Privacy policy

Information regarding processing of personal data in compliance with GDPR regulation of European Parliament and Council (EU) 2016/679 named “Regulation and protection of personal data processing” for visitors of the web page czequestria.cz (referred as “website”), customers of CZ/SK bronies z.s. association (referred as “customers”) and attendees of events held by CZ/SK bronies z.s. association (referred as “event visitors”).

Controller

CZ/SK bronies z.s., IČO: 02191041, of address V podvrší 1350/5, 182 00 Praha 8 – Libeň, Czech Republic registered in Business register in Prague City court, file mark L 2622 (referred as “controller”)

Controller contact email: info@czskbronies.cz

Purposes of processing personal data

We process website visitors’ personal data in order to fulfill the following operation requirements:

  • safety & security of the website
  • required and expected website functionality
  • fulfilment of general obligatory law requirements
  • protection of legitimate controller interests

We process customers’ personal data in necessary manner for these purposes:

  • postal delivery & returns of the ordered goods and services
  • long term personal data storage required by accounting law

We process event visitors’ personal data in necessary manner for these purposes:

  • postal delivery & returns of the ordered goods and services
  • long term personal data storage required by accounting law
  • event entry
  • audio and video recordings: for propagation purposes
  • underage attendees: for acknowledgment of legal representative with event attendance
  • underage attendees: Contact in case of unexpected event/emergency
  • LARP attendees: in case of necessary assistance during live game in the field

The personal data we process

Website Visitors

  • Identity data – we process your IP address in order to authenticate access for the website administration and to ensure adequate website application security.
  • Website usage data – for total site usage statistics, we process data on the number of unique accesses and impressions of individual parts of the site. This data is anonymized and uses the hashed IP address of the visitor (IP is encrypted to make identification pairing not possible).
  • Embedded content – posts on this website may contain embedded content (such as videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if a visitor visited another site. This website may collect data about you, use cookies, insert third-party tracking and track your interaction with this embedded content – including tracking interactions with the embedded content if you have an account and are logged in to that website.

Customers

  • Identity data – we process your name and surname to ensure the delivery of the ordered goods and/or services
  • Contact details – in order to ensure the delivery of the ordered goods and/or services we may need to communicate with you in regards to the specifics of your order. For this purpose we process your email, bank account information and in the case of a delivery by the post also your address, city, zip code and country.

Event visitors

  • Identity data – we process your name and surname to ensure access to the event. Additionally, to provide the best event features for you (due to necessity of language knowledge), we also process the country of event visitor’s origin. In order to clearly identify when the visitor entering the event for the first time and the necessity of consenting to participation by minors, we also process the date of birth or age.
  • Contact details – we process your e-mail, street address, and bank details to ensure delivery of the ticket, the goods associated with the ordered entry and the information necessary for participation. For minors we process the name, surname and contact telephone of the legal representative for the purpose of informing legal representatives in case of an emergency during the event. For LARP attendees we also process a phone number to be able to provide an assistance from the organizers of the infield play.
  • Attendance event data – we use anonymized visitors data for the statistics of past events and the planning of future ones, ranging from numbers, types of sold tickets or rewards and distribution of sales over time, participation in LARP, the age of visitors, and country of visitor’s origin.
  • Audiovisual materials – for the purpose of promoting the event, we acquire audiovisual recordings from events that capture the atmosphere of the event and its participants. These are then published on the website czskbronies.cz, on the website of the organized event and on the selected sites (e.g. on social networks). The specific places where the audiovisual materials will be published, are in compliance with GDPR to the best of our knowledge. These places are announced together with other information about the specific event.

Processors of personal data

The website is managed by administrators who process the personal data of visitors of the website to the necessary extent to perform tasks (technical management and moderation) specified by the controller.

Customers’ data is processed by the members of the organization responsible for orders processing and dispatching.

Event visitors’ data is processed by members of the association to the necessary extent for planning and ensuring the safe course of the event. In addition, personal data necessary for the issuance of purchased tickets, rewards at the venue and actions related to this activity are processed by the person/s appointed by the controller. Audiovisual materials are further processed by authorized people and published at designated locations.

Recipients of personal data

The website is operated by the website provider Active 24 s.r.o, ID No: 25115804, registered office at Sokolovská 394/17, 186 00 Praha 8, registered with the Municipal Court in Prague, file number C.51029 and all personal data are stored in this provider’s database.

Backups, exports, and processed data from website applications are stored in a cloud storage GDrive with secure access.

How long do we keep Your personal data

We keep your personal data only so long as we need it to provide the website to you and fulfil the purposes described above. Statistical anonymized visitors’ data are kept for a maximum of 15 years.

Customers’ personal data are kept for a period specified by law for accounting purposes or for the duration of the warranty of the service or the goods.

The personal data of event visitors are kept for the duration of the event and for the time necessary for the delivery of the purchased rewards that are part of the ticket, but no later than one year after the end of the associated event. After this time data of attendees is anonymized. Consents of participation of minors are kept for as long as legally necessary in case of an insurance claim regarding the associated event. In the case of telephone contact on the LARP attendees, these are deleted within 30 days after the event.

Audiovisual materials associated with organized events are kept during the existence of the association.

What are your rights

Your personal data in accordance with GDPR and generally binding legal regulations. You have the right to access your data and the right to repair them.

In cases where your data are processed to which you have given consent, you are entitled to withdraw this consent at any time. If you wish to revoke your consent to the processing and there is no other legal reason for processing your data, you have the right to delete or restrict the processing.

As a visitor of the event if you want to withdraw a previously published Audiovisual material on which you’re displaying, contact the controller (see Controller section) and provide a link or other unambiguous description of the material in question.

You can apply the right to access your data and your other rights by sending an e-mail request to the controller’s email address (see Controller section).

If you believe that your data processing is not in order, you may file a complaint with the Personal Data Protection Authority (https://www.uoou.cz/)

If you have any questions regarding the processing of your personal data or this policy, contact your controller directly via e-mail (see Controller section).