Processing of personal data




This document defines the basic principles of personal data processing in the operation of the server


I. Personal Data Administrator:


Name:                   MEDICAL PROTECT, s.r.o.

ID:                          01639331                                                                        

Headquarters:     Fanderlíkova 602/44 616 00 Brno

Kept by:                Regional Court in Brno under file No. C 78920                                           

Tel.:                       +420 602 624 266



(hereinafter referred to as the „Operator“)


II. Authorized Person for Personal Data Protection

The Operator has not appointed any authorized person for personal data protection because it is not a public authority or body, its main activities are not processing operations that would require extensive regular and systematic monitoring of persons, nor extensive processing of specific categories of data.

III. Legal Base for Personal Data Processing

When processing personal data, the Operator is based on the main principles of the Regulation 2016/679 on protection of individuals with regard to the processing of personal data and on free movement of such data (hereinafter GDPR or Regulation) and all related laws. The Regulation is valid from 25 May 2018. Furthermore, Act No. 110/2019 Coll., on processing of personal data, Act No. 127/2005, on electronic communications and Act no. No. 480/2004 Coll., on certain services of an information company. In accordance with these regulations, the legal basis for the processing of personal data has been set to the following extent:

Contract Fulfilment

This legal title applies to cases where the user actively requests a certain service or goods from the Operator. In addition to concluding a contractual relationship in the form of a contract, etc., this also includes other activities carried out for the purpose of using a certain service or purchasing goods, including entering a URL into a browser to gain access to a specific service or goods. An example of this processing of personal data is, for example, the identification of the client before the actual conclusion of the contract, the data needed for invoicing (if there is a cash payment for the provision of the service).

Legitimate Interest of the Operator

The Operator has the opportunity to process the user's personal data in its own subjectively determined interest. The user therefore has the right to object to the said processing, the right to deletion and also the right to assess the legitimacy of such processing. This category is commonly covered by activities to exercise freedom of expression, protection of services from abuse (including fraud prevention), enforcement of claims and legal claims in general, direct marketing, network and information security arrangement measures or processing for the purpose of reporting potential crimes.

Processing of Personal Data with Consent

In these cases, explicit consent to the processing of personal data by the user will be granted. The request for consent to the processing of personal data will be provided separately from other facts. The user has the right to revoke the granted consent. In this case, it is mainly the consent to the provision of selected personal data (e-mail address) to send marketing offers of the Operator, or inclusion in the user satisfaction survey.

Fulfilment of Legal Obligations

In this case, the legal reason for processing personal data arises from specific national or European legislation. The Operator is bound by this obligation. Examples may include processing due to obligations imposed by the tax office or responding to court decisions and passing on specific data to law enforcement authorities.

The Operator processes the following personal data:

VI. Purpose of Personal Data Processing

The Operator uses the collected personal data for fulfilment of a certain, explicitly expressed and legitimate purpose. As part of the services of the server your personal data is processed for the following purposes:


The processing of personal data is performed by the Operator through IT equipment or manually - by authorized employees, or third party on the basis of a contractual relationship, all in compliance with the requirements of the GDPR for the management and processing of personal data. When processing personal data by the Operator, there is no automatic individual decision-making.

The user provides personal data completely voluntarily, he is not obliged to provide it. However, if the user does not provide personal data to the Operator, he will not be able to enter into any contract with him and perform from such a contract. It is entirely up to the user whether or not to use the server.

V. Personal Data Recipients:

Personal data may be passed on to the following recipients:

VI. Time of Personal Data Processing:

Personal data will be processed for the duration of the contractual relationship between the parties and after its termination they will be disposed of in accordance with applicable law, especially Act No. 499/2004 Coll. (act on archiving and filing services and amending certain laws) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR Regulation).

VII. Use of Cookies

Cookies are very small text files that the displayed website stores in the browser of the user's end device (computer, tablet, smartphone, etc.).

The Operator's website works with:

1.) technical and security cookies, which are necessary for its correct display and functionality. For this reason, they are mandatory and cannot be turned off, then with

2.) analytical cookies allowing to monitor traffic and the way of use of the site, so the site can be better optimized for a better user experience, further with

3.) personalized and advertising cookies, which record a specific visit to the site, thanks to which advertising can be personalized for the user.

Temporary cookies are stored only for the duration of the user's visit to the website. Persistent cookies remain stored longer, depending on their function.

The Operator informs the user in advance about the use of cookies on this website and its scope and purpose of their processing. To do so, he will require prior consent to their storage in cases ad 2.) and 3.). If the user does not want the Operator to store cookies on his device, he can change the cookie management settings of his web browser, where he will disable the storage of cookies. Cookies can also be blocked only for individual websites according to the user's internet browser settings.

If the user disables cookies (in any of the above ways), these sites and the services provided through them may not function properly. Cookies can be re-enabled at any time.


VIII. User’s Rights