Our principles of personal data processing
Who we are: Komfi Health s.r.o., with its registered office at Korunnà 2569/108, Vinohrady, 101 00 Praha 10, ID: 09208241 (also “we”, “administrator”)
Link to our website: https://www.budtekomfi.cz/ (“Web”)
Contact: zakaznici@budtekomfi.cz
The purpose of this document is to inform you about how we, as a controller, handle your personal data. As concisely and clearly as possible. In a nutshell, you will learn this:
- The provision of Personal Data is necessary for the creation and completion of the order.
- Since our added value lies in creating a tailored nutrition plan, we will also need sensitive Personal Data relating to your health status for maximum effect - but always with your consent.
- Your data is stored securely, and only carefully trained personnel can access it.
- You can change, delete or supplement your Personal Data at any time. In this case, you contact us by phone, email or chat available on the website.
What is Personal Data? This is information that relates to you, and by itself or in combination with others can identify you. This includes, for example, your name, surname, address, but also information about your health or IP address and cookies (”Personal data“).
Why do we process your personal data? We have several reasons for this. We need some personal data in order to provide you with the Service you have ordered from us. Providing some Personal Data is voluntary, but it will help us to make our Services even more tailored to you. Learn more below.
Who are you? Typically, three scenarios will apply to you - either you are a Website User, a Registered User, or a Customer. Learn more below.
If you are creating a registration as an Orderer for a Client, please refer to Conditionswhere it is explained what the Client must do to obtain Personal Data.
Website user - if you only visit our Website, we may obtain Personal Data about you. This concerns, in particular, the IP address and cookies. Cookies are small text files that can serve, for example, to display personalized advertising, increase the security of a page or allow a YouTube video to be played. You can control the scope of cookies processed through the cookie bar. Read more about cookies below. If you contact us, we will also process your contact Personal Data in order to handle your enquiry. If you interact with our social media profile, we may process data about you about your name or profile nickname.
Registered User - in addition to what we process about you as a user of the website, by submitting the registration form, you agree to the provision of Personal Data and show interest in our services. This includes, in particular, your name, surname, telephone number and e-mail. We need your email in order to send you a confirmation of registration and also to be able to contact you. You can order our Services as part of your Client Profile.
Customer - If you have expressed interest in our services and placed an order, we will need additional Personal Data from you.
- in order to draw up a nutritional plan: For a properly formulated nutrition plan, we need to learn more about you. For example, they can provide us with medical reports, tell us what diseases you have (especially those related to digestion - that is, diabetes, high blood pressure, celiac disease), but also allergies, or how often you exercise. In addition to allowing a personalized nutritional plan to be drawn up and then delivered tailored meals, the reason for the fulfillment of the contract is
- for the purpose of delivery of dishes: In order to know where to bring your food, we will need your delivery address. The reason for this is the performance of the contract.
Sensitive personal data - We protect some Personal Data more in accordance with the legislation than others because they are very sensitive. This is, for example, health data that we obtain from you in order to create a personalized nutrition plan.
- Only disclose sensitive personal information to us if you truly agree to do so.
- If you are not comfortable telling us some of this information, you do not have to, but please note that the dishes may not suit you, or that we will not be able to develop a personalized nutrition plan for you.
- Access to your health data is limited only to those who absolutely need it.
‍
For what period of time do we process Personal Data?
- Newsletters we send two years from the last order or from the last time the newsletter was opened (unless you unsubscribe earlier).
- Data relating to your client profile we process three years from the last order. After this time, you need to register again. If you order after a long period of time, we will contact you to update your profile.
- We retain some data for longer to comply with our legal obligations - for example, in bookkeeping we have to keep tax records for 10 years.
What data?
Information about when and how you visit and view our website. This concerns, in particular, the IP address and cookies - in particular, the date and time of access to our website, information about your internet browser, operating system or language settings. If you visit our website via mobile, we may also process data about your phone.
How?
Commonly cookies or other technologies to track user behavior. Learn more about cookies below.
Why?
Ensuring the basic functions of the site, analytics, so that we can improve our Website. We work on marketing so that we can show you relevant content, or show our advertising on other websites. You can set cookies in the cookie bar
What data?
Name, surname, phone number and email.
How?
You will provide us with this information by filling out and submitting the registration form.
Why?
Registration is necessary for us to use the services we offer. We will contact you primarily by phone or email. We will then send you important information, such as an order summary or a change of nutritional plan to you via e-mail.
What data?
Name, surname, phone number and email, delivery address, payment details, lifestyle data, ingredients you don't like, health problems (e.g. diabetes, bloating, etc.) - always with your explicit consent.
How?
You will provide this data to us by phone or email. We also have the information you fill in the registration form.
Why?
