Smartplast
Contact us
AutoDesk
Contact
+420 725 764 813 olga@smartplast.cz
Company address
SMARTPLAST s.r.o.
B. Němcové 351
760 01 Zlín
Company ID: 28290330
VAT ID: CZ28290330
We are members of professional clusters
Plastikářšký klastr AUTOKLASTR

GDPR

GDPR

Domů / GDPR

RULES FOR PROTECTION AND PROCESSING OF PERSONAL DATA

According to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

These rules for the protection and processing of personal data (hereinafter referred to as the “Rules”) describe which personal data of natural persons, in particular customers (hereinafter referred to as the “Data Subject”), are processed in the activities of SMARTPLAST s.r.o., Company ID: 282 90 330, with its registered office in Zlín, B. Němcové 351, ZIP code 76001, entered in the Commercial Register kept by the Regional Court in Brno, Section C, Insert 58847 (hereinafter referred to as the “Administrator”).

This Policy sets out the types of personal data we collect and process when you use our services or enter into another contract with us, as well as how your personal data is used, shared and protected. It also explains the options you have in relation to your personal data and how you can contact us. We hereby inform you below about the processing of your personal data and your rights in accordance with Article 12 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR”).

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The administrator has appointed a personal data protection officer. The contact details of the officer are: Mgr. Olga Zetková, tel. 725 764 813, email: olga@smartplast.cz

PROCESSORS AND RECIPIENTS OF PERSONAL DATA

The Administrator is authorized to transfer personal data to entities with which it has concluded a personal data processing agreement and who will process personal data for the Administrator as its processors. Based on the above, the Administrator is authorized to transfer the personal data of the Data Subject to the following entities, or categories of entities:

  • JM daně s.r.o., ID no.: 25311093

The Data Subject’s personal data may be further transferred to the following recipients/categories of recipients:

  • The Administrator’s suppliers
  • The Administrator’s employees
  • persons in another contractual relationship with the Administrator (e.g. providers of marketing and advertising services)
  • financial institutions and insurance companies
  • state authorities within the framework of fulfilling the Administrator’s legal obligations set out in relevant legal regulations
  • the Administrator’s customers.

CATEGORIES OF PERSONAL DATA PROCESSED

The Administrator is authorized to process, in particular, the following personal data of the Data Subject:

  • address and identification data used for the unambiguous and unmistakable identification of the Data Subject (e.g. name, surname, title, date of birth, or birth registration number, permanent residence address, business address, delivery address, ID number, VAT number) and data enabling contact with the Data Subject (e.g. contact address, telephone number, fax number, e-mail address and other similar information)
  • descriptive data (e.g. bank details, payment or credit card information, order history)
  • images, photos and videos
  • account login information, including the name under which the Data Subject appears on the Internet, password and unique user ID
  • data provided beyond the scope of applicable laws processed within the framework of the consent granted by the Data Subject (e.g. use of personal data for the purpose of personnel procedures, use of personal data for the purpose of promotion, etc.)
  • personal settings (preferences), including settings in the area of ​​marketing and the use of cookies by the Data Subject
  • other data necessary for the performance of the contract
  • other personal data that the Data Subject provided to the Administrator.

PURPOSES AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

The Administrator processes the personal data of the Data Subject for the purposes of:

a) performance of the contract, based on Article 6(1)(b) of the GDPR,

b) compliance with the Administrator’s legal obligation set out in a generally binding legal regulation, based on Article 6(1)(c) of the GDPR (e.g. the Administrator’s obligation to keep accounting and tax documents),

c) determination, exercise or defence of legal claims of the Administrator, based on Article 6(1)(f) of the GDPR,

d) sending commercial communications, based on Article 6(1)(f) of the GDPR due to the existence of the Controller’s legitimate interest in direct marketing,

e) other marketing purposes of the Administrator related to the offer of products and services; sending information about organized events, products, services and other activities (e.g. by sending newsletters, telemarketing); contacting for the purpose of market research and marketing research; contacting for the purpose of sending Christmas and Easter or other holidays wishes and sending discount vouchers, gifts, etc., based on Article 6(1)(a) of the GDPR.

