This Privacy Policy is compiled in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR“) and Act No. 110/2000 Coll., on the Protection of Personal Data and on the Amendment of Certain Laws.

1. Our contact details

Pursuant to Article 4(7) of the GDPR, the controller of your personal data is ACP Traductera, a.s. with its registered office at Na Piketě 173/III, 377 01 Jindřichův Hradec, registered in the Commercial Register maintained by the Regional Court in Č. Budějovice, section B, insert 2007.

2. What are personal data

Personal data refers to any information about an identified or identifiable natural person. An identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, a network identifier or to one or more specific elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Personal data also include identifiers stored in cookies, which will be installed in your web browser when you visit our website, if you agree to this.

3. Which personal data we process

We process the personal data you provide to us in connection with the use of our services or data that is publicly available. This includes, in particular, your first name, surname, e-mail address, delivery address, billing address, telephone number and, where applicable, details of the company you represent (trade name, registered office, ID number, VAT number) and your job title.

This list is illustrative and it is possible that in the course of the negotiations you may provide us with additional data which will be treated in the same way.

4. Why we process personal data

Above all, so that we can deliver on what we have committed to. If we were unable to process the data, we would not be able to provide you with the service you have expressed an interest in. Nor would we be able to send you information that we think may be of interest to you.

The lawful reason for processing personal data is

• performance of a contractbetween you and us pursuant to Article 6(1)(b) of the GDPR;
• our legitimate interestin providing direct marketing (in particular sending commercial communications) pursuant to Article 6(1)(f) of the GDPR, which is based on a conscious relationship between you as the customer and us as the controller.

The purpose of processing personal data for the performance of the contract is:

• processing your order and exercising the rights and obligations arising from the contractual relationship (when placing an order, we require personal data that are necessary for the successful processing of the order – it is not possible to conclude the contract without providing these data).

The purpose of processing personal data on the basis of legitimate interest is:

• faster customer support for your questions or complaints;
• sending commercial communications (in particular our regular newsletter) and related marketing activities.

5. How we process personal data

We process your data with the utmost care and attention to their security. Like you, we do not want anything to happen to your data. We protect data in accordance with the GDPR and Act No. 101/2000 Coll. on the Protection of Personal Data and declare that we have taken all appropriate technical and organisational measures to secure the data. We take the same care in selecting only partners (i.e. data processors) who themselves are able to provide such technical and organisational measures to protect your personal data.

When processing your personal data, we follow these guiding principles:

1. Your data are processed at our company only by trained personnel who are bound by confidentiality and secrecy;
2. We only provide your data to the processors listed below, no other third parties;
3. We process your data for the time necessary to exercise the rights and obligations arising from the contractual relationship and to assert claims arising from the contractual relationship.

PERIOD OF DATA PROCESSING

• To handle the order and for the performance of the contract, personal data is processed for the term of the contract and for a subsequent period of 10 years after its termination. The 10-year period commences on the termination of service provision or complete settlement of mutual rights and obligations, depending on which occurs later. The said period is stipulated with regard to the potential submission of any claim arising from or related to the concluded contract.
• Personal data is processed for the purpose of online account management until it is cancelled. Cancellation of an online account may occur in connection with the termination of the contract under which the online account is managed or based on a request by the affected person. Termination of personal data processing will impede access to the online account.
• Personal data is processed for the purpose of sending commercial messages until such time as you unsubscribe or object to such processing, but for a maximum period of 5 years. The 5-year period commences on termination of the contractual relationship with the Provider or placement of the last order, depending on which occurs later. The Provider will request confirmation of continued interest in receiving commercial messages for the forthcoming period prior to the expiry of this 5-year period. The Provider also checks the currency of the e-mail database at regular intervals.
• The Provider only performs further processing of personal data beyond the above deadlines if necessary to fulfil its obligations or to exercise rights arising from legal regulations that apply to the Provider.

6. Who has access to personal data

First and foremost, we, ACP Traductera, a.s., registered office at Na Piketě 173/III, 377 01 Jindřichův Hradec, and our employees. In addition to us, some of your personal data are also accessible to processors to whom we transfer data to the minimum extent necessary to fulfil our obligations.

The processors of your personal data at our company are:

1. Providers of postal and shipping services, in particular Czech Post, DHL Czech Republic and other providers of your choice
2. Accounting services provider Ing. Šárka Lancová
3. Marketing platform provider ECOMAIL.CZ, s.r.o.

The data processors for direct marketing are:

1. Google, Inc.
2. Seznam.cz, a.s.
3. Facebook Ireland Ltd.
4. LinkedIn Corporation
5. Twitter, Inc.

We are also obliged to provide your personal data as necessary for the purposes of investigating and prosecuting criminal activity. In this case, we will be obliged to transfer the personal data concerned to the competent authority.

7. How you can handle your personal data

As a data subject, you have the right to decide on the processing of your personal data to the extent provided. You may exercise the rights set out below (i) in person at our registered office, (ii) electronically via email at: info@traductera.com, or (iii) in writing addressed to our registered office.

Under applicable law, you have the following rights in relation to the processing of your personal data:

• Right of access – you have the right to request confirmation from our company as to what personal data we process and you have the right to information about this processing as set out in Article 15 of the GDPR;
• Right to rectificationand completion – if you find that the data processed about you are inaccurate, you have the right to request their rectification or completion;
• Right to erasure – if the conditions of Article 17 of the GDPR are met, you have the right to request the erasure of your personal data, in particular if the company no longer needs the personal data for the purposes for which they were processed or if our company has processed your personal data unlawfully;
• Right to data portability – if processing is based on consent or a contract and is carried out by automated means, you have the right to receive your personal data from the company in a structured, commonly used and machine-legible format. If technically feasible, our company may transfer your personal data to another controller upon your request;
• Right to restrict processing – under Article 18 of the GDPR, you have the right to restrict the processing of personal data by the company, in particular if you contest the accuracy of the personal data – the company will restrict processing for the period of verifying data accuracy; or if you object – the company will restrict processing until it is ascertained that the company’s legitimate grounds outweigh your legitimate grounds as a data subject. For the duration of restriction, your data will only be processed, except for storage, with your consent or for the establishment, exercise or defence of the company’s legal claims, for the protection of third-party rights or for reasons of important public interest;
• Right to object to processing – if the processing of personal data is carried out for reasons of the company’s legitimate interests or those of a third party, and if your interests or fundamental rights and freedoms requiring the protection of personal data take precedence over the legitimate interests of the company or a third party, then you have the right to object to such processing. In such a case, the company will no longer process your personal data unless it can demonstrate compelling legitimate grounds for the processing which outweigh your rights and freedoms, or for the establishment, exercise or defence of legal claims. If personal data are processed for marketing purposes, you have the right to object at any time without further notice;
• Right to lodge a complaint with the Office for Personal Data Protection– if you believe that the processing of personal data has violated the law, you may lodge a complaint with one of the supervisory authorities. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection, registered office at Pplk. Sochora 27, 170 00 Prague 7, phone: + 420 234 665 111, uoou.cz

For detailed information about your other rights, please refer to the GDPR.

This policy takes effect on 25 May 2018.