Information on the processing of personal data

This information on the processing of personal data pursuant to Act No. 110/2019 Coll. is provided by CONTACTA PARTNERS s.r.o., Opletalova 1535/4, 110 00 Prague 1 - Nové Město, ID No.: 05799589, VAT No.: CZ05799589, registered with the Municipal Court in Prague under file No. C 270951 (hereinafter referred to as the "Data Controller"), info@contacta.cz.

1. Explanation of terms:
   1. Personal data are data leading to the identification of a natural person, in particular: name and surname, home address, e-mail address, telephone number, training and education, CVs, enquiries sent via the website, e-mail communication, cookies.
   2. The Data Controller (the company CONTACTA PARTNERS s.r.o. mentioned above) is the entity that determines the purpose and means of processing personal data, carries out the processing and is responsible for it. The Data Controller may authorise or entrust the processing of personal data to a processor, unless a specific law provides otherwise.
   3. A Processor is any entity that, on the basis of a special law or on the authority of the data controller, processes personal data pursuant to the Act and the Regulation, on the basis of a contract concluded for the processing of personal data, on the basis of the consent of the data subject, or for the performance of contractual obligations and other purposes specified by law.
   4. The Database is an internal list of data on natural persons and their personal data, maintained by the Data Controller.
   5. Profiling is any form of automated processing of personal data consisting in using it to evaluate certain personal aspects relating to an individual, in particular to analyse or estimate aspects relating to their work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
   6. Cookies are small amounts of data that a WWW server sends to a browser, which stores them on the user's computer. The browser then sends this data back to the server each time the same server is visited again. Cookies are commonly used to distinguish individual users, store user preferences, etc.
   7. The Data Protection Officer is a professionally qualified representative of the Data Controller who oversees the transparency and lawful processing of personal data by the Data Controller, as well as ensuring the integrity of the data - its backup and security.
2. Processing principles
   1. Personal data is processed in a fair, lawful and transparent manner for specific explicit purposes.
   2. Personal data is processed in a proportionate, relevant and limited manner in relation to the purpose for which it is processed.
   3. Measures are taken to ensure that personal data are accurate and, where necessary, kept up to date.
   4. Personal data is processed for the period of time necessary in relation to the specific purpose of the processing.
   5. The processing of personal data is secured in a manner adequate to the purpose of the processing, so as to ensure a level of security appropriate to any risks, including the implementation of sufficient organisational and technical measures so as to preserve integrity and confidentiality.
   6. We provide clear information about the processing of your personal data.
3. Categories, legal titles
   1. The categories of personal data we process include: contact, address, and descriptive data, education and certification data and experience, billing and contractual information.
   2. We process data about our clients, suppliers and other collaborating entities.
   3. In particular, we use the following legal titles for processing:
      • Performance of contractual relations.
      • Fulfillment of legal obligations.
      • Protection of legal claims and interests of the controller.
      • In exceptional cases, consent to the processing of personal data.
4. Transmission of personal data
   1. We endeavour to process your personal data only for as long as necessary and to the extent necessary, and the same applies to the transfer of personal data.
   2. We only pass on applicants' personal data to clients for whom we are recruiting for the positions in which you have expressed an interest. We only provide identification and contact details of our suppliers and customers to our external accountant. We have a contractual relationship with all companies.
   3. We will only disclose your personal data to public authorities in legitimate and necessary cases.
5. Methods of processing personal data
   1. The Data Controller processes personal data manually.
   2. There is no automated evaluation or profiling.
   3. Personal data may be disclosed to authorised employees of the Data Controller if necessary for the performance of the contractual relationship and if strictly necessary for the performance of their job duties.
   4. Personal data may be disclosed to processors with whom the Data Controller has a contract for the processing of personal data and, where applicable, to other persons in accordance with the law and EU Regulation.
6. Data protection and processing information
   1. The Data Controller obtains personal data from the subjects themselves, e.g. by personal handover, by e-mail, by form on the website, by telephone.
   2. The Data Controller informs the data subject when the provision of personal data is necessary for the performance of contractual relations or when it is voluntary.
   3. Personal data will be processed for the duration of the placement or for the duration of the contractual relationship, but for a maximum of 1 year after the end of such relationship.
   4. Personal data will continue to be processed in the form necessary to comply with the legal obligation to keep accounting documents for the period specified by legislation, but for a maximum of 12 months after the end of the legal obligation to process such data.
7. Purposes of processing
   1. The Data Controller processes Personal Data for the following purposes:
      • performance of the contractual relationship,
      • responding to and answering your enquiries,
      • fulfilling the controller's legal obligations (accounting, tax and archival),
      • the protection of the rights and legally protected interests of the Data Controller (legitimate interest)
8. Rights and obligations of the data subject
   1. The subject is obliged to provide only true and accurate personal data to the Data Controller.
   2. The subject is obliged to provide the Data Controller with verification of the data provided.
   3. The subject has the rights to request access to his/her personal data from the Data Controller.
   4. The subject has the right to have the personal data provided corrected.
   5. The subject has the right to have the personal data provided erased.
   6. The subject has the right to restrict the processing of personal data.
   7. If the subject's consent is required for the processing of personal data, the subject may withdraw it at any time, in accordance with the rules in 8.i
   8. The data subject (user) has the right to lodge a complaint with the supervisory authority if they believe that the processing of personal data by the Data Controller violates the legal regulations on personal data protection. You can lodge a complaint with the supervisory authority - the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.
   9. The subject may exercise their rights:
      • We will be pleased if you contact us so that we can resolve everything to our mutual satisfaction.
      • In person at the company's registered office during working hours: by telephone agreement, upon proof of identity.
      • By email: info@contacta.cz, from which consent was given, further verification may be required.
      • By post (signature must be officially certified).
9. Rights and obligations of the Data Controller
   1. The Data Controller has the right to verify the truthfulness and accuracy of the personal data provided.
   2. The Data Controller is obliged to provide the data subject with information on the scope and manner of the personal data provided, if the subject so requests. The Data Controller will do so without delay and within 30 working days at the latest.
   3. The Data Controller has the right to charge a fee in the event of repeated and unjustified requests.
   4. The Data Controller will provide the information in electronic form, unless the data subject requests otherwise.
10. Legitimate interest of the Data Controller - purposes
    1. The protection of the Data Controller's fundamental or other rights arises from general legal obligations, regulations and contracts, in particular in the context of various disputes, inspections, investigations and in relation to contractual partners. The duration of processing is determined by generally binding regulations, but no longer than 1 year after the end of the contractual relationship or the expiry of the period provided for by law.
    2. The recovery of claims is possible for the duration of the statutory limitation periods, but no longer than 5 years.
11. Consent to the processing of personal data
    1. The data subject consents to the processing of data whose purposes are not necessary by law or for the performance of a contractual relationship or the legitimate interests of the Data Controller.
    2. Consent is given by written form or by confirming an electronic version of the consent.
    3. The data subject may, pursuant to clause 8.i, withdraw this consent at any time.
    4. The purposes and processing of data provided on the basis of consent are set out on the consent form.
12. Cookies
    1. The Administrator uses only operational cookies on its website, which are necessary for the proper display and functioning of this website. Operational cookies are not used for analytical or marketing purposes. By browsing this website you agree to the use of the necessary operational cookies.
13. Validity
    1. The wording of the Information on the processing of personal data may be changed or supplemented by the Data Controller. If the natural person does not agree to the change, they have the right to request the erasure of their personal data without any penalty.
    2. This document takes effect on the date of publication on 15.3.2021