JDK, spol. s r.o.,
Company ID No.: 18621066,
with its registered office at Pražská 2161/25, 288 02 Nymburk
PERSONAL DATA PROCESSING POLICY
Dear Business Partners and Visitors,
The goal of this Policy is to inform you how JDK, spol. s r.o. (“JDK”) collects, processes, uses and transfers your personal data (hereinafter collectively “personal data processing”).
Personal data means information that relates to a specific person who can be identified on the basis of this information or in combination with other information.
The most common examples of personal data that are processed by JDK as part of its everyday business activities are the identification data (especially name and surname, position) and contact details (especially e-mail address and telephone) of business partners (individuals), or representatives, employees, associates or members of the statutory bodies of business partners (legal entities) (hereinafter collectively “business partners”) and also records on the visitors of JDK.
|Who is the controller of your personal data?|
|What personal data are processed by JDK and for what purpose?|
|From what sources does JDK obtain your personal data?|
|Does JDK share your personal data with other parties?|
|Does JDK transfer personal data to countries outside the EEA?|
|How are your personal data secured?|
|How long will JDK keep your personal data?|
|What are your rights related to personal data processing?|
|Questions and contacts|
|Changes to this Policy|
Who is the controller of your personal data?
The controller of your data is JDK, spol. s r.o., Company ID No.: 18621066, with its registered office at Pražská 2161/25, 288 02 Nymburk, registered in the Companies Register of the Municipal Court in Prague, Ref. No. C 2158.
JDK determines how and for what purpose your personal will be processed. You will find JDK’s contact details in the section "Questions and Contacts" below.
JDK and other related companies from the JDK group are hereinafter referred to collectively as the "JDK Group".
What personal data are processed by JDK and for what purpose?
The table below shows what personal data, for what reason and for what purpose are processed by JDK about its business partners.
a) Business partners
|Purpose of processing||Legal basis for processing|
Basic identification and contact details:
Data for marketing purposes:
b) Visitors to JDK
|Purpose of processing||Legal basis for processing|
Identification data (especially your name, surname, job position, company and purpose of visit).
Security data (control of access to JDK’s facilities, data from the company’s surveillance and access system).
Detailed information on the surveillance system is attached in Appendix No. 1.
From what sources does JDK obtain your personal data?
JDK obtains personal data, which it subsequently processes, directly from its business partners or from publicly available sources (e.g. the Commercial Register or ARES (Administrative Register of Economic Entities)), from visits of business partners and other parties directly at JDK or within the JDK Group.
Does JDK share your personal data with other parties?
a) Third-party service providers
JDK uses third-party service providers who especially provide accounting, reporting, debt management, marketing & promotion and security guard services. For the performance of their duties, JDK must supply them with certain personal data of JDK’s business partners and visitors (security guards).
However, third-party service providers have been vetted by JDK and they provide sufficient guarantees in terms of the confidentiality and protection of the personal data of our business partners and visitors. JDK has signed written agreements with all these providers on personal data processing where the providers agreed to protect personal data and observe JDK’s standards on personal data security.
b) Companies from the JDK Group
JDK may share personal data within the JDK Group. Every time when JDK needs to share personal data of its business partners, it will do so only on a need-to-know basis and will share these data only with selected employees from the JDK Group for the performance of tasks related to their job duties.
The JDK Group takes appropriate steps to ensure that these personnel are bound by the confidentiality obligation in relation to the personal data of JDK’s business partners.
c) Disclosure of personal data to third parties
Under certain circumstances, JDK is obligated to share personal data of business partners or visitors with third parties other than the above-mentioned service providers or companies from the JDK Group, in line with the personal data protection legislation.
These third parties include namely the following:
- government and similar authorities (tax authorities),
- financial institutions (banks, insurers),
- police, public prosecutors,
- external advisors.
Does JDK transfer personal data to countries outside the EEA?
We do not transfer your personal data to countries outside the European Economic Area.
How are your personal data secured?
For the purposes of ensuring the confidentiality, integrity and availability of personal data of its business partners and visitors, JDK uses state-of-the-art IT security systems. JDK maintains appropriate safety technical and organizational measures against any unlawful or unauthorized processing of personal data and against accidental loss of or damage to personal data. Access to the personal data of business partners and/or visitors is only provided to those who need this access for the performance of their job duties and who are bound by a legal or contractual confidentiality obligation.
How long will JDK keep your personal data?
JDK will keep the personal data of its business partners and visitors only for a period for which JDK needs the data for the purpose for which the data are collected or, if applicable, for the protection of JDK’s legitimate interests.
If the data are processed by JDK based on your consent, it will do so until this consent is withdrawn.
Information on visits at JDK is kept for a period of 1 year after your visit.
What are your rights related to personal data processing?
Under the defined terms, you may exercise any of the rights listed below which are granted to you by the personal data protection legislation, especially the General Data Protection Regulation (GDPR):
- the right to clear, transparent and intelligible information on how your personal data are used and what are your rights;
- the right to withdraw, at any time and free of charge, the given consent to the processing of personal data, by mail, e-mail or in person at our address specified below;
- the right of access to personal data and the provision of additional information related to their processing by JDK or processors;
- the right to the rectification of inaccurate and incomplete personal data;
- the right the erasure of personal data, especially if (i) the data are no longer needed for further processing; (ii) the consent to their processing has been withdrawn; (iii) the data subject has legitimately objected to their processing; (iv) the data have been processed illegally; or (v) the data must be erased according to the statutory provisions;
- the right to the restriction of processing of personal data if (i) the data subject contests the accuracy of personal data, until JDK verifies their accuracy; (ii) the processing is unlawful; (iii) JDK no longer needs these data, but the data subject needs them for the purposes of exercising its legal claims or (iv) the data subject has objected to the processing, until JDK verifies whether JDK’s legitimate interests override the interests of the data subject;
- the right to object to the processing of personal data if the data are processed for the purposes of JDK’s legitimate interests. If you raise an objection to further processing for direct marketing purposes, your personal data will no longer be processed for these purposes;
- the right to obtain your personal data and transfer them to a different controller subject to the conditions prescribed by law;
- the right to file a complaint with the Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00 Prague 7; www.uoou.cz, if you believe that JDK violates its obligations arising under the personal data protection legislation.
We will respond to your requests for exercising your rights within the period prescribed by law, but usually no later than within one (1) month after receiving your request. In exceptional cases, handling your request may require longer time; if this is the case, we will inform you accordingly.
Questions and contacts
If you would like to exercise any of your rights in connection with the processing of your personal data or if you have any other question or complaint about their processing, please contact us by mail, telephone or e-mail by using the contact details provided below.
JDK, spol. s r.o.,
Pražská 2161/25, 288 02 Nymburk
e-mail: firstname.lastname@example.org, tel.: 325 519 111
Changes to this Policy
It is possible that JDK will decide to change or update this Policy. The latest version of this Policy will be always available to you on JDK’S website (www.jdk.cz/en/gdpr) in the section Personal Data Protection Policy.
However, we assure you that we will not make any retroactive changes and that we will not make any changes to our policies that apply to the handling of the previously gathered data.