stin
logo
English
Čeština Čeština Deutsch Deutsch

GDPR

Information on personal data protection for customers and business partners

The General Data Protection Regulation is a complete set of rules governing data protection in the EU. The aim is to protect the rights of EU citizens as much as possible against unauthorized use of their personal data and information and to give them greater control over everything that happens to their data. The GDPR applies to anyone who gathers or processes personal data. It took effect across the entire EU on 25 May 2018. In the Czech Republic it superseded the previous legislation on personal data protection in the form of Act No. 101/2000 Coll., on personal data protection.

KOVÁRNA a.s. (“the Company”) processes personal data in accordance with the GDPR. All processing of personal data is done solely for a predefined purpose and on the relevant legal grounds. The Company makes sure it respects the basic principles of legality, transparency, restriction to a particular purpose, minimization of data, accuracy, restricted storage, integrity, confidentiality and responsibility of the administrator. Personal data processing rules are laid down in the Company’s internal regulations. In the case of the Company’s customers and suppliers, the following personal data are processed: name and surname, or business name; employment position; registered office; ID number; tax number; e-mail address; telephone number; and possibly video footage from the camera system in the event of visits to the manufacturing facility.

The legal grounds for processing the personal data of the Company’s suppliers and customers are within the meaning of Article 6 of the Regulation:

  • performance of contracts;
  • the administrator’s legitimate interests;
  • fulfilling the administrator’s legal obligations.

Every citizen (“data subject”) has the right to access the personal data that applies to him – he may file a request for information whether and to what extent his personal data are processed in the Company. The Company will provide him with a copy of the personal data processing.

Every data subject also has the right to the erasure of data he provided to the Company on the basis of consent to personal data processing, the right to have the personal data concerning him rectified, and the right to object, i.e. to restrict the processing of data he provided to the Company on the basis of consent to personal data processing. These rights are dealt with at the data subject’s written request and after the data subject’s identification data are verified to prevent unauthorized access to his data. This request may be filed at the Company’s place of business: Za Škodovkou 893, Hradec Králové, post code 50004.

If the data subject suspects that his personal data are not being used in accordance with the applicable legislation, he has the right to notify the Company’s representative at the above address. If the situation is not remedied even after he has done so, the data subject is entitled to file a complaint with the supervisory authority, which is the Office for Personal Data Protection.