Protection of personal data
Declaration on Personal Data Processing
Declaration on personal data processing pursuant to
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27
April 2016 on the protection of natural persons with regard to the processing
of personal data and on the free movement of such data, and repealing Directive
95/46/EC (General Data Protection Regulation) and instructions for data
subjects (hereinafter the “Regulation”)
1. Personal data controller
Dodat text...
2. Extent of personal data processing
Personal data are processed in the extent in which the relevant data
subject provided the same to the data controller in connection with concluding
a contractual or any other legal relationship with the data controller or that
the data controller otherwise collected and processes such data in compliance
with the applicable legal regulations or to fulfil the legal obligations of the
data controller.
3. Personal data sources:
·
Directly from the data subjects
·
Publicly accessible registers or
·
Lists, records and registers (such as the Companies Register,
Trade Register, Cadastral Register, public telephone directory, etc.)
4. Categories of personal data , that are subjects
of processing:
·
Address and identification data used for unambiguous and
unmistakable identification of the data subject (such as name, surname, title,
Identification No. (IČ) or Tax Identification No. (DIČ) and data enabling
contact with the data subject (contact data, such as business name, contact
address, telephone number, e-mail address and other similar information);
·
Descriptive data (for example bank data or date); and
·
Other data necessary for the performance of the agreement
5. Categories of data subjects:
·
Data controller’s client
·
Service provider or
·
Any other person that has a contractual relationship with the
data controller
6. Categories of personal data recipients:
·
Processor or
·
State and other authorities when performing legal obligations set
forth by the applicable legal regulations
7. Purpose of personal data processing
·
Purposes contained within the framework of the data subject’s
consent
·
Negotiations on the contractual relationship
·
Performance of the agreement
·
Protection of the rights of the data controller, recipient or
other relevant persons (for example collection of the data controller’s claims)
·
Archiving by law;
·
Fulfilment of legal obligations by the data controller and
·
Protection of vitally important interests of the data subject
8. Method of personal data processing and protection
Personal data are processed by the data controller. The data
are processed in the data controller’s establishments and branches and in its
registered office by the data controller’s authorized employees or by the
processor. The data are processed using computer technology or manually in case
of personal data in the documentary form subject to fulfilling all security
principles for personal data administration and processing. For such purpose,
the data controller took technical and organizational measures to protect
personal data, in particular those preventing unauthorized or accidental access
to personal data, change, destruction or loss thereof, unauthorized
transmission, unauthorized processing as well as any other misuse of personal
data. All subjects to which personal data may be made available respect the
data subjects’ rights to protection of privacy and are obliged to act in
compliance with the applicable legal regulations concerning the personal data
protection.
9. Period of personal data processing
In compliance with the deadlines set out in the relevant
agreements, in the data controller’s filing and shredding rules or in the
applicable legal regulations, it is a period necessary to ensure rights and
obligations arising both from an obligatory relationship and from
the applicable legal regulations.
10. Instructions
·
The data controller processes data with the data subject’s
consent, save for the events set forth by law where the personal data
processing need not be approved by the data subject.
·
The data controller hereby informs in compliance with the
provisions of Article 13 of the Regulation that:
·
the data subject’s personal data will be processed on the basis
of his/her free consent under the above-mentioned conditions;
·
the reason for providing the data subject’s personal data is the
data subject’s interest in sending information and invitations or business
offers and bids concerning organized events connected with the data
controller’s activities, which would be impossible without providing such data;
·
the data controller did not appoint a data protection officer,
did not authorize any processor to process personal data and did not appoint a
representative for fulfilling the obligations within the meaning of the
Regulation;
·
the data controller does not wish to provide personal data to a
data subject to any third country, to any international organization or to any
third parties other than those mentioned above; and
·
the data subject is entitled to revoke his/her consent with
personal data processing at any time, to request access to his/her personal
data from the data controller, correction or deletion of such data or
restriction of the processing, and to raise an objection against
the processing, has the right to transferability of such data to any other data
controller as well as the right to lodge a complaint with the Personal Data
Protection Authority, if
the data subject believes that the data controller processes personal data in
conflict with the Regulation.
