The company Prabos plus a.s., with its registered office at Komenského 9, 763 21 Slavičín, ID: 26272857, hereinafter referred to as the "Administrator", is governed in particular by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons when processing personal data in connection with the processing of personal data and the free movement of such data and the repeal of Directive 95/46/EC (general regulation on the protection of personal data), (hereinafter only under the English abbreviation "GDPR") and Act No. 101/2000 Coll. on personal data protection, as amended.
Definition of terms
Data subject: an identified or identifiable natural person, i.e. e.g.:
an employee of the Administrator,
job applicant,
contracter,
supplier representative,
customer
natural person citizen
a natural person with an ID number
Personal data: all information about a natural person by which this person can be directly or indirectly identified, e.g. name, surname, date of birth, social security number, location data (address), network identifier (telephone, e-mail, social networks, etc.) .
Special category of personal data: a special element of the physical, physiological, genetic, psychological, economic, cultural or social identity of a natural person, i.e. personal data indicating national, racial or ethnic origin, political attitudes, membership of trade unions, religion and philosophical beliefs, criminal conviction, health status and sex life, biometric data that enables direct identification or authentication of the data subject.
Liability of Administrator
As the Controller, we are responsible for all processing of your personal data within the framework of the agenda used by us in the organization. We also process your requests (e.g. for correction, deletion, information about your personal data), objections, and provide you with information about how and why we handle your personal data.
Principles of personal data processing
When processing personal data, we comply with the highest standards of personal data protection and in particular adhere to the following principles:
a) we always process personal data for a clearly and comprehensibly specified purpose, by specified means, in a specified manner, and only for a period of time that is necessary due to the purposes of their processing; we process only accurate personal data and their processing corresponds to the stated purposes and is necessary for the fulfillment of these purposes;
b) personal data is protected in a manner that corresponds to the current development of technology; the highest available option for the security of this data is ensured, which prevents any unauthorized or accidental access to personal data, their alteration, destruction or loss, unauthorized transmission, their other unauthorized processing, as well as other misuse;
c) data subjects are informed about the processing of personal data and about the claims to accurate and complete information about the circumstances of this processing, as well as about other related rights;
d) as Administrator, we observe appropriate technical and organizational measures.
Information on the processing of personal data
The administrator processes personal data mainly for the purpose of:
fulfillment of obligations established by law, when acting in the position of Personal Data Manager;
fulfillment of contractual obligations when personal data have been transferred by data subjects;
fulfillment of contractual obligations when personal data have been transferred by the Administrator to the administrator of personal data of other parties and the Administrator acts as a processor;
for the fulfillment of contractual obligations when the data subject is a party to the contract;
protection of the rights and legitimate interests of the Administrator;
for business and marketing purposes, if consent has been given by data subjects or it is a legitimate interest of the Administrator in the case of clients and cooperating subjects of the Company.
Scope of processed personal data:
The administrator processes personal data to the extent necessary to fulfill the above objectives. In particular, the following personal data are processed:
a) name and surname; b) address; c) email address; d) telephone number; f) IP address and) IČh) and other personal data that the Administrator is obliged to manage on the basis of specific legal titles in individual cases of processed personal data.
The administrator does not process special categories of personal data unless there is a legal reason for their processing.
Method of personal data processing:
The manner in which the Controller processes personal data includes both manual and automated processing in the Controller's information systems. Personal data is primarily processed by the Administrator's employees and, to the extent necessary, also by third parties. Before any transfer of personal data to a third party, a contract is concluded with this person, which contains the same guarantees for the processing of personal data that the Administrator observes in accordance with its legal obligations.
The administrator has taken technical and organizational measures to ensure the protection of personal data, in particular measures to prevent unauthorized or accidental access to personal data, their alteration, destruction or loss, unauthorized transfers, their unauthorized processing, as well as other misuse of personal data.
Recipients of personal data
Personal data is made available in particular to employees of the Administrator in connection with the performance of their work duties, during which it is necessary to handle personal data, but only to the extent that is necessary in each case while observing all security measures. Personal data may be given to third parties who participate in the processing of personal data, or these personal data may be made available to them for another reason in accordance with the law. Before any transfer of personal data to a third party, a written contract is always concluded with this person, which regulates the processing of personal data in such a way that it contains the same guarantees for the processing of personal data that the Controller himself observes in accordance with his legal obligations.
In accordance with the relevant legal regulations, the Administrator is authorized or directly obliged to transfer your personal data primarily:
a) to the relevant state administration bodies, courts and authorities in criminal proceedings for the purpose of fulfilling their duties and for the purpose of enforcing decisions;
b) payment service providers, if this is necessary for the prevention, investigation or detection of fraud in the field of payment;
c) to state administration entities and other public authorities for the purpose of fulfilling legal obligations;
d) to other persons within the scope established by legal regulations, for example third parties for the purposes of debt collection;
e) possibly to entities providing the Administrator with services on the basis of outsourcing and acting as a processor of personal data.
