Privacy Policy (GDPR)

The protection of personal data of users of the service of the International Institute of Social and Economic Sciences s.r.o. (hereinafter referred to as the operator or IISES) is very important to us, i.e. to the operator. Therefore, in this IISES Privacy Policy (the "Privacy Policy"), we want to clearly explain to you how and why we collect personal data, what we do with it, and what control and choices you have regarding the processing of your personal data. In doing so, we comply with all legal provisions, in particular the so-called GDPR (EU General Data Protection Regulation 2016/679).

WHAT PERSONAL DATA DO WE PROCESS AND WHERE DO WE GET IT FROM?

We only process data that we absolutely need. We collect and process different personal data at different stages of your use of IISES services.

AS PART OF THE REGISTRATION

When you register, we ask for basic identification, contact and profile information in order to register, create a user account and use IISES services. This may include your first and last name, username, email address, phone number, residential address. You also have the option to provide us with other personal information so that we can better understand what information may be of interest to you.

IN THE COURSE OF USING IISES SERVICES

When you use IISES services, we collect and process personal data about you to enable us to provide our service and offer you relevant content. The scope of personal data processed varies significantly depending on whether you are a user of IISES services, a mere visitor to the IISES website or a registered user. For visitors who are not registered, we only collect data about their use of our website and the devices from which they access it - see our Cookie Policy.

When using IISES services, we process the following product, communication, technical and profile data for users:

• Information about your interactions and your activity in using IISES services, such as information about:
• login to your account,
• browsing our website,
• the lists you create, your browsing history, and your other interactions with the IISES Services, the Content, and other users of the IISES Services.
• Conclusions drawn about your interests and preferences based on your use of IISES services.
• Communicating with us about your preferences, requests, changes to your data, responses to advertising or commercial communications, responses to our surveys.
• Certain technical data which may include:
• information about the URL from which the website was visited,
• online identifiers, including cookie data and IP addresses,
• information about the devices you use, such as browser type, browser version (e.g. Internet Explorer), browser language, operating system used, internal browser window resolution, screen resolution, colour depth.

ARE YOU OBLIGED TO PROVIDE US WITH PERSONAL DATA?

You are certainly not obliged to provide us with personal data. However, we will not be able to register or authenticate you and enable you to use the IISES Services accordingly without your submission.

FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?

In general, we process your personal data mainly to provide you with the best possible service. Importantly, in order for us to process your data for the individual purposes listed below, there must be a legal basis for each such processing under the law. The processing of your personal data by the IISES service provider is based on the following legal bases:

1. a) consent,

• (b) compliance with the law,
• (c) the performance of the contract or negotiations for its conclusion,
• (d) the protection of a legitimate interest of the IISES service provider or a third party.

To make matters more complicated, many of the treatments rely on multiple legal bases at the same time. Detailed information is provided below. They apply in full but only to Registered Users. For mere visitors to the IISES website, we process data about the use of our website and the devices from which they access it in order to enable the provision of the service and to display relevant advertising with the legal basis of protecting the legitimate interest of the IISES service provider.

PROVISION AND PERSONALISATION OF THE IISES SERVICE

For registered users of IISES services, it is clear that this will be a long-term service based on the processing of personal data. Without the processing of personal data from the registration and use of IISES services, we would not be able to provide IISES services to registered users according to the Terms of Use. According to the Terms of Use, we intend to personalize and improve the service so that its content is relevant and informative for users. The legal basis is therefore the performance of the contract. We must also rely on your consent for the processing of political affiliation data.

USE OF CONTRIBUTIONS FOR MEDIA PURPOSES AND FURTHER SHARING

According to the Terms of Use, we can continue to use and share the posts. We then have the appropriate licensing permissions from you to process the Submissions and to use them further in accordance with the Service Guide and the Terms of Use. The legal basis is therefore the performance of the contract.

MARKETING AND ADVERTISING PURPOSES

In order to ensure the free use of IISES services, we will process your personal data from registration and use of the services on the basis of our legitimate interest also for marketing, promotional and advertising purposes. However, there is no need to worry. We will not sell your data to anyone, nor will we inundate you with promotional emails, SMS messages or letters. Similarly, we will be able to the legal basis for such processing is a legitimate interest or a licence granted to use the work.

CUSTOMER SERVICE AND SERVICE IMPROVEMENT IISES

On the basis of our legitimate interest, we will inform you both by messages delivered to your profile and, where appropriate, by electronic means (e-mail or SMS) about IISES services, improvements, new features, ongoing events and other items of interest or about course changes, cancellations, transfers, etc. You can unsubscribe from receiving messages by electronic means (e-mail, SMS) at any time. We will use data from your registration and use of IISES services to create messages and target them correctly.

