Personal Data Processing Agreement

  1. INTRODUCTION
    1. When using the “Lime Talk“ service, visitors to the User's website may leave their Personal Details in “Lime Talk“ Service within their communication with the User. The stored Personal Details include:
      1. Information filled in by the visitor during a conversation, e.g. name, e-mail address, and phone number
      2. The IP address and the derived geographic location
      3. The URL of the visited website
      4. Reference URLs
      5. The operating system type and the browser type
    2. In order to enable the visitor and the Operator to lead a conversation, “Lime Talk“ Service saves cookies in the visitor‘s browser.
    3. By using the Service, the User authorizes the Service Provider to process such Personal Details and to perform the below-specified operations.
  2. PROVIDER’S OBLIGATIONS
    1. The Provider, as the processor of the Personal Details, hereby declares that:
      1. He complies with all legal obligations arising from the GDPR and other legislation related to protection of personal data;
      2. For the entire duration of the Agreement the Provider processes the Personal Details in accordance with the legal order of the Czech Republic, especially in accordance with the GDPR;
      3. For the entire duration of the Agreement the Provider keeps proper records of the processing of Personal Details within the meaning of Section 2, Article 30 of the GDPR;
      4. In respect of designated data subjects, the Provider will only process the Personal Details to the extent and for the purpose of using the Service;
      5. The Personal Details are processed exclusively within the European Union or within the countries which provide an adequate level of protection on the basis of the decision of the European Commission.
  3. USER’S OBLIGATIONS
    1. The User, as the administrator of the Personal Details, hereby declares that:
      1. As regards to the Service, he or she will only keep and work with the up-to-date Personal Details and will always have a valid legal title in all and any circumstances;
      2. He or she complies with all legal obligations arising from the GDPR and other applicable laws;
      3. He or she performs his information duties towards the data subjects in relation to the Personal Details, keeps records of processing activities and has taken organizational measures to handle complaints and to apply the rights of the data subjects;
      4. He or she is not aware of any risk of breach of applicable laws in connection with the processing of the Personal Details which has been performed so far.
  4. DATA PROCESSING
    1. The Personal Details shall be processed by the Provider from the moment the first Personal Details are stored in the Service.
    2. The Personal Details shall be processed by the Provider for the duration of the Agreement.
    3. If the Agreement is terminated, the Provider is entitled to erase the Personal Details stored in the Service within 30 days from the date of termination of the Agreement.
    4. Upon the termination of the processing of the Personal Details, the Provider undertakes to erase the Personal Details and the copies thereof within 30 days from the date of termination of the Agreement, unless this is not permitted by applicable legislation.
    5. Unless otherwise agreed, the Provider shall assume that:
      1. The User does not enter any specific categories of the Personal Details (sensitive data);
      2. If the User enters into the Service any Personal Details of particularly vulnerable categories of persons, the User does so on his or her sole responsibility.
    6. The Provider processes the Personal Details manually as well as automatically.
    7. The Provider processes the Personal Details in electronic form.
    8. The Provider processes the Personal Details with professional care.
    9. The Personal Details which the Service Provider may process with the User's authorization are those Personal Details that the User uploads to the Service or those that are obtained through the Service.
    10. The above mentioned Personal Details are processed by the Provider with the User's authorization for purposes which are based on the functionality and mission of the Service.
    11. The above mentioned processing is always controlled by the User as the Administrator by using the Service.
    12. In addition to the above mentioned purposes, the Provider may perform the processing with the User's authorization in order to provide technical and administrative support. Provision of technical support may also include the Administrator’s intervention or a technical intervention by the program.
  5. SECURING THE PERSONAL DATA
    1. The Provider undertakes to use all and any reasonable security systems and procedures which are usual for the processing of the Personal Details.
    2. The Provider undertakes to take all and any possible steps to prevent an unauthorized access, copying, modification, storage, reproduction, publication or distribution of the Personal Details.
    3. The Provider declares that he has taken and observes the technical and organizational measures for protection of the Personal Details.
    4. The Service uses the encrypted https protocol.
    5. The Provider’s employees and cooperating persons are trained in the field of personal data protection and personal data processing.
  6. SECURITY INCIDENTS
    1. In the event that either Party finds out that:
      1. the Personal Details have been processed or may be processed wrongfully or unlawfully;
      2. the Personal Details have been or may be immediately lost, damaged or destroyed, or any other kind of destruction of the Personal Details has occurred or may occur;
      3. any suspicion of breach of security of the Personal Details has occurred;
      4. a third person has gained or may gain an unauthorized access to the Personal Details,
    2. the Party is obliged to notify the other Party of such an event without undue delay and to provide maximum assistance for remedy.
  7. OTHER PROCESSORS
    1. For the provision of the Service, in particular for the operation of the server infrastructure, the Provider uses services of subcontractors.
    2. The User expressly agrees that the Provider may use other processors for the partial processing of the Personal Details under this Agreement. The Provider undertakes to ensure that such processors undertake to protect and secure the Personal Details as required by the applicable laws.
    3. Upon written request, the Provider shall provide the User with an up-to-date list of subcontractors.
  8. COOPERATION
    1. The Provider undertakes to provide any necessary cooperation that may be reasonably required of him / her as the Processor of the Personal Details.
    2. The Provider undertakes to provide the necessary cooperation as regards to handling complaints and requests made by data subjects as the exercise of their rights.
  9. CONFIDENTIALITY
    1. All information obtained by the Provider in connection with the processing of the Personal Details shall be treated as confidential information. The Provider undertakes not to disclose confidential information to a third party and not to use it for any purpose other than the fulfilment of the obligations under the Agreement, except for the competent government authorities, administrative authorities and courts if, in compliance with the generally binding regulations, the Provider is obliged to provide such information or information which is or will become publicly available otherwise than by violation of this Agreement.
    2. The Provider guarantees that his employees and other associates with whom the Provider is in a contractual relationship and who perform the activities related to the Agreement, its fulfilment and provision of services are bound by obligations of confidentiality within the scope of this Article hereof.
  10. CONTACT DETAILS
    1. The Provider's contact details for personal data processing and protection: e-mail address limetalk@limetalk.com.