PERIOD OF PROCESSING PERSONAL DATA

Personal data will be processed only for the period necessary for the purpose of their processing. In view of the above:

  • for the purpose according to letter a) above, personal data will be processed until the termination of the obligations under the contract (this does not affect the possibility for the Administrator to subsequently process such personal data – to the extent necessary for the purpose according to letters b), c), d) and/or e) above
  • for the purpose referred to in letter b) above, personal data will be processed for the duration of the relevant legal obligation of the Controller
  • for the purpose under letter c) above, personal data will be processed until the 4th calendar year following the end of the warranty period under the contract (if a quality guarantee was agreed in the contract), but at least until the 5th calendar year following the termination of the obligations under the contract
  • in the event of the initiation and continuation of judicial, administrative or other proceedings in which the rights or obligations of the Controller in relation to the relevant Data Subject are addressed, the period of processing personal data for the purpose referred to in letter c) above shall not end before the end of such proceedings
  • for the purpose of sending commercial communications pursuant to letter d) above, personal data will be processed until the Data Subject expresses his/her disagreement with such processing
  • for the purposes referred to in letter e) above, personal data will be processed for the period for which the Data Subject has granted the Controller consent pursuant to the separately agreed consent to the processing of personal data. In this case, the Data Subject acknowledges that the Controller may contact him/her before the expiry of this period in order to renew his/her consent.

No later than the end of the calendar quarter following the expiry of the processing period above, the relevant personal data for which the purpose of their processing has ceased to exist will be destroyed (by destruction or in another manner that ensures that unauthorized persons cannot become aware of the personal data) or anonymized.

METHOD OF PROCESSING PERSONAL DATA

The processing of personal data is carried out by the Administrator. The processing is carried out at the Administrator’s registered office by individual authorized employees of the Administrator, or the Processor. The processing is carried out using computer technology, or also manually for personal data in paper form, in compliance with all security principles for the management and processing of personal data. For this purpose, the Administrator has adopted technical and organizational measures to ensure the protection of personal data, in particular measures to prevent unauthorized or accidental access to personal data, their alteration, destruction or loss, unauthorized transfers, their unauthorized processing, as well as other misuse of personal data. All entities to which personal data may be made available respect the right of Data Subjects to privacy and are obliged to proceed in accordance with applicable legal regulations regarding the protection of personal data. Automated individual decision-making or profiling based on the data provided will not be carried out. Personal data of Data Subjects will not be transferred to third countries (i.e. countries outside the EU and EEA).

INFORMATION PROVIDED TO DATA SUBJECTS UNDER GDPR

In connection with the processing of their personal data, Data Subjects have a number of rights, including the right to request from the Controller:

  • access to your personal data (under the conditions of Article 15 of the GDPR)
  • correction or deletion of personal data (under the conditions of Article 16 or Article 17 of the GDPR)
  • restriction of processing of personal data (under the conditions of Article 18 GDPR)
  • object to the processing of personal data (under the conditions of Article 21 of the GDPR)
  • the right to personal data portability (under the conditions of Article 20 GDPR)
  • the right to withdraw consent to the processing of personal data in writing or electronically to the address or email of the Administrator specified in these Rules.

If the Data Subject discovers or believes that his/her personal data are being processed in violation of the protection of the Data Subject’s private and personal life or in violation of legal regulations, he/she has the right to contact the Administrator with a request for explanation and/or rectification. The request must be submitted in writing by sending a letter or email to the Administrator’s contact details: Mgr. Olga Zetková, tel. 725 764 813, email olga@smartplast.cz.

If the Data Subject’s request is found to be justified, the Controller shall immediately remedy the situation. This does not affect the Data Subject’s right to contact the supervisory authority, the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, +420 234 665 555, www.uoou.cz.

Úřad pro ochranu osobních údajů, Pplk. Sochora 27, 170 00 Praha 7, Czech Republic, tel. +420 234 665 555, www.uoou.cz.

CONCLUSION

These Rules of the Controller shall apply to Data Subjects, unless otherwise agreed between the third party and the Controller. The Controller reserves the right to change these rules for the protection and processing of personal data in any way and at any time, and the current status will always be posted on the website http://www.smartplast.cz

Olga

Do you
need advice?

+420 725 764 813
Do you need to know more? Contact us.

    By submitting the form, you agree to the processing of personal data.

    Company address
    SMARTPLAST s.r.o.
    B. Němcové 351
    760 01 Zlín
    IČ: 28290330
    DIČ: CZ28290330
    Quick links
    We are members of professional clusters
    Plastikářšký klastr AUTOKLASTR