We are original - Bohemia Crystal™

e.g. discount promotion

GDPR

Processing of personal data
Crystalex CZ, s.r.o.,
Masarykovo nábřeží 236/30, 110 00 Prague 1, Nové Město, ID No. 28542673,
company registered in the Commercial Register at the Municipal Court in Prague, section c, insert 149125

  1. Personal data controller
  2. Scope of processing of personal data
  3. Sources of personal data
  4. Categories of personal data subject to processing
  5. Categories of data subjects
  6. Categories of recipients of personal data
  7. Purpose of processing personal data
  8. Method of processing and protection of personal data
  9. Period of processing of personal data
  10. Notice

1. PERSONAL DATA CONTROLLER
Crystalex CZ, s.r.o., with registered office at Masarykovo nábřeží 236/30, 110 00 Prague 1, Nové Město, registered in the Commercial Register kept at the Municipal Court in Prague C 149125, ID No.: 28542673,
tel. +420 487 741 111, email: info@crystalex.cz, (hereinafter referred to as the “Controller”) hereby informs you about the processing of your personal data and your rights in accordance with Article 12 of the GDPR.

2. SCOPE OF PROCESSING OF PERSONAL DATA
Personal data is processed to the extent that the relevant data subject has provided it to the controller in connection with the conclusion of a contractual or other legal relationship with the controller, or which the controller has otherwise collected and processes in accordance with applicable law or to fulfil the controller’s legal obligations.

3. SOURCES OF PERSONAL DATA:

  • directly from data subjects
  • wholesale / e-shop
  • distributor
  • publicly accessible registers,
  • lists and records (e.g. commercial register, trade register, land register, public telephone directory, etc.)

4. THE CATEGORIES OF PERSONAL DATA SUBJECT TO PROCESSING:

  • address and identification data serving to uniquely and unmistakably identify the data subject (e.g. name, surname, title, birth number, date of birth, permanent address, identity document number, gender, ID number, VAT number) and data enabling contact with the data subject (contact data – e.g. contact address, telephone number, fax number, email address and other similar information)
  • descriptive data (e.g. bank connection, date)
  • other data necessary for the performance of the contract

5. CATEGORIES OF DATA SUBJECTS:

  • customer administrator
  • service provider
  • another person who has a contractual relationship with the controller

6. CATEGORIES OF RECIPIENTS OF PERSONAL DATA:

  • compiler
  • State i. authorities in the performance of their statutory obligations under the relevant legislation

7. PURPOSE OF PROCESSING PERSONAL DATA

  • the purposes contained in the data subject’s consent
  • negotiation of the contractual relationship
  • performance of the contract
  • protection of the rights of the controller, the beneficiary or other persons concerned (e.g. recovery of claims by the controller)
  • archives maintained on the basis of the law
  • the fulfilment of legal obligations by the administrator
  • protection of the vital interests of the data subject

8. PROCESSING AND PROTECTION OF PERSONAL DATA
The processing of personal data is carried out by the controller. The processing is carried out at the controller’s premises, branches and headquarters by individual authorised employees of the controller or by the processor. The processing is carried out by means of computer technology or, where applicable, manually for personal data in paper form, in compliance with all security principles for the management and processing of personal data. To this end, the controller has adopted technical and organisational measures to ensure the protection of personal data, in particular measures to prevent unauthorised or accidental access to, alteration, destruction or loss of personal data, unauthorised transfers, unauthorised processing and other misuse of personal data. All entities to which personal data may be disclosed shall respect the right of data subjects to privacy and shall comply with applicable data protection laws.

9. PERIOD OF PROCESSING OF PERSONAL DATA
In accordance with the time limits specified in the relevant contracts, in the administrator’s file and shredding regulations or in the relevant legal regulations, this is the time necessary to ensure the rights and obligations arising from both the contractual relationship and the relevant legal regulations.

10. NOTICE
The controller processes data with the consent of the data subject, except in cases provided for by law where the processing of personal data does not require the consent of the data subject.