As a company that wants to act responsibly, we strive to find a balance between innovation and ensuring the necessary level of data protection and security for our users. While carrying out our tasks, the Principles of Personal Data Protection help us at all levels to make decisions that protect our users.
Information from users enables us to create useful and beneficial services and products. We believe that focusing on users will help us develop products and features to protect personal information.
We make users aware of what information we use to personalize our services. Where possible, we are transparent about what information we have about individual users and what information we use to provide our services.
People have different needs and opinions about privacy. To accommodate the wide range of our users, we try to give users detailed choices about how their personal information is handled. We do not trade users' personal information.
We accept responsibility for the protection of the information that users entrust to us. We take security matters seriously.
The personal data controller is SAFE TREES, ID: 26935287, with its registered office at Kyselkova 285/4, 612 00 Brno, registered with the Regional Court in Brno, Section C, Insert 46404.
Contact details: firstname.lastname@example.org
Personal data means, within the meaning of Article 4 paragraph 1 of the GDPR, any information about an identified or identifiable natural person ("data subject"); an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, a network identifier or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject within the meaning of Article 3 of the Personal Data Processing Act means the natural person to whom the personal data relate.
In the case of using the Trees under Control app, we process personal data according to the position in which you act, as follows:
We only use your personal data for purposes related to the relationship, the performance of our obligations under the contract, the provision of contractual communication and the provision of our services. Thus, we process personal data on the basis of the performance of contractual obligations within the meaning of Article 6 paragraph 1(b) of the GDPR.
We are also required to keep accounting records and comply with other legal obligations (e.g. taxes, etc.). In this case, we process your personal data on the basis of fulfilling legal obligations pursuant to Article 6(1)(c) GDPR.
In addition to the purposes mentioned above, we will also process your personal data for the purpose of possible litigation and debt recovery, whereby this processing is based on our legitimate interest pursuant to Article 6 paragraph 1(f) of the GDPR. We may also use technical information based on the legitimate interest of ensuring the functionality and quality of our services.
If you register on our website and give us your consent, we use your email address for the purpose of sending you commercial communications. The legal basis for this processing is therefore your consent pursuant to Article 6 paragraph 1(a) of the GDPR. In every commercial communication we send you, you will find an option to unsubscribe and opt-out of receiving further commercial communications. As part of the newsletter, we also send information provided by the CSOP Arborist Academy, especially invitations to their training courses or their information about the field of arboriculture.
However, we do not need your consent to send you information that is related to the use of the services we provide, which is usually technical information or confirmation emails; these emails are again sent on the basis of the performance of contractual obligations within the meaning of Article 6 paragraph 1(b) of the GDPR.
SAFE TREES processes your personal data according to the principles of personal data processing within the meaning of Article 5 of the GDPR.
Personal data are:
The controller shall be responsible for compliance with paragraph IV and shall be able to demonstrate such compliance ("accountability").
The processing of personal data is carried out by the controller. Processing is carried out at the controller's premises by individual authorised employees of the controller or by the processor. The processing is carried out by computer technology, in compliance with all security principles for the management and processing of personal data. For this reason, the controller has adopted technical and organisational measures to ensure the protection of personal data, in particular measures to prevent unauthorised or accidental access, alteration, destruction or loss of personal data, unauthorised transmission, unauthorised processing or other misuse of personal data.
As we have already stated, we try to process all personal data ourselves through our employees, but some activities require us to involve other entities in the processing. These entities are called "recipients of personal data" and your personal data can be accessed by these recipients:
The specific recipient in each case will be communicated by the controller to the data subject on their request.
We process your personal data for the period of time that is strictly necessary for the fulfilment of a specific purpose of processing, i.e. typically for the performance of a contractual relationship or for the period of time expressly required by applicable law or until the consent is withdrawn. The controller will inform the data subject of the specific duration of the processing in the case in question.
The data subject has the following rights:
The data subject has the right to withdraw their consent to the processing of personal data at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent given prior to its withdrawal. Withdrawal of consent may be made by sending an e-mail to email@example.com.
The data subject has the right to obtain confirmation from the controller as to whether or not personal data concerning them are being processed and, if so, to obtain access to such personal data and to the following information:
The data subject has the right to have inaccurate personal data concerning them rectified by the controller without undue delay. Considering the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by providing an additional declaration.
The data subject shall have the right to have the controller erase personal data concerning the data subject without undue delay and the controller shall be obliged to erase the personal data without undue delay if one of the following grounds applies:
The data subject has the right to have the controller restrict processing in any of the following cases:
Where processing has been restricted, such personal data may, with the exception of storage, only be processed with the data subject's consent.
The data subject has the right to obtain personal data concerning them which they have provided to a controller in a structured, commonly used and machine-readable format and to transmit those data to another controller, without hindrance from the controller to whom the personal data have been provided, where:
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with the Data Protection Authority.