Processing of personal data Egermann
Crystalex CZ, s.r.o.,
Masarykovo nábřeží 236/30, 110 00 Prague 1, Nové Město, ID No. 28542673,
a company registered in the Commercial Register at the Municipal Court in Prague, section c, insert 149125
- Controller of the personal data
- Scope of personal data processing
- Sources of personal data
- Categories of personal data subject to processing
- Categories of data subjects
- Categories of recipients of personal data
- Purpose of the processing of personal data
- Method of processing and protection of personal data
- Period of processing personal data
- Instructions
1. CONTROLLER OF THE PERSONAL DATA
Crystalex CZ, s.r.o., with its registered office at Masarykovo nábřeží 236/30, 110 00 Prague 1, Nové Město, registered in the Commercial Register kept at the Municipal Court in Prague C 149125, ID No.: 28542673,
tel. +420 487 741 111, email: info@egermannglass.com, (hereinafter referred to as the “Controller”) hereby informs you about the processing of your personal data and your rights in accordance with Article 12 of the GDPR.
2. SCOPE OF PERSONAL DATA PROCESSING
Personal data are processed to the extent that the respective data subject has provided them to the controller, in connection with the conclusion of a contractual or other legal relationship with the controller, or which the controller has otherwise collected and processes in accordance with applicable law or to fulfil the controller’s legal obligations.
3. SOURCES OF PERSONAL DATA
– directly from data subjects
– wholesale / e-shop
– distributor
– publicly accessible registers,
– lists and records (e.g. commercial register, trade register, land registry, public telephone directory, etc.)
4. CATEGORIES OF PERSONAL DATA SUBJECT TO PROCESSING
address and identification data serving to uniquely and unmistakably identify the data subject (e.g. name, surname, title, birth number, date of birth, permanent address, identity document number, gender, ID number, VAT number) and data enabling contact with the data subject (contact data – e.g. contact address, telephone number, fax number, email address and other similar information)
– descriptive data (e.g. bank details, date)
– other data necessary for the performance of the contract
5. CATEGORIES OF DATA SUBJECTS
– customer of the controller
– service provider
– another person who has a contractual relationship with the controller
6. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
– processor
– state etc. authorities in the performance of their statutory obligations under the relevant legislation
7. PURPOSE OF THE PROCESSING OF PERSONAL DATA
– the purposes contained in the data subject’s consent
– the negotiation of a contractual relationship
– performance of the contract
– protection of the rights of the controller, the recipient or other persons concerned (e.g. recovery of claims by the controller)
– archiving conducted on the basis of the law
– the fulfilment of legal obligations by the controller
– protection of the vital interests of the data subject
8. METHOD OF PROCESSING AND PROTECTION OF PERSONAL DATA
The processing of personal data is carried out by the controller. The processing is carried out at the controller’s premises, branches and headquarters by individual authorised employees of the controller or by the processor. The processing is carried out by means of computer technology or, where applicable, manually for personal data in paper form, in compliance with all security principles for the management and processing of personal data. To this end, the controller has adopted technical and organisational measures to ensure the protection of personal data, in particular measures to prevent unauthorised or accidental access to, alteration, destruction or loss of personal data, unauthorised transfers, unauthorised processing and other misuse of personal data. All entities to which personal data may be disclosed shall respect the right of privacy of data subjects and shall comply with applicable data protection legislation.
9. PERIOD OF PROCESSING PERSONAL DATA
In accordance with the time limits set out in the relevant contracts, in the controller’s filing and shredding system or in the relevant legislation, this is the time necessary to ensure the rights and obligations arising from both the contractual relationship and the relevant legislation.
10. INSTRUCTIONS
The controller shall process data with the consent of the data subject, except in cases provided for by law where the processing of personal data does not require the consent of the data subject.