Transfer of personal data abroad
Personal data is processed on the territory of the Czech Republic, it does not transfer personal data of clients to countries outside the European Union.
Time of personal data processing
Personal data is processed by the Administrator only for the time necessary for the purposes of their processing. The personal data retention period results from the individual legal titles and regulations on the basis of which the Administrator processes personal data, and the retention period is also in accordance with the Administrator's file, archiving and shredding regulations.
Cookies
We only store cookies on your computer, phone or tablet if you give us your consent. If you continue to browse our site after the cookies pop-up bar appears on the home page, you give your consent to cookies being stored on your computer, phone or tablet.
Rights of the data subject
1. Right to information
It is your right to ask the Administrator for information about what personal data and to what extent and for what purpose we process about you. We will provide you with this information in accordance with the principles of the General Regulation, and in exceptional situations within 90 days at the latest. We will inform you in time about the extension of the deadline in exceptional cases. If you request the communication of the information we record about you, we will first need to verify that you are indeed the person to whom this information belongs. Please provide sufficient identification of your person in your application. If necessary, we have the right to request additional information for your identification before we provide you with the personal data that we process about you.
We then have the right to reject requests for information that are unreasonable, unreasonably repeated, or require unreasonable effort to obtain them, or would be difficult to obtain (typically from backup systems, archives, etc.).
2. Update of data, right to correction
Since personal data can change over time (for example, a change of Surname), we would be happy if you inform us that there has been a change, so that we have your personal data up-to-date and avoid possible mistakes. The submission of information on the change of data is absolutely necessary for us to properly perform our work as an Administrator.
Related to this is your right to correct the personal data we record about you. If you find that our data is no longer up-to-date, you have the right to request its correction.
3. Objections
If you believe that we are not processing your personal data in accordance with the applicable legislation of the Czech Republic and the Union, you have the right to raise an objection and we will subsequently check the legitimacy of your request. We inform you that you also have the right to object to the processed personal data that we process about you to the relevant supervisory authority for the Protection of Personal Data at the address:
Office for the Protection of Personal Data Lt. Col. Sochora 27170 00 Prague 7
4. Right to erasure
If you have ever given us consent to the processing of your personal data, you have the right to revoke it at any time and we are obliged to delete the data that we process solely on the basis of your consent. The right to erasure does not apply to processed data within the framework of the obligation to fulfill the contract, legal reasons, or legitimate interests. If some of your data is stored in backup systems that automatically ensure the resilience of all our systems and perform the function of data loss protection in case of accidents, it is not within our power to delete this data even from the backup systems, and often it is not even technically feasible. However, this data is no longer actively processed and will not be used for further processing purposes.
5. Right to restriction of processing
This right means that you have the right to object to the processing of your personal data in the event that you discover or believe that your personal data is being processed in violation of applicable legislation or that the processing could jeopardize his rights and freedoms. Cases in which this may occur are:
Right to rectification – you deny the correctness of your personal data. As long as we, as the data controller, verify the accuracy and correctness of your personal data, you have the right to ask us to restrict the use of such inaccurate data.
The processing of personal data is illegal, but you do not request their deletion, but only request the restriction of the processing of this data.
We, as the administrator, no longer need the personal data for processing purposes (and we should delete them in this way), but you require them for the purpose of determining, exercising or defending legal claims. You object to the processing. During the period when it will be verified whether the interests of us, as the administrator, or you, as the data subject of the subject, prevail, it is necessary to limit the processing of this data.
6. Right to portability of personal data
1. You, as a data subject, have the right to receive personal data concerning you, which you have provided to the administrator, in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another administrator without the administrator to whom it was provided personal data provided, defended, in the event that: processing is based on consent pursuant to Article 6 paragraph 1 letter a) or Article 9 paragraph 2 letter a) or on the contract according to Article 6 paragraph 1 letter b); and the processing is done automatically.
2. When exercising your right to data portability according to paragraph 1, you, as a data subject, have the right to have personal data transferred directly from one administrator to another administrator, if this is technically feasible.
3. The exercise of the right referred to in paragraph 1 of this article does not affect article 17. This right does not apply to the processing necessary for the fulfillment of a task carried out in the public interest or in the exercise of public authority with which the administrator is entrusted.
4. The right referred to in paragraph 1 must not adversely affect the rights and freedoms of other persons.
7. The right not to be a participant in automatic decision-making
This right ensures you, as a data subject, that you will not be the subject of a decision based solely on automated processing, including profiling, which has legal effects for you or significantly affects you in a similar way. Others with https://translate.google.cz/contribute hunts, it is about ensuring that legal effects are not decided by automated procedures without human intervention, except for possible exceptions.
Automated decision-making is permitted where it is necessary for the conclusion or performance of a contract between you and the administrator, if permitted by EU or member state law, or if based on your express consent.
Where can you turn?
You can contact the administrator's office with your questions about personal data protection:
Prabos plus a.s. Komenského 9763 21 Slavičín
