Protection of personal data
1. Introductory Provisions
1.1. This Personal Data Protection Policy is drawn up following Regulation No. 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation („General Data Protection Regulation”).
1.2. The aim of this Policy is to provide clients and potential clients („Clients”) of Kompenzo, s.r.o. , a company established and existing under the law of the Czech Republic, with its registered office at Letenská 121/8, 118 00 Prague 1, IČ 019 69 323, registered in the commercial register maintained by the Municipal Court in Prague, section C, file 213784 („Company”), on the collection and processing of personal data by the Company . .
1.3. The Company considers all personal data of the Client to be strictly confidential.
2.1. When processing personal data, the company is bound by the following principles in particular:
2.1.1. Personal data must be processed correctly and in a legal and transparent manner;
2.1.2. Personal data may only be collected for specific, explicitly stated and legitimate purposes and may not be further processed in a manner incompatible with these purposes;
2.1.3. ersonal data may only be processed to the extent necessary in relation to the purpose in question;
2.1.4. When processing personal data, it is necessary to take into account their accuracy;
2.1.5. Personal data may only be kept for the necessary time; and
2.1.6. Personal data must be processed under appropriate security.
3. Information for Clients
The Company provides Clients with the following information on the processing of personal data:
3.1. Personal data manager
3.1.1. The administrator, i.e., the one who collects and is responsible for the data, is the Company. The Company’s contact address is listed above; other contact details are given on the website www.kompenzo.com.
3.2. Commissioner for the protection of personal data
3.2.1. The personal data protection officer is Ing. M.Sc. David Hanel, e-mail: firstname.lastname@example.org.
3.3. Processing purposes and their legal basis
3.3.1. The company processes personal data for the purpose of providing consulting and mediation services to Clients, i.e., mainly for the purpose of fulfilling the contract and based on the Client’s consent, also for marketing purposes. The Client is entitled to withdraw express consent at any time.
3.3.2. The Company processes personal data in order to be able to realistically fulfill its contractual obligations towards the Clients – this is the identification and contact data of the Client, such as the name and surname, date of birth, residential address, e-mail or telephone number, or the number of the Client’s bank account. Marginally and only on the basis of the express
consent of the Client, the Company also processes personal data for marketing purposes.
3.4. Obligation to provide personal data
3.4.1. The company may not enter into a contractual relationship with any person who refuses to provide personal data to the extent required by law.
If the Client refuses to disclose the data in question, the Company may not enter into any contractual relationship with him or is forced to terminate the existing contractual relationship with him.
3.4.2. The Client is not obliged to grant the Company consent to the processing of personal data for marketing purposes. If the Client refuses to grant this consent, failure to grant consent will have no effect on the formation and duration of the contractual obligation.
3.5. Archiving period
3.5.1. The Company archives the Clients’ personal data for such a period as is necessary in view of the purpose for which it was obtained. The Company is obliged to keep the Client’s documentation and file for a period of five (5) years from the termination of the purpose of processing the Client’s personal data.
3.6. Categories of recipients of personal data
3.6.1. Personal data is primarily processed directly by the Company. In some cases, the Client’s personal data may be provided for the purpose of a contract for the provision of consulting and intermediary services related to the recovery of compensation for damage to the Client’s health to other beneficiaries. Such a recipient can then be a law firm, an expert or a translator. The company discloses personal data to other recipients only to the extent necessary.
3.7. Transfer of personal data to third countries
3.7.1. The company does not anticipate any primary transfer of personal data to countries outside the European Union.
3.7.2. In the case of exceptional transfer of personal data to countries outside the European Union, the Company uses the model contractual clauses of the European Commission.
4. Rights of Clients
4.1. The primary holder of personal data is always the Client and as such has the rights to his personal data listed below and specified in more detail in the General Regulation on the Protection of Personal Data.
4.2. Right of access to personal data
4.2.1. The Client has the right to obtain confirmation from the Company as to whether it is processing his personal data and the right to obtain access to this data and information about it.
4.3. Right to correction or addition
4.3.1. The client can request correction or addition of his personal data. The Company is obliged to comply with the Client in justified cases.
4.4. Right to erasure
4.4.1. The Client has the right to ask the Company to delete his personal data if any of the legal reasons for deletion are given.
4.5. Right to restriction of processing
4.5.1. In case of uncertainty regarding the accuracy or legality of the processing of personal data, the Client may request that the Company temporarily limit the processing of his personal data.
4.6. Right to data portability
4.6.1. If the legal prerequisites are met, the Client has the right to request his personal data from the Company in a machine-readable format and the right to request the transfer of this data to another administrator.
4.7. The right to object
4.7.1. The Client has the right, for reasons relating to his specific situation (and in the case of direct marketing at any time), to object to the processing of his personal
data by the Company. Unless there are serious legitimate reasons for processing, the Company does not further process the Client’s personal data in question. The authorized employee of the Company, Zuzanna-Mathilda Kuboň Issa, email: email@example.com.
4.8. The right to file a complaint
4.8.1. Every Client has the right to file a complaint with a supervisory authority in the European Union if he believes that the processing of his personal data violates the Personal Data Protection Act and/or the General Regulation on Personal Data Protection. The supervisory authority in the Czech Republic is the Office for the Protection of Personal Data, with headquarters in Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.
5. Final Provisions
5.1. The company is entitled to unilaterally change the Personal Data Protection Policy at any time.