The Controller of personal data pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR“) is a company IQS NANOPTIQS s.r.o., ID No.: 09451200, VAT No.: CZ09451200, with registered office: Hlavní 130, 250 68 Husinec-Řež, registered in the Commercial Register maintained by the Municipal Court in Prague, file No. C 336500, operating website on which may be processed personal data:

• www.nanoptiqs.com

 (“Controller“).

You may contact the Controller

• at the address: IQS NANOPTIQS s.r.o., Hlavní 130, 250 68 Husinec – Řež,
• by e-mail: martina.tomanova@nanoptiqs.com
• by phone: +420 608 568 998

The Controller processes your personal data in the following cases:

1. Communication via the contact form

The Controller will process the personal data you provide in the contact form for the purpose of replying to and processing your message. This is processing on the basis of pre-contractual negotiations.

If a contractual relationship is established on the basis of a message from the contact form, the Controller will process the necessary data (in particular name, surname, contact details – e-mail, telephone) for the purpose of fulfilling the contractual relationship. This is discussed in more detail below.

Otherwise, the Controller will only process your personal data for the time necessary to process the enquiry (unless there is another legal reason for processing).

• Other contractual relationship with the Controller

In the case of the performance of a contractual relationship, the Controller will process the personal data necessary for the performance of such contractual relationship on the basis of the fulfilment of its legal obligations (e.g. accounting, tax), the performance of the contractual relationship or the legitimate interest of the Controller (e.g. the preservation of data in case of possible disputes).

The Controller will process such data for the period necessary for the exercise of rights and obligations and the assertion of claims arising from such contractual relationship, that is for a maximum period of 10 years from the termination of the contractual relationship, unless a longer retention period is required by law or for the reasonable protection of the Controller’s legitimate interests.

• Website visits

The Controller uses cookies on its websites. Details of their processing can be found in the Cookies tab which can be found on each website of the Controller where such personal data is processed.

PROVISION OF PERSONAL DATA

Your personal data is confidential and will not be disclosed to any third party, except for: a) situations expected by law or imposed by a government authority, b) in the case of enforcement of the rights of the Controller, c) processors of the Controller – providers of services such as web hosting, delivery and shipping services, payment gateway services, accounting services or marketing services.

AUTOMATED INDIVIDUAL DECISION-MAKING

The Controller does not make decisions based solely on automated individual processing that would have legal effects on the data subject or affect him or her in a similar way.

YOUR DATA PROTECTION RIGHTS

Under the terms of the GDPR, you have:

• the right of access to your personal data under Article 15 of the GDPR, whereby you also have the right to obtain a copy of your personal data, whereby the first provision is free of charge, and for the subsequent provision you may be required to pay reasonable costs associated with obtaining such copy,
• the right to rectification of your personal data pursuant to Article 16 GDPR or restriction of processing pursuant to Article 18 GDPR,
• the right to erasure of personal data pursuant to Article 17 GDPR, unless the data are data that the Controller is obliged to process by law or is entitled to process on the basis of its legitimate interest,
• the right to object to processing on the basis of legitimate interest under Article 21 GDPR,
• the right to data portability pursuant to Article 20 GDPR,
• the right to withdraw consent to processing in writing or electronically to the address or e-mail of the Controller.

You also have the right to lodge a complaint with the Office for Personal Data Protection (Pplk. Sochora 727/27, 170 00 Prague 7 – Holešovice, www.uoou.cz) if you believe that your right to personal data protection has been violated.

CHANGE OF TERMS

The Controller has the right to change this Policy. The Controller will publish the new version of the Privacy Policy on its website, and, if appropriate, notify you by email.