We will use your personal data from your use of IISES services and from your communications with us to improve our services. We may also ask you to participate in a survey, customer survey, and we may use data from your use of IISES services to develop new features and improve existing features. Again, all of this is based on our legitimate interest. When dealing with your specific requests, the processing of your personal data will be based on the legal basis for the performance of the contract.

COMPLIANCE WITH LEGAL OBLIGATIONS AND REQUIREMENTS OF REGULATORY AUTHORITIES

Although IISES is not strictly regulated, we cannot exclude the possibility that we may have to comply with the requirements of regulatory authorities with respect to our operations in the public domain, particularly in the event of a breach of the provisions of the Terms of Use and we are forced to provide them with selected identification and product data. In addition, the processing of personal data from the use of the Service is necessary to ensure compliance with certain legal obligations - ensuring the legality of contributions, security measures required by the GDPR, etc.

UNDERSTANDING, DIAGNOSING, TROUBLESHOOTING PROBLEMS WITH THE IISES SERVICE

We will also process your personal data from the registration and use of the service in order for the IISES services to function properly and to be able to diagnose and resolve any malfunctions related to the operation of the IISES services. The legal basis for such processing is the performance of the contract.

FULFILLING CONTRACTUAL OBLIGATIONS TO THIRD PARTIES, SUCH AS LICENSING AGREEMENTS, AND TAKING APPROPRIATE ACTION IN RELATION TO NOTICES OF INTELLECTUAL PROPERTY INFRINGEMENT AND INAPPROPRIATE CONTENT

IISES works with other services to ensure that contributions are shared and publicised. At the same time, in some cases, it will also have to deal with third party claims of intellectual property infringement and inappropriate content in contributions. In such cases, the processing of your personal data from the use of the service and registration will be based on the legal basis of the performance of the contract and legitimate interest.

ESTABLISHING, EXERCISING OR DEFENDING LEGAL CLAIMS

While we strongly believe that this will not happen, in order to be able to defend or pursue our legal claims in the event of a dispute regarding your use of the IISES Services, we must process your personal data, both from registration and use of the Service. The legal basis is legitimate interest.

DETECTING FRAUDULENT USE OF IISES AND VIOLATIONS OF THE TERMS AND CONDITIONS

We also process personal data about the use of IISES services for the purpose of detecting fraudulent behaviour, breaches of terms and conditions, abuse of user rights and assessing compliance with the Terms of Use. The legal basis for such processing is our legitimate interest.

WILL PERSONAL DATA BE SHARED, DISCLOSED OR TRANSFERRED?

IISES services are based on the fact that some personal data of users is shared within the service and is publicly available.

PUBLICLY AVAILABLE INFORMATION

The following data will always be publicly available to users in IISES for authorship reasons:

• Name,
• last name.

TRANSMISSION OF DATA

For data other than those mentioned above, we ensure strict confidentiality. The transfer of this personal data only takes place within the scope of the legal rules or on the basis of your consent. You can be assured that we do not trade your data in any way. We may transfer your personal data to the following entities.

We only transfer personal data to suppliers, i.e. entities that we have entrusted with the provision of certain operational activities, if the processing of personal data is necessary for the performance of that activity and only to the extent that it is strictly necessary. We refer to such entities as "processors". We only work with suppliers who are trustworthy, of high quality and who have entered into a contract with us in which they undertake to comply with strict data protection rules, including technical and organisational measures. The suppliers are providers of software (intercore solution), accounting services (Rotschedl Business Market) and cloud storage.

Regulatory and Data Protection Authorities - We will share your personal data if we have a good faith belief that we are required to do so to comply with our obligations under applicable law or under a valid legal process, such as a search warrant, court order or court order.

We will also share your personal information if we have a good faith request to do so in order to further our own legitimate interest or the legitimate interest of a third party in connection with national security, law enforcement, litigation, criminal proceedings, to protect the safety of any person, or to prevent imminent harm to life or limb, if we believe that such interest is not overridden by your fundamental rights and freedoms that require the protection of your private information.

RELATIONSHIP TO THIRD PARTIES

We have no control over and are not responsible for the privacy policies of third parties. Please read the privacy policies of these third parties to find out how they collect and process your personal data.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

If you are a registered user at a conference or for the publication of a journal article, we will retain your personal data for as long as necessary to provide IISES services to you and for legitimate and essential business purposes, such as the goal of continuing to provide IISES services, making business decisions about new features and offerings based on relevant data, fulfilling our legal obligations, and resolving disputes. We will retain your personal data for as long as you use IISES services. For example, we retain your contributions, activity data, communications, use of the IISES service and your account details. We may retain your personal data on a limited basis for a reasonable period of time after your account has been terminated, particularly where the licensing rights to your contributions continue or the data is necessary for the legitimate interest of establishing, exercising and defending legal claims and detecting fraud and breaches of the Terms.