Protection of personal data
Declaration on Personal Data Processing
Declaration on personal data processing pursuant to
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27
April 2016 on the protection of natural persons with regard to the processing
of personal data and on the free movement of such data, and repealing Directive
95/46/EC (General Data Protection Regulation) and instructions for data
subjects (hereinafter the “Regulation”)
1. Personal data controller
Dodat text...
2. Extent of personal data processing
Personal data are processed in the extent in which the relevant data
subject provided the same to the data controller in connection with concluding
a contractual or any other legal relationship with the data controller or that
the data controller otherwise collected and processes such data in compliance
with the applicable legal regulations or to fulfil the legal obligations of the
data controller.
3. Personal data sources:
· Directly from the data subjects
· Publicly accessible registers or
· Lists, records and registers (such as the Companies Register, Trade Register, Cadastral Register, public telephone directory, etc.)
4. Categories of personal data , that are subjects of processing:
· Address and identification data used for unambiguous and unmistakable identification of the data subject (such as name, surname, title, Identification No. (IČ) or Tax Identification No. (DIČ) and data enabling contact with the data subject (contact data, such as business name, contact address, telephone number, e-mail address and other similar information);
· Descriptive data (for example bank data or date); and
· Other data necessary for the performance of the agreement
5. Categories of data subjects:
· Data controller’s client
· Service provider or
· Any other person that has a contractual relationship with the data controller
6. Categories of personal data recipients:
· Processor or
· State and other authorities when performing legal obligations set forth by the applicable legal regulations
7. Purpose of personal data processing
· Purposes contained within the framework of the data subject’s consent
· Negotiations on the contractual relationship
· Performance of the agreement
· Protection of the rights of the data controller, recipient or other relevant persons (for example collection of the data controller’s claims)
· Archiving by law;
· Fulfilment of legal obligations by the data controller and
· Protection of vitally important interests of the data subject
8. Method of personal data processing and protection
Personal data are processed by the data controller. The data
are processed in the data controller’s establishments and branches and in its
registered office by the data controller’s authorized employees or by the
processor. The data are processed using computer technology or manually in case
of personal data in the documentary form subject to fulfilling all security
principles for personal data administration and processing. For such purpose,
the data controller took technical and organizational measures to protect
personal data, in particular those preventing unauthorized or accidental access
to personal data, change, destruction or loss thereof, unauthorized
transmission, unauthorized processing as well as any other misuse of personal
data. All subjects to which personal data may be made available respect the
data subjects’ rights to protection of privacy and are obliged to act in
compliance with the applicable legal regulations concerning the personal data
protection.
9. Period of personal data processing
In compliance with the deadlines set out in the relevant
agreements, in the data controller’s filing and shredding rules or in the
applicable legal regulations, it is a period necessary to ensure rights and
obligations arising both from an obligatory relationship and from
the applicable legal regulations.
10. Instructions
· The data controller processes data with the data subject’s consent, save for the events set forth by law where the personal data processing need not be approved by the data subject.
· The data controller hereby informs in compliance with the provisions of Article 13 of the Regulation that:
· the data subject’s personal data will be processed on the basis of his/her free consent under the above-mentioned conditions;
· the reason for providing the data subject’s personal data is the data subject’s interest in sending information and invitations or business offers and bids concerning organized events connected with the data controller’s activities, which would be impossible without providing such data;
· the data controller did not appoint a data protection officer, did not authorize any processor to process personal data and did not appoint a representative for fulfilling the obligations within the meaning of the Regulation;
· the data controller does not wish to provide personal data to a data subject to any third country, to any international organization or to any third parties other than those mentioned above; and
·
the data subject is entitled to revoke his/her consent with
personal data processing at any time, to request access to his/her personal
data from the data controller, correction or deletion of such data or
restriction of the processing, and to raise an objection against
the processing, has the right to transferability of such data to any other data
controller as well as the right to lodge a complaint with the Personal Data
Protection Authority, if
the data subject believes that the data controller processes personal data in
conflict with the Regulation.