Personal data processing policies
SOPO sro, with its registered office at Modletice 191, Company ID: 47534265; (hereinafter referred to as "SOPO" or "Administrator"), within the meaning of Article 1 of the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), processes your personal data for the performance of its business activities in strict accordance with applicable regulatory provisions in the field of personal data protection.
This Privacy Policy (“Policy”) applies to:
processing of personal data carried out by the Controller during your use of the website operated by the Controller (“Website”);
processing of personal data by the Controller during the performance of contracts with business partners;
processing of personal data in the performance of the Administrator's legal obligations;
processing of personal data of job or cooperation applicants and former employees;
processing of personal data of temporarily assigned employees through employment agencies;
processing of personal data which is necessary for the purposes of protecting the legitimate interests of the Controller and/or its business partners;
processing of personal data carried out by the Administrator based on your consent.
The policy describes the purposes of processing personal data and the method of processing them, provides information about the individual categories of processed personal data, their potential recipients, the period of retention of personal data and your rights in relation to personal data.
Purposes of processing personal data
Your personal data may be processed by SOPO for the following purposes:
Contract performance (in particular, performance of contracts with cooperating persons, performance of contracts with business partners, etc.);
Fulfillment of legal obligations (in particular obligations under accounting and tax legislation, etc.);
Protection of the legitimate interest of the Administrator (protection of the rights and legally protected interests of SOPO, e.g. protection of the Website and network from misuse, protection of health and property, etc.);
Marketing and advertising targeting;
Measures before concluding a contract;
Legitimate interest of the Administrator.
Personal data processed
SOPO is authorized to process the following personal data according to the purpose of processing:
* The administrator is authorized to process your e-mail address pursuant to Section 7, paragraph 3 of Act No. 480/2004 Coll., on certain information society services and on amending certain acts (Act on Certain Information Society Services), as amended, for the purpose of distributing commercial communications relating to its own services and products if you have not refused such sending.
Processing of personal data based on consent
If you grant SOPO consent to the processing of personal data, you acknowledge that providing consent is voluntary and consent can be withdrawn at any time. Consent is provided for a period adequate to the purpose, always specified in the text of the relevant consent or until the consent is withdrawn.
Recipients of personal data
At SOPO, your personal data is made available only to authorized employees, or individual personal data processors contracted by the Controller, or other controllers. However, only to the extent necessary to fulfill the individual purposes of processing and on the basis of an appropriate legal title and a guarantee of adequate protection of your privacy.
These include, for example:
suppliers and service providers (including online services) such as analytical tools, CRM systems, technical services and support, insurance services, logistics services, legal services;
persons processing corporate reporting, accounting and business administration of SOPO,
or other third parties who provide or receive services in connection with the fulfillment of SOPO's contractual or legal obligations.
In cases specified by law, SOPO is entitled or obliged to transfer certain personal data on the basis of applicable legal regulations, for example to criminal prosecution authorities or other public authorities.
Personal data of third parties
Personal data of third parties, which means, for example, personal data of employees of the Administrator's business partners and other natural persons participating in cooperation with SOPO (e.g. carriers and employees of carriers), personal data of participants in events organized by the Administrator, or other data that SOPO receives from the business partner in connection with the conclusion or performance of the contract, will be processed in accordance with applicable legal regulations in the field of personal data protection. The Administrator will use this personal data exclusively for the purpose of fulfilling contracts with business partners. The business partner hereby acknowledges that SOPO will process personal data of third parties for the duration of the contractual relationship and for the period specified in special legal regulations. They will then be stored for a longer period if, in a justified case, there is a need to store data in connection with a specific case. The business partner is obliged to properly instruct its employees and other persons participating on the business partner's side in cooperation with SOPO about the processing of personal data by SOPO.
Personal data retention period
We process and store your personal data for the period strictly necessary to ensure all rights and obligations arising from the relevant contractual relationship and for the period for which the Administrator is obliged to store personal data according to generally binding legal regulations. In other cases, the processing period results from the purpose of the processing, to which it must be proportionate, or is given by legal regulations in the field of personal data protection.
We process personal data according to the purpose of their processing for the period specified here:
USE OF COOKIES
Cookies are small data files that are stored on your computer, phone or other device when you visit the Website. Cookies are used to store and receive identifiers and other information about the computers, phones and other devices from which you access the Website, and thus help us provide, protect and improve the services offered.
SOPO uses cookies when you visit the Website, most often to customize content, anonymous statistics on traffic, select relevant advertisements, and facilitate a more secure login.
We use two basic types of cookies on the SOPO Website:
Session cookies: These cookies are temporary. They are stored in your browser's cookie file only until you close your browser. These cookies are necessary for the proper functioning of the Website or associated applications.
Permanent cookies: We may use these cookies to make your navigation on our Website easier and more convenient (for example, easier and faster navigation). These cookies remain in your browser for a longer period of time. The length of this period depends on the selected settings of your Internet browser. Permanent cookies allow information to be transferred to the Internet server each time you visit the Website.
You can refuse cookies in your browser settings, or set the use of only some (depending on the browser type). However, if you do not allow us to use cookies, some features may not work as they should.
You can find the privacy settings on your computer, where you can refuse or disable the use of cookies, in the menu of the relevant internet browser.
List of cookies used:
RIGHTS OF DATA SUBJECTS
As a data subject, you have the following rights that arise from legal regulations and that you can exercise at any time:
Right to access personal data: if you want to know whether SOPO is processing personal data about you, you have the right to obtain information about whether your personal data is being processed, and if so, you also have the right to access your personal data.
Right to rectification of inaccurate or untrue personal data: if you believe that SOPO is processing inaccurate or untrue personal data about you, you have the right to request its correction. SOPO will carry out the correction without undue delay, taking into account technical possibilities.
Right to erasure: if you request erasure, SOPO will erase your personal data if (i) it is no longer necessary for the purposes for which it was collected or otherwise processed, (ii) the processing is unlawful, (iii) you object to the processing and there are no overriding legitimate grounds for the processing, or (iv) the Controller is not required to process it by law.
Right to restriction of processing of personal data: if you are not interested in deletion, but only in temporary restriction of processing of your personal data, you can request the Administrator to restrict the processing of your personal data.
Right to data portability: If you want SOPO to transfer your personal data, which it processes based on your consent or on the basis of a contract, to a third party, you can exercise your right to data portability. If the exercise of this right could adversely affect the rights and freedoms of third parties, SOPO will not be able to comply with your request.
Right to object: you have the right to object to the processing of personal data that is processed for the purposes of protecting the legitimate interests of the Controller. In the event that SOPO does not demonstrate that there is a compelling legitimate reason for the processing which overrides your interests or rights and freedoms, it will terminate the processing based on your objection without undue delay.
To exercise your rights, please contact us by letter to the address of the registered office of SOPO or by email to gdpr@sopo.cz .
The Administrator reserves the right to verify the identity of the applicant for the rights in question in a reasonable manner.
These Personal Data Processing Policies are valid from March 8, 2024.