top of page

DECLARATION ON THE PROCESSING OF PERSONAL DATA

Declaration on the processing of personal data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the information of data subjects (hereinafter referred to as "GDPR")

1. Personal data controller SILENT - CZECH spol. s r. o. ID No.: 25354990, with registered office at Bynina 204, 757 01 Valašské Meziříčí, registered in the Commercial Register maintained by KOS Ostrava, Section C, Insert 9671, hereby informs you about the processing of your personal data and your rights in accordance with Article 12 of the GDPR.

2. Scope of processing of personal data.

Personal data are processed to the extent that the relevant data subject has provided them to the controller, in connection with the conclusion of a contractual or other legal relationship with the controller, or which the controller has otherwise collected and processes in accordance with applicable law or to fulfil the controller's legal obligations.

3. Sources of personal data

  • directly from data subjects (emails, telephone, website, web contact form, business cards, etc.)

  • publicly accessible registers, lists and records (e.g. commercial register, trade register, land register, etc.) for the purpose of creating accounting documents and checking the accuracy of information

4. Categories of personal data subject to processing

  • address and identification data used to uniquely and unmistakably identify the data subject (e.g. name, surname, title, birth number, date of birth, permanent address, ID number, VAT number) and data enabling contact with the data subject (contact data - e.g. contact address, telephone number, e-mail address and other similar information)

  • descriptive data (e.g. bank details)

  • other data necessary for the performance of the contract

  • data provided in excess of the applicable laws processed within the scope of the data subject's consent (processing of photographs, use of personal data for the purpose of personnel management, for the purpose of sending commercial communications or information messages, etc.)

5. Categories of data subjects

  • client of the administrator

  • an employee of the administrator

  • service provider

  • another person who is in a contractual relationship with the controller

  • jobseeker

6. Categories of recipients of personal data

The controller does not intend to transfer personal data to a third country outside the EU, the controller has the right to entrust the processing of personal data to a processor who has concluded a processing contract with the controller and provides sufficient guarantees for the protection of your personal data. Otherwise, data subjects will be informed of this transfer without reservation. The categories of recipients are therefore:

  • financial institutions

  • public constitutions

  • compiler

  • State i. authorities within the framework of the fulfilment of legal obligations set out in the relevant legislation

7. Purpose of processing personal data

  • the purposes contained in the data subject's consent

  • negotiation of the contractual relationship

  • performance of the contract

  • protection of the rights of the controller, the recipient or other persons concerned

  • archives maintained on the basis of the law

  • selection procedures for advertised positions

  • the fulfilment of legal obligations by the administrator

  • protection of the vital interests of the data subject

  • transmission of commercial communications or other information in the case of legitimate interests of the controller

8. Method of processing and protection of personal data

The processing of personal data is carried out by the controller. The processing is carried out at the controller's premises, branches and headquarters by individual authorised employees of the controller or by the processor. The processing takes place in compliance with all security principles for the management and processing of personal data. To this end, the controller has taken technical, organisational and legal measures to ensure the protection of personal data, in particular measures to prevent unauthorised or accidental access to, alteration, destruction or loss of personal data, unauthorised transfers, unauthorised processing and other misuse of personal data. All entities to which personal data may be disclosed shall respect the right of data subjects to the protection of their privacy and freedoms and shall comply with applicable data protection legislation.

9. Duration of processing of personal data

In accordance with the time limits set out in the relevant contracts and consents, the time limits prescribed for disposal in the case of legitimate interests of the controller or a third party, and the relevant legislation, this is the time necessary to ensure the rights and obligations arising from both the contractual relationship and the relevant legislation.

10. Lessons learned

The controller processes data with the consent of the data subject, except in cases provided for by law where the processing of personal data does not require the consent of the data subject, i.e. where there is another legal basis for the purpose of the processing. In accordance with Article 6(1) of the GDPR, the controller may process the following data without the data subject's consent:

  • the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of measures taken prior to the conclusion of the contract at the request of the data subject,

  • the processing is necessary for compliance with a legal obligation to which the controller is subject,

  • the processing is necessary to protect the vital interests of the data subject or another natural person,

  • the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller,

  • the processing is necessary for the purposes of the legitimate interests of the controller or third party concerned, except where those interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data.

11. Rights of data subjects

A. In accordance with Article 12 of the GDPR, the controller shall inform the data subject of the right of access to personal data and to the following information upon request:

  • the purpose of processing,

  • the category of personal data concerned,

  • the recipients or categories of recipients to whom the personal data have been or will be disclosed,

  • the planned period for which the personal data will be stored,

  • all available information about the source of the personal data,

  • if not obtained from the data subject, whether automated decision-making, including profiling, takes place.

The controller shall have the right to charge a reasonable fee for the provision of the information, not exceeding the costs necessary to provide the information, for the second and each additional copy within the administrative costs involved.

B. Any data subject who becomes aware or believes that the controller or processor is carrying out processing of his or her personal data which is contrary to the protection of the data subject's private and personal life or contrary to law, in particular where the personal data are inaccurate with regard to the purpose of the processing, may:

  • Ask the administrator for an explanation.

  • Require the administrator to remedy the condition thus created. In particular, this may involve blocking, rectifying, supplementing or erasing personal data.

  • If the data subject's request under paragraph A. is found to be justified, the controller shall rectify the defective condition without delay.

  • If the controller does not comply with the data subject's request pursuant to paragraph A., the data subject shall have the right to apply directly to the supervisory authority, i.e. the Office for Personal Data Protection.

  • The procedure in paragraph A. shall not preclude the data subject from bringing his or her complaint directly to the supervisory authority.

C. The data subject has the right to withdraw the consent to the processing of personal data that he or she has previously given to the data controller.

D. The rights of data subjects are therefore: to exercise the right to rectification, erasure, forgetting, restriction of processing. Furthermore, the right to data portability if technically or organisationally feasible.

bottom of page