Business Principles and Personal Data Protection
You voluntarily consent to BOMAR SPEDICE, s.r.o. processing your personal data in compliance with the legislation on personal data protection, namely the Regulation of the European Parliament and Council (EU) No. 2016/679 of 27 April 2016 on the protection of natural persons in relation to the processing of personal data and the free movement of these data and repealing Directive 95/46/EC (general regulation on the personal data protection, “GDPR”) and, furthermore, in compliance with our internal regulations and principles.
The consent is voluntary and you can withdraw it any time.
By giving your consent, you also confirm that you have been advised of your right to access and check your personal data processed by BOMAR SPEDICE, s.r.o.
You are entitled to request from the controller an explanation of your personal data processing if you discover or believe that this processing is not performed properly. Furthermore, you are entitled to request that the controller rectifies this situation by, especially, blocking, correcting, completing or deleting personal data.
I. For the purposes of these Business Principles:
The Operator means
The Personal Data mean the name and surname, domicile, e-mail address, IP address, phone number, company registration number of a legal entity and VAT number of a natural person.
1. The Operator as the Personal Data Controller hereby provides information on the method and extent of processing of Personal Data, including the scope of the Participant’s rights (as defined below) related to processing of his/her Personal Data.
2. The Operator is a manufacturer and for this purpose it operates an information website en.bomar-praha.cz, including also other tabs with forms.
3. Included in this service, the Operator processes the Personal Data:
• to the extent they were provided in relation to the product order, or part of pre-contract negotiations with the Operator as well as in relation to the contract that has been entered into;
• for the purpose(s) specified in clause 9.
The Operator processes Personal Data for the following purposes:
• contract performance and service provision;
• compliance with legislation (in particular accounting, tax and archiving);
• keeping of participants’ records;
• protection of rights and right-protected interests of the Controller (legitimate interest).
4. The Operator is the Personal Data Controller. Personal Data are not processed by any other entity.
II. Personal data protection and information on their processing
1. The General Regulation on Personal Data Protection, as amended as well as other relevant legislation apply to natural persons (hereinafter referred to as the “Participant”), who fill in and send the completed registration form from the en.bomar-praha.cz, website to the Operator.
2. The Participant acknowledges that by sending the completed registration form, the processing of Personal Data by the Operator is initiated.
3. Unless the Participant provides his/her Personal Data, it is not possible to enter into a contract with the Operator and/or to provide him/her with related services. In this respect, Personal Data are necessary for the provision of a particular service or product of the Operator.
4. Personal Data will be processed throughout the pre-contract negotiations between the Operator and the Participant for the purpose of entering into the contract as well as throughout the contractual relationship’s duration.
5. In case of entering into a contract under the Operator’s Commercial Conditions, the Personal Data will be processed and stored for the period of 36 consecutive months in the case of a conflict related to the relationships between the Operator and the Participant, namely for the purpose of the protection of the Operator’s legitimate interests. The Operator’s legitimate interest is the proper and timely performance of the agreed contractual obligation between the Operator and the Participant and the performance of any legal obligation imposed on the Operator from the contractual relationship between the Participant and it.
6. For the purpose of the performance of the legal obligation on archiving accounting documents under Act No. 563/1991 Coll. on Accounting, as amended, the Personal Data (apart from the e-mail address and the phone number) will be further processed and stored for the period of 5 years starting with the year following the year in which the contract between the Operator and the Participant was entered into.
7. Following the expiry of the period indicated in Article II. par. 4, 5, 6 and 7 the Operator shall delete the Personal Data.
8. The Participant shall only provide the Operator with true and accurate Personal Data.
9. The Operator shall exert the maximum effort so as to avoid any unauthorised processing of Personal Data.
10. Personal Data of Participants shall not be disclosed to any third parties.
11. Personal Data are and will be processed in the electronic form by a non-automated method.
III. The Participant’s rights related to processing
1. The Participant is entitled (where the processing of Personal Data is done with consent) to make a notification of the withdrawal of his/her consent with the processing of the provided Personal Data at email@example.com any time. However, it is not possible to withdraw consent with processing of Personal Data to the extent and for the purposes of the performance of the Operator’s legal obligations. Any withdrawal of consent does not affect the legality of the processing based on the consent granted before its withdrawal. Nor does the withdrawal of consent affect the processing of Personal Data, which the Controller processes on a legal basis other than consent (i.e. in particular, if the processing is necessary for the performance of the contract, legal obligation or other reasons specified in applicable legal regulations).
2. Furthermore, the participant is entitled to:
• request from the Operator access to his Personal Data:
• correct the provided Personal Data;
• delete the provided Personal Data;
• limit the processing of Personal Data;
• file a complaint with the Office for Personal Data Protection.
3. Each data subject that discovers or believes that the Controller or the Processor processes his/her personal data in breach of the protection of the data subject’s private and personal life or in breach of the Law, in particular if the personal data are imprecise with respect to the purpose of their processing can:
a) ask the Controller or the Processor for an explanation,
b) request that the Controller or the Processor remedies this situation. It is namely a case of blocking, correcting, completing or deleting personal data.
4. If the data subject’s request is found to be justified under par. 1, the Controller or the Processor shall remove the defective condition without any delay.
5. If the Controller or the Processor does not respect the data subject’s request under par. 1, the data subject is entitled to contact the Office for Personal Data Protection directly.
6. The procedure under par. 1 does not rule out the possibility that the data subject contacts the Office with his/her request directly.
7. If damage other than of the financial kind arises as a result of processing the data subject’s personal data, the application of his/her claim will follow a special law.
8. If during the processing of personal data an obligation imposed by the law upon the controller or the processor is breached, they are responsible for that jointly and severally.
9. The Controller is required without undue delay to inform the recipient of the data subject’s request under par. 1 a on blocking, correcting, completing or deleting personal data. This does not apply if the recipient cannot be informed or it would require an extreme effort to inform him. If you believe that your rights have been infringed, you are entitled to send your complaint to the Office for Personal Data Protection with its registered office at 27 Pplk. Sochora, Prague 7 170 00. For more information see the website www.uoou.cz.