GDPR

INFORMATION MEMORANDUM ON DATA PROTECTION

GDPR INFORMATION

INFORMATION MEMORANDUM ON DATA PROTECTION

Dear clients and business partners, 

in connection with our activities and in view of the effectiveness of Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation (hereinafter referred to only as the “Regulation”), we would like to let you know that during the course of due provision of our services, we process your personal data, which we consider confidential. We only handle this data to enable us to provide you the best possible service. We process your personal data in accordance with the applicable legislation of the Czech Republic and the above-mentioned Regulation.

In this memorandum, we would like to provide you information as to which personal data we process about you during the course of our activities, in the context of offering, arranging and providing our services, and in what way, for what purposes and on the basis of which legal grounds we do so, and in particular, where you can obtain information about your processed personal data and what your rights are in the field of personal data protection.

In our capacity as the data controller, we hereby inform you, in your capacity as as a data subject, in accordance with Article 13 of the Regulation that:

The data controller is iQ Hospitality Group s.r.o., with registered office at Fetrovská 1005/53, Dejvice, 160 00 Prague 6, Company ID No.: 09763112, contact details: petr@hospitality.cz (hereinafter referred to only as the “Controller”).

We process the following categories of personal data: identification data of clients and business partners or their representatives (representatives - if this concerns a legal entity), contact details, bank account (if this concerns the personal data of natural persons).

Your personal data processed by the Controller comes primarily from you or from publicly available sources on the Internet, in particular from the commercial or trade register.

Your personal data is and will be processed only for the purpose of registration as a client or business partner (customer) or representative of a customer (for a legal entity), for the purpose of due provision of services and related communication, including handling of any claims of the parties to the contract arising from performance, for meeting of legal obligations and also for marketing purposes of the Controller.

The Controller processes personal data in electronic and paper form.

The legal basis for the processing of personal data is performance of a contract or implementation of measures adopted prior to conclusion of the contract, as well as meeting of Controller’s legal obligations imposed by the legislation. Another legal basis for the processing of personal data is the legitimate interest of the Controller, which includes processing of personal data for possible direct marketing. If you have given or give us consent for a specific processing purpose, your consent may also constitute a legal basis for processing of personal data.

Your personal data will be processed for as long as is necessary, in the case of the provision of services for at least this period and for the period for which the Controller is obliged to keep such data in accordance with generally binding legislation. Data processed for the purpose of direct marketing will be processed by the Controller for the period of the customer’s registration, but no longer than until an objection to direct marketing is submitted.

Processing of your personal data will not involve automated decision-making or profiling.

Your personal data will be processed by authorised employees of the Controller or by a personal data processor with whom the Controller has concluded a contract for processing of personal data. Personal data will not be disclosed to third parties except to the contractual processor of personal data and to institutions or entities where this is required by the generally binding legislation. An up-to-date list of potential processors will be provided to the data subject upon request. Your personal data is also passed on with your knowledge to business partners as necessary for the due provision of our services, including it being passed on to foreign countries (currently to Slovakia).

The Controller has not appointed a data protection officer or designated a representative to carry out its obligations within the meaning of the Regulation.

You have the right to request from the Controller access to your personal data, its correction or deletion, or restriction of processing, and to object to the processing, you have the right to the portability of this data to another controller, as well as the right to file a complaint with the Office for Personal Data Protection if you believe that the Controller is processing personal data at variance with the Regulation.

If you wish to exercise any of the above-mentioned rights with the Controller, please use the Controller’s contact email address or data box or write to us at the address of the company’s registered office.

The supervisory authority in the Czech Republic is the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7,  www.uoou.cz .

If some of your personal data will be processed on the basis of your consent, you are entitled to withdraw your consent to the processing of your personal data at any time.