At your request, we will delete or anonymise your personal data so that you can no longer be identified from that data, unless we are legally entitled or required to retain certain personal data, or unless we have another legally permitted reason for retaining the data, including situations such as the following:

• as long as our authorisation to contribute under the licence to use the contribution continues;
• if there is an unresolved issue in relation to your account, such as a pending legal claim or dispute, we will retain your personal data until the matter is resolved;
• if we need to retain your personal data for the purposes of complying with our legal, tax or accounting obligations or for audit purposes, we will retain your personal data for the period required by applicable law, and/or
• where necessary for the purposes of our legitimate business interests, such as preventing fraud or ensuring the safety of our users.

HOW DO WE TAKE CARE OF THE SECURITY OF YOUR PERSONAL DATA?

We strive for a high standard of security for our users' personal data. Personal data is under constant physical, electronic and procedural control. We have state-of-the-art control, technical and security mechanisms to ensure maximum protection of the processed data against unauthorized access or transfer, against loss or destruction, as well as against other possible misuse. While we have put in place appropriate technical and organisational measures to help us protect the security of your personal data, please note that no system can be completely secure. We follow various procedures, including encryption, access restriction and data retention policies, to protect data from unauthorized access and unnecessary storage of personal information on our systems.

DO WE PROCESS CHILDREN'S PERSONAL DATA?

IISES services are not intended for children under the age of 18. Their personal data may only be processed with the consent of their legal representatives, whether under the GDPR or other legislation.

We do not knowingly collect any personal information from persons under the age of 18 or under the applicable age limit ("Age Limit"). If you are under the applicable Age Limit, please do not use IISES services and do not provide us with any personal information.

If you are the legal guardian of a child under the relevant Age Limit and you become aware that your child has provided us with Personal Data, please contact us at the IISES Service Provider's email address.

If we become aware that we have collected personal data from a person under the age of 18, we will take reasonable steps to delete such personal data. This may require us to delete such minor's user account and, if applicable, their posts.

WHAT RIGHTS DO YOU HAVE IN RELATION TO THE PROCESSING OF PERSONAL DATA?

In order to have greater visibility and control over the data we process about you, you have a number of rights guaranteed by law. You can exercise them in writing by contacting the IISES service provider by e-mail.

Right of access to your data - to check what data we process about you, you have the right to access your personal data and other related information (e.g. purpose, categories of personal data, retention period, source). You also have the right to request a copy of the personal data processed. However, we may charge you a fee for repeated provision of this information that is commensurate with the cost of processing and providing the information.

The right to data portability - if it is convenient for you, for example to facilitate communication with another service provider, you can obtain the data we have collected from you in order to provide our services.

Right to rectification of personal data - if your data is incorrect, inaccurate or has been changed, we will of course rectify it. Taking into account the purposes for which the data is processed, you also have the right to have us complete incomplete data.

Right to erasure of personal data - we automatically delete your personal data immediately after we have lost the authority to process it. You can still exercise your right to erasure. We will comply with this unless there is a compelling reason for processing it.

The right to limit the processing of personal data - in some situations we will limit the processing of your personal data. For example, where we can no longer process your personal data but you insist on processing it, or where we are dealing with your objection to the processing of your personal data or a notice of inaccuracy.

Right to withdraw consent - if you have given us consent to process your personal data, you have the right to withdraw it. Once you have withdrawn your consent, we will stop processing for which we have no legal authority other than your consent.

Right to object - if you do not wish us to continue the processing we carry out on the basis of protecting our legitimate interest, you can exercise the so-called objection. You can do this in several ways:

• if we send commercial communications by electronic means, the option to stop sending them via that communication channel is incorporated directly into our commercial communications,
• by adjusting the cookie settings in your web browser or directly with the provider of the specific cookies,
• you can send your objection to us at the email address of the IISES service provider.

The objection should be substantiated. It should make clear why you consider that the processing adversely affects your privacy or the protection of your rights and legitimate interests. We will then assess whether the protection of our legitimate interest is still stronger than the impact on the data subject. This does not apply if we process your personal data for the purpose of direct marketing, where processing is terminated automatically upon receipt of an objection.

The right to lodge a complaint with the Office for Personal Data Protection - if there is anything you do not like about the processing of your personal data, we would be happy if you write to us or call us. We will do our best to resolve everything to your satisfaction. However, you always have the right to file a complaint with the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.

CAN THIS DATA PROCESSING POLICY CHANGE?

Yes. We may change this Privacy Policy on an ongoing and unilateral basis. We will notify you of significant changes.

EXPLANATION OF TERMS

The provider of IISES services is International Institute of Social and Economic Sciences s.r.o., Trebesovska 2038/14, Prague, 193 00, Czech Republic, Company Identification Number: 06178278, e-mail address: info@iises.net .

Terms of Use - this is a document that governs the terms and conditions of use of the IISES service provider's services for individuals.

Registered User - this is a person using IISES services who has been registered to attend a conference or publish a journal article by providing their real name, email address, and phone number.