English
Čeština Deutsch Polski Română Slovenčina

Privacy Policy

I. Basic Provisions

  1. The controller of personal data within the meaning of Art. 4(7) of Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) is
    CZ testing institute s.r.o., Company ID: 05222851, registered office: Sokolovská 637/31, Nový Jičín (hereinafter referred to as the “controller”).
  2. Controller’s contact details:
  3. Personal data means any information about an identified or identifiable natural person.
  4. The controller has not appointed a Data Protection Officer.

II. Sources and Categories of Processed Personal Data

  1. The controller processes personal data that you have provided or that has been obtained in connection with the fulfilment of your order.
  2. Identification and contact details necessary for contract fulfilment are processed.

III. Legal Basis and Purpose of Processing Personal Data

  1. The legal basis for processing is:
    • Performance of a contract under Art. 6(1)(b) GDPR
    • Legitimate interest of the controller under Art. 6(1)(f) GDPR
    • Consent to processing under Art. 6(1)(a) GDPR
  2. The purpose of processing is:
    • Order handling and performance of the contract
    • Sending commercial communications and marketing
  3. The controller does not use automated decision-making within the meaning of Art. 22 GDPR.

IV. Data Retention Period

  1. Data is retained:
    • For 15 years after the end of the contractual relationship
    • For a maximum of 10 years for marketing purposes
  2. After this period, the data will be deleted.

V. Recipients of Personal Data

  1. Recipients of personal data are:
    • Entities involved in the delivery of goods/services
    • Service providers
    • Marketing service providers
  2. Data is not transferred outside the EU, except in cases of email sending/cloud services.

VI. Your Rights

  1. You have the right:
    • To access your data (Art. 15 GDPR)
    • To rectification (Art. 16 GDPR)
    • To erasure (Art. 17 GDPR)
    • To restriction of processing (Art. 18 GDPR)
    • To object (Art. 21 GDPR)
    • To data portability (Art. