Privacy Policy & GDPR

1. PRINCIPLES OF DATA PROCESSING

We collect and process personal data of Users in a manner that respects to the greatest possible extent User's privacy. Our Privacy Policy is based on the following principles:

Purpose limitation and data minimization. The Service collects and processes only personal data that is necessary for the performance of the Agreement. The data collected are (a) IP addresses of Users for the purpose of security and blocking unauthorized access; (b) e-mail addresses of registered Users for the purpose of communication (notice of changes etc.) and retaining access (e.g. renewing forgotten passwords). We also collect (c) usernames which, however, may be fictional, and (d) hashes of passwords (see below). Apart from our own We do not knowingly provide personal data of Users to third parties and do not analyze it.

Lawfulness, fairness and transparency. Personal data is processed upon User's consent for all purposes. A registered User expresses his or her consent by ticking a check box during the registration process, other Users by agreeing to the Terms of Use and/or by confirming changes that require the modification of cookies. The User is entitled to invoke his or her rights under Article 12 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("General Data Protection Regulation," or "GDPR"), and local laws where applicable. Specifically the User has the right (a) to access their personal information, (b) to request their correction or (c) erasure, (d) to request the restriction of their use, (e) to object to their use, (f) to their transfer where possible. To exercise these rights, please contact us via e-mail. Furthermore, the User has the right (g) to withdraw at any time his or her consent to Our processing of his or her personal data by terminating his or her account or by contacting Us in writing. The User has (h) the right to lodge a complaint with the supervising authority in their country (The Office For Personal Data Protection in case of the Czech Republic).

Limited storage periods. We may store your personal data as long as you use our Services to provide you with such Services. We do not store your personal data for longer than is necessary for the purposes for which the personal data are processed. Termination of User's account leads to erasure of his or her personal data within 90 days. Data collected about non-registered Users are erased within 90 days, as well.

Integrity and confidentiality. Personal data is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. In the unlikely event of data theft or accidental loss it is practically impossible to identify the User based on them without his or her additional cooperation. User passwords are hashed, and therefore neither Us nor anyone else should be able to decrypt and abuse them. The risk of varying likelihood and severity for the rights and freedoms of natural persons is thus insignificant. Nevertheless, Users are always advised to use unique passwords to access our Site and other online services requiring user authentication, particularly online banking.

Google Analytics, Google AdSense, and HitSteps HitSteps ("Listed Third Services - LTS"). For the purpose of improving the service, the operator of the 2000KCAL website may place codes of the LTS on some of its pages. The 2000KCAL website does not collect any data other than that set out in this Policy, but the LTS may - in accordance with their respective terms and conditions and privacy policies - obtain more comprehensive data about that user through association with their Google Account. The terms and conditions and privacy policies of the LTS are subject to change and 2000KCAL users are encouraged to review them regularly. If the user does not agree with the terms and conditions and privacy policy of the LTS, he should not use the 2000KCAL service.

Cookies

1. GENERAL INFORMATION

Our Cookie Policy is governed by the principles of limitation and data minimization. We use first-party cookies which are necessary for the provision of Service and maximizing User comfort.

2. REGISTERED USERS

Registered Users express their consent with Our Privacy Policy by ticking the relevant check box during the registration process. The following cookies are stored on the computer of a registered User:

  1. Operational Cookies
    • id: PHP language cookie that is general purpose identifier used to maintain user session variables and is necessary for functioning of the Services; it is deleted upon closing of the relevant browser window.
    • lang: Automatically saves the default language settings; and fulfills additional security function; deleted within 1 month unless renewed.
  2. User Preference Cookies
    • lang: Saves your language preference if you change it (so that the Site does not keep asking you over and over again); and fulfills additional security function; deleted within 1 month unless renewed.
    • remember_me: Saves your sign-in preferences; deleted within 1 month unless renewed.
    • random_password: Saves a random code which fulfills additional security purposes for registered Users; deleted within 1 month unless renewed.

3. NON-REGISTERED USERS

The following cookies are stored on the computer of a non-registered User:

  1. Operational Cookies
    • id: PHP language cookie that is general purpose identifier used to maintain user session variables and is necessary for functioning of the Services; it is deleted upon closing of the relevant browser window.
    • lang: Automatically saves the default language settings; and fulfills additional security function; deleted within 1 month unless renewed.
  2. User Preference Cookies
    • lang: Saves your language preference if you change it (so that the Site does not keep asking you over and over again); and fulfills additional security function; deleted within 1 month unless renewed.