On this website you will find information on how, when, why and what personal data are processed and how we protect them when communicating with our business partners.
Declaration on protection of personal data
for business partners
Personal data controller
TES s.r.o., registered office at Pražská 597, 674 01 Třebíč, ID no.:45477973, e-mail: email@example.com, incorporated in the Companies Register kept by the Regional Court in Brno, section C, file 4884, (further only as the Controller“) hereby informs you, in compliance with regulation no.: 12 of the European parliament and Council (EU) 2016/679 about protection of personal data of physical persons in relation to processing of personal data and free movement of such data (further only as „GDPR“), about processing of Your personal data and Your rights.
Scope of personal data processing
Personal data are processed in the scope as provided by subject to the Controller, in connection with conclusion of a contractual or other legal relationship or cooperation with the Controller and are handled in compliance with valid legal regulations or in order to fulfil legitimate requirements of the Controller.
Personal data sources
- Directly from data subjects (visiting cards, e-mails, other correspondence including contractual arrangement).
- Publicly available information from the registers, lists and evidences (e.g. trade register, trade licensing register, land and property register, publicly available telephone directory, website etc.).
Category of personal data, that are the subject-matter of processing
- Address and identification data which are needed to unambiguously identify subjects od data (eg. name, surname, title, university degree, company or partner, job position) and date enabling to contact the subject (address of workplace, tel. no., fax. no., e-mail address, etc.).
- Other data considered necessary for the performance of a contract.
Category of data subjects
- Customer – current or potential buyer.
- Supplier of products or services – current or potential.
- Third parties.
Category of recipients of the personal data
Only for internal use of the Controller.
Purpose of the processing of personal data
The personal data are processed to ensure effective communication when implementing business activities of the Controller and his business partners. Such purpose does not require a consent of data subject (employees of business partners) with the processing of personal data.
The legitimate interests of the Controller and third parties (article no. 6, paragraph 1, letter f) of the Regulation (mutual communication).
Means of the processing and protection of personal data
Personal data are processed by individual authorised employees of the Controller or Processor. Processing is carried out manually in electronic or paper-based form, further also in electronic information systems while respecting safety requirements for administration and processing of personal data. Processing personal data does not involve neither automated decision-making nor profiling. For this purpose the Controller implemented technical and organizational measures to ensure personal data protection against unlawful or accidental access, changes, destruction or loss, unlawful transfer, processing or other unauthorised misuse of personal data. All persons who are entitled in its working position (or within taken working responsibilities) come into contact with personal data are well trained and committed to obligation of confidentiality. They are also obliged to follow valid legal regulations relevant to the protection of personal data.
Period of the processing of personal data
The records of personal data of subjects are kept only for the period of time for no longer than is necessary for the purpose for which the data were originally collected. Outdated or ineffective records are deleted.
Rights of the Subject of personal data
A) The subject of personal data, in case she/he gave the consent with processing of personal data has the right to withdraw the consent at any time.
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
B) In compliance with article 12 of GDPR Regulation the Controller informs the subject at the subject´s request about rights for the access to personal data and the following information:
- Purpose of processing.
- Category of personal data concerned.
- Recipients of the Category of Recipients who will have an access to the personal data.
- Scheduled period for which the personal data will be kept.
- All available information about the source of personal data, unless they are not provided by the Subjects of personal data.
- Information whether the automated decision-making incl. profiling is performed.
C) Every data subject, who learns or assumes that the Controller or the processor performs processing of his personal data in contrary to the protection of private or personal life of the subject or the Law, especially if personal data are inaccurate with respect to the purpose of the processing, may:
- Ask the Controller for the explanation.
- Ask the Controller to eliminate unjustified status which may be in particular related to: blocking, rectification, adding information or erasure of personal data.
- If the request of the data subject according to article 1 is assumed as legible, the Controller will without undue delay remedy the unjustified status.
- If the Controller does not comply with the request of the data subject according to article 1, the subject has the right to contact the supervisory authority for protection of personal data directly which is the Office for Personal Data Protection.
- Procedure specified in the article does not preclude that the subject of data may contact and forward the claims to the supervisory authority directly.
Please, if you have questions concerning this Declaration on the protection of personal data or the way of collecting data of job applicants or relevant your comments, you are kindly asked to address them to: tel.: +420 568 838 421, firstname.lastname@example.org.
The Declaration is valid as of September 1, 2020