged in server services, which are responsible for data storage - companies providing email
services.
The processing of personal data may only be carried out by processors on the basis of a contract
for the processing of personal data, i.e. with guarantees of the organisational and technical
security of the data, specifying the purpose of the processing, and the processors may not use
the data for other purposes.
Under certain conditions, personal data may be made available to public authorities (courts,
police, notaries, tax authorities, etc., in the exercise of their legal powers) or may be provided to
other entities to the extent provided for by a specific law.
5.5. Cookies and log files
The Company uses cookies, which are small text files that identify the user of the website
appoints.cz and record their user activities. The text in the cookie is often made up of a series
of numbers and letters that uniquely identify the User's computer, but do not provide any specific
personal information about the User.
The appoints.cz website automatically identifies the IP address of the User. An IP address is a
number automatically assigned to a User's computer when connected to the Internet. All of this
information is recorded in an activity file by the server, which enables subsequent processing of
the data.
Cookies and similar technologies serve several purposes, for example:
● Login and Authentication: when a User uses a personal account to log in, an
encrypted cookie will be stored on their device to allow them to navigate between pages
of the website without having to log in again. The User can also save his/her login details
so that he/she does not have to log in every time he/she returns to the appoints.cz
website.
● Edit: The Company uses cookies to tailor content and information to the User's
requirements in order to ensure the user-friendliness of the website.
● Marketing: The Company uses cookies to track its advertising campaigns as well as to
track Users' posts, entries and discount coupons, promotions and contests.
● Diagnostics: The Company uses cookies to diagnose and correct technical problems
reported by Users or programmers that are associated with IP addresses under the
control of a particular web company or connection provider.
● Analysis: The Company uses cookies and other identifiers to collect data about the
use and performance of the Website appoints.cz.
Operational cookies
Cookies that we need to place on your device in order for the site to work. For this reason,
your consent is not required.
Third party cookies
Third party cookies may also be placed on the appoints.cz website. This may be the case, for
example, because we have commissioned a third party, for example, to analyse the site. The
company uses the following service providers:
● Google analytics
● Google tag manager
Cookies settings
Most web browsers accept cookies automatically. However, it is possible to use controls that
allow you to block or delete them. Users of the appoints.cz website are thus entitled to set their
browser to prevent the use of cookies on their computer.
We use two types of cookies, persistent and disposable. A persistent cookie remains on your
hard drive after you close your browser. Persistent cookies can be used by the browser on
subsequent visits to the website appoints.cz. Persistent cookies can be deleted. One-time
cookies are temporary and are deleted when you close your browser.
Instructions for blocking or deleting cookies in browsers can usually be found in the privacy
policy or help documentation of each browser.
Protocol files
The User's browser automatically reports some information every time the web page appoints.cz
is viewed. When you register on the appoints.cz website or browse the website, the servers
automatically record certain information that the web browser sends each time you visit the
website. These server logs ("log files") may include information such as the web request, IP
address, browser type, browser language, referring/exit pages and URLs, platform type, number
of clicks, domain names, landing pages, number of pages viewed and the order of those pages,
amount of time spent on certain pages, date and time of the request, and one or more cookies
that can uniquely identify the web browser.
5.6. Applied data protection legislation
The Company is primarily governed by the following legal provisions when providing personal
data protection:
● Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April
2016 on the protection of natural persons with regard to the processing of personal data
and on the free movement of such data, and repealing Directive 95/46/EC (General
Data Protection Regulation);
● Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002
concerning the processing of personal data and the protection of privacy in the
electronic communications sector;
● Commission Regulation (EU) No 611/2013 of 24 June 2013 on measures applicable to
personal data breach notifications under Directive 2002/58/EC of the European
Parliament and of the Council on privacy and electronic communications (limited in
scope);
● Act No. 110/2019 Coll. on the processing of personal data;
● Act No. 121/2000 Coll., on Copyright, on rights related to copyright.
5.7. Final Provisions
By entering into the Contract, the User confirms that he/she has read these Privacy Policy.
The Company may update this Privacy Policy if necessary. The current version of the Privacy
Policy will always be available on the appoints.cz website. If there is a material change in the
way this Privacy Policy treats personal information, the Company will notify Users by
prominently posting a notice prior to implementing such changes. We encourage you to review
website.
the Privacy Policy on an ongoing basis when using the Appoints system or the appoints.cz
