GDPR

Basic rules of procedures related to the processing of personal data when providing consulting services in the field of homeopathy

Art. 1

1. JUDr. Iva Bíliková, Id. No.: 71345884, with headquarters at Kounicova 14/71, 602 00 Brno, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), revised its own procedures related to the processing of personal data when providing consulting services in the field of homeopathy, and as a result of their summarization hereby declares the basic rules of procedures related to the processing of personal data.

2. JUDr. Iva Bíliková ensures compliance with these rules when processing personal data by herself, or a possible co-worker, and in case of suppliers – external processors of personal data – has contractually secured guarantees of an adequate protection pursuant to Article 28 of the GDPR.

Art. 2

1. JUDr. Iva Bíliková processes personal data exclusively in accordance with the legal reasons set out in Article 6 of the GDPR, only to the necessary extent and for the necessary period. Purposes of personal data processing and the period of their processing are maintained for each individual agenda in a record of processing activities pursuant to Article 30 of the GDPR, provided that the conditions of this provision are met.

Art. 3

1. JUDr. Iva Bíliková, in accordance with usual standard practices in providing consulting services in the field of homeopathy, guarantees an appropriate secure processing of personal data and adopts measures to secure personal data, in particular by means of:

a. locking of premises, in which personal data are stored,
b. protection of access to personal data processing technology by individual strong passwords and protection of these passwords against disclosure,
c. protection of computer technology by anti-virus programmes,
d. appropriate measures for protection of portable computer technology or portable data storage (e.g. constant supervision, locked transport packaging, personal handling of the data storage when copying data to another device etc.),
e. password protection of files with a large amount of personal data or with easily misused or sensitive personal data in case of sending these files via an e-mail or their storing via a shared data storage, and if necessary hand-over of these files while communicating the password via a different communication channel, then the files were sent through (phone, sms),
f. proper fulfillment of obligations pursuant to regulations governing archiving, observance of legal deadlines for document storage and archiving, as well as timely and proper execution of shredding proceedings.

Art. 4

1. JUDr. Iva Bíliková fulfills all the rights of data subjects.

2. JUDr. Iva Bíliková further, and in particular:

a. keeps records of processing activities pursuant to Art. 30 of the GDPR, provided that the conditions of this provision are met,
b. ensures that the data subjects are informed pursuant to Articles 12 to 14 of the GDPR,
c. fulfills other rights of data subjects pursuant to Articles 15 to 22 of the GDPR,
d. carries out the reporting and notification of personal data security breaches pursuant to Articles 33 and 34 of the GDPR.

3. Proposals of records, information, processing of requests/complaints and of notifications pursuant to Art. 4 (2) are deposited at JUDr. Iva Bíliková.

4. Data subjects may submit their requests/complaints for the exercise of their rights described in Art. 4 (2) to JUDr. Iva Bíliková, especially via an e-mail at the contact email address or in written at the headquarters’ address.

Art. 5

1. JUDr. Iva Bíliková performed a risk analysis of the processing of personal data and took appropriate technical and organizational measures to ensure the processing, as described above. The risk analysis concluded: the processing of personal data does not pose a high risk to the rights and freedoms of the data subjects concerned, and therefore it is not necessary to carry out a data protection impact assessment („DPIA“).

2. JUDr. Iva Bíliková assessed the processing of personal data from the perspective of Art. 37 of the GDPR; as the conditions for appointing a data protection officer are not given pursuant to the recital no. 91 of the GDPR, she is not obliged to appoint a DPO. A DPO is thus not appointed.

3. JUDr. Iva Bíliková – in addition to records on processing activities pursuant to Art. 30 of the GDPR, provided that the conditions of this provision are met – keeps records of eventual consents to the processing of personal data, unless there is another legal title for personal data processing, and records personal data security breaches.

4. JUDr. Iva Bíliková regularly, at least once a year, evaluates compliance with personal data protection rules, incl. technical and organizational measures, and adopts remedial actions, eventually updates internal documentation related to personal data protection as necessary.

These rules were adopted 21.12.2021.

JUDr. Iva Bíliková

Jsem tu pro vás

Kontaktujte mě

IB-HOMEO

JUDr. Iva Bíliková

Id.No.: 71345884

(+420) 607 690 186

info@ib-homeo.cz

Brno (main office)

Kounicova 14/71
Brno
602 00

Rájec

Rájec 33
Borovnice - Rájec
517 41

Prague

Upon agreement