After completing the client profile, we will contact nutritional therapists to create a nutrition plan for you that will suit your needs. Next, we need contact details so that we can bring the delivery to you.
What data?
Username (nickname), profile picture, first and last name, date of birth, phone number, email address, address (for delivery of winnings).
How?
When you leave us a comment or like, we may see some of your Personal Information. When using social networks, the terms and conditions of processing of these platforms are also applied. The method of participation in the competition is always described on our Website or in a post on the social network.
Why?
The goal is to gift our customers and reach out to potential customers. However, participation is voluntary, as is the disclosure of personal data. If you withdraw your consent, you will not be able to participate in the contest. If you have a question through a social network, we answer for reasons of legitimate interest in a good relationship with a potential customer, or to deal with details about the concluded contract.
What data?
Name, surname, phone number and e-mail, order details.
How?
We send newsletters and satisfaction questionnaires only to those customers who have not expressed an objection to sending them, or to those who are not our customers but have given us their consent to receive the newsletters. If you do not want to receive newsletters, you can unsubscribe in the email footer. If you have a question about us, we process the Personal Data that you provide to us or that is necessary to process the inquiry.
Why?
The purpose of sending the newsletter (commercial communication) is to improve relations with (potential) customers and to promote our services. We send satisfaction questionnaires to customers to improve our service. For customer relations, the legal reason is a legitimate interest, for those who are not our customers, we will ask for consent. In the case of processing inquiries, it is the other way around - for common inquiries, it is a legitimate interest to promote our services (to put everything right in terms of our services), or pre-contractual negotiations, if the questions are directed towards the creation of an order. For customers, we handle enquiries due to the performance of the contract and the fulfilment of our legal obligations (e.g. acceptance of a complaint).
What data?
First and last name, address, date of birth, phone number, email address, social network link, data on former employment, education, interests, abilities, certification.
How?
Do you want to work with us? It's super! We will look at the documents you send, which contain personal data, and we will contact you based on them. This is due to pre-contractual negotiations and the protection of legitimate interests (for example, for example, a legal dispute with a tenderer)
What data?
Data on invoice - name, surname, email address, billing address, order details. Data on tax document: name, surname, email address, billing address, order details.
How?
The data you provide to us by phone or email and then confirm in the email will be recorded in order to create an invoice.
Why?
Accounting documents and accounting records (invoices) must be kept by law for a period of 5 years from the end of the accounting year to which they relate. We also have an obligation to keep the invoice for 3 years from the end of the tax period in which the invoice-related tax liability arose. We also have an obligation to archive tax documents for 10 years from the end of the tax period in which the transaction took place.
Who can access your Personal Data? In particular, it concerns our processor. These are the entities that we assign to provide us with the services in which Personal Data is processed. We have signed a Personal Data Processing Agreement with all our processors, which obliges our processors to treat your Personal Data as their own.
Cookies
Functional cookies: These cookies are used for basic functions of the site, such as storing the language version of the site, or improving the security of the site. We process these cookies on the basis of legitimate interest.
Analytical cookies: These cookies are used to analyze website traffic and user behavior on the site. Example: A cookie tracking the number of visits to a page to improve its structure and content. We do not process these cookies without your consent.
Marketing cookies: These cookies are used to target ads based on the user's browsing history. Example: Cookies that track web browsing history to serve targeted ads based on user interest. We do not process these cookies without your consent.
How do we protect your personal data?
- We have restricted access to your Personal Data, especially the most sensitive ones related to your health condition.
- We regularly back up data, update our software and use secure servers. Whenever possible, we store/transfer data in encrypted form and use two-factor authentication to log in internal users.
- Our employees are committed to confidentiality and we have trained them how to handle Personal Data.
Right of access
We may give you confirmation that we process your Personal Data, or to what extent, for what reason, for what purpose, or who has access to your Personal Data. We may also provide you with a copy of your Personal Data as long as it does not adversely affect the rights and freedoms of others.
Right to rectification
Inaccurate or incorrectly entered Personal Data will be happy to correct.
Right to erasure
If there is no reason to process Personal Data, we will delete it at your request, unless we have already done so. Alternatively, we may also anonymize your data.
Right to restriction of processing
We will restrict processing if you believe that they are being processed to the wrong extent or for the wrong reason.
Right to withdraw consent
Have you changed your mind? Never mind, write to us. For example, you can unsubscribe from newsletters at any time in the email footer by clicking “Unsubscribe”.
Right to notification of the outcome of the exercise of your right
We will let you know primarily by email, or otherwise if you have not communicated the email to us.
In case of any confusion, please contact us. If you are not satisfied with our answer, you can also contact Office for the Protection of Personal Data.
This Privacy Policy is effective from 3 April 2023.