GDPR

Terms & Conditions and Privacy Policy

in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter „GDPR").

Dear data subject,

as the provision of services by our company involves the processing of personal data, we would like to inform you, as the data subject, about your rights and the conditions under which your personal data is processed. We assure you that the protection of your personal data is important to our company. The data you provide is treated as confidential, all our employees are bound by confidentiality, and we have implemented security measures in accordance with GDPR.

01

Definition of personal data

Personal data means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The controller processes only those personal data that are necessary to achieve the specific purpose of processing and to provide the controller's products and services. Personal data is always processed for a predefined and legitimate purpose.

02

Purpose of processing personal data

The purpose of processing your personal data is to provide you with quality service. This includes, in particular, the fulfilment of the controller's contractual and statutory obligations.

03

Legal basis for processing

Processing of personal data is necessary for the proper provision of the service on the basis of a service contract under Article 6(1)(b) of the GDPR.

Processing of personal data is necessary for compliance with the controller's legal obligations under Article 6(1)(c) of the GDPR. These are in particular:

  • Act No. 455/1991 Coll. on Trade Licensing;
  • Act No. 162/1995 Coll. on the Land Registry;
  • Act No. 182/1993 Coll. on Ownership of Apartments and Non-Residential Premises;
  • Act No. 395/2002 Coll. on Archives and Records, as amended;
  • implementing regulations of the above acts.
04

Categories of personal data processed

For the purpose of providing services properly, the controller processes mainly so-called ordinary personal data (for example name, surname, contact details, etc.).

05

Categories of recipients and third parties

Your personal data may be provided to the following categories of recipients:

Recipient in a third country or international organisation: none.

Recipient in a member state (EU and EEA):

  • Collaborators of the controller and persons in the controller's subcontracting chain to whom your personal data must be disclosed for the proper provision of the service.
  • External company providing IT service/maintenance (only by way of inspection).
  • Other persons to whom it is necessary to provide your personal data for the proper provision of the service.
06

Public authorities

Public authorities that process personal data on the basis of a special regulation or international treaty:

  • Intelligence services for the purpose of combating organised crime and terrorism;
  • Financial Intelligence Unit for the purpose of reporting unusual business operations;
  • Courts and law enforcement authorities;
  • Relevant statutory registers (e.g. the Commercial Register Collection of Documents);
  • Various state administration bodies in the case of a legal obligation to cooperate;
  • Local self-government bodies;
  • State and other supervisory authorities for inspection.
07

Transfer of personal data to a third country

No transfer takes place and none is intended.

08

Retention period of personal data

The client file is kept by the controller until the expiry of the retention period, which is 10 years.

09

Information on the rights of the data subject

In accordance with Articles 13 – 21 of the GDPR, you, as the data subject, have:

  • the right to request access to personal data concerning you (Article 15 GDPR);
  • the right to rectification of inaccurate or incomplete personal data (Article 16 GDPR);
  • the right to erasure of your personal data (Article 17 GDPR);
  • the right to restriction of processing (Article 18 GDPR);
  • the right to data portability (Article 20 GDPR);
  • the right to object to processing (Article 21 GDPR);
  • the right to lodge a complaint with the supervisory authority;
  • the right to withdraw consent to processing at any time.
10

Provision of personal data

Provision of personal data is a requirement necessary for us to provide you with quality service. Failure to provide your personal data will result in our inability to provide proper service.

11

Automated decision-making and profiling

The controller does not use automated individual decision-making or profiling when processing personal data for this purpose.

12

Source of processed personal data

The controller processes data provided or made available by the client to whom services are provided. During the identification process, the controller may also use personal data from publicly accessible sources.

Last updated: 2024