Information on Personal Data Protection
The data controller specified below provides you with information on the processing of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as "GDPR Regulation").
Identity of the Personal Data Controller:
ASD Software, s. r. o., with registered office at Žerotínova 2981/55a, 787 01 Šumperk, Company ID: 62363930
Contact Details of the Controller:
Postal address: Žerotínova 2981/55a, 787 01 Šumperk
E-mail: asd@asd-software.cz
Tel.: +420 583 300 711
Purposes of Personal Data Processing:
The processing of personal data within the framework of employee records is necessary for compliance with a legal obligation to which the Controller is subject within the meaning of Article 6(1)(c) of the GDPR Regulation, namely the fulfillment of obligations arising from employment contracts with employees, from the Labor Code and from other legal regulations, in particular from social and health insurance regulations and tax regulations.
The processing of personal data within the framework of contractual partners is necessary for the performance of a contract to which the data subject is a party within the meaning of Article 6(1)(b) of the GDPR Regulation, further for compliance with a legal obligation to which the Controller is subject within the meaning of Article 6(1)(c) of the GDPR Regulation (zejména povinnost vedení účetnictví) and also for the purposes of the legitimate interests of a third party within the meaning of Article 6(1)(f) of the GDPR Regulation (keeping records of data on natural persons acting on behalf of contractual partners - legal entities).
The processing of personal data within the framework of the hotline service is necessary for the purposes of the legitimate interests of the Controller and a third party, which is the contractual partner of the Controller for whom the hotline service is operated, within the meaning of Article 6(1)(f) of the GDPR Regulation. The legitimate interest is the need for proper recording of hotline activities, necessary for the proper billing of the Controller's services to the contractual partner and for the administration and development of the information system.
The processing of personal data within the framework of the company's operations is necessary for compliance with a legal obligation to which the Controller is subject within the meaning of Article 6(1)(c) of the GDPR Regulation (zejména povinnost vedení účetnictví) and also for the purposes of the Controller's legitimate interests within the meaning of Article 6(1)(f) of the GDPR Regulation.
Categories of Personal Data Processed:
Within the framework of employee records, the following personal data of employees are processed:
- Name and surname, date of birth, personal identification number, address, telephone number, e-mail address of the employee, marital status, bank account number, data on pension insurance and life insurance, scope of driving license, data on professional CV (required by contracting authorities).
- Name and surname, date of birth, personal identification number, address of family members of the employee, including the type of family relationship - for tax purposes.
Within the framework of contractual partners, the following personal data of contractual partners and natural persons acting on behalf of contractual partners - legal entities are processed:
- Name and surname, date of birth, address, function, place of business, ID number, VAT number, bank account number, telephone number, e-mail address, or other data provided by the contractual partner in the framework of mutual business cooperation.
Within the framework of the hotline service, personal data of natural persons using the hotline service are processed, namely:
- Name and surname, telephone number, e-mail address.
Within the framework of the company's operations, personal data of contractual partners with whom contracts are concluded for the purpose of ensuring the company's operations are processed, namely:
- Name and surname, registered office, ID number, VAT number, telephone number, e-mail address.
Categories of recipients of processed personal data:
Categories of recipients to whom personal data will be made available: health insurance companies, state administration bodies and courts, auditor, driving school within the framework of driver training, contractual partners of the Controller in connection with the management of the hotline service. Personal data will not be transferred to a third country or international organization.
Period of storage of personal data:
For the period necessary to ensure proper health care and operation of the company, at least for the period of mandatory archiving of data according to legal regulations.
Rights of Data Subjects:
Within the meaning of the GDPR Regulation, you have in particular the following rights in connection with the processing of personal data.
Right of access to personal data: You have the right to obtain information about whether your personal data are being processed, and if so, you also have the right to access your personal data.
Right to rectification of inaccurate and completion of incomplete personal data: If the data processed by the controller are inaccurate, you have the right to request their rectification and completion.
Right to erasure: You have the right to request the erasure of processed personal data. The controller will erase your personal data if they are no longer necessary for the purposes for which they were collected or otherwise processed, the processing is unlawful, you object to the processing and there are no overriding legitimate grounds for processing your personal data, or the legal obligation to process has ceased.
Right to restriction of processing of personal data: In cases stipulated by the GDPR Regulation, you have the right to restriction of processing of your personal data.
Right to data portability: In the event that the controller carries out automated processing of personal data, you have the right to ensure their portability to another controller.
Right to object: You have the right to object to the processing of personal data which are processed for the purposes of protecting the legitimate interests of the controller and third parties. The controller shall no longer process the personal data in such a case unless there is a serious legitimate reason for processing which overrides the interest or rights and freedoms of the data subject.
Right to lodge a complaint with a supervisory authority: If the controller fails to comply with its legal obligations, you have the right to lodge a complaint about the controller's procedure with the supervisory authority, which is the Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00 Prague 7, www.uoou.cz.
In the case of repeated or manifestly unfounded requests for the exercise of the above rights, the controller is entitled to charge a reasonable fee for the implementation of the given right, or to refuse its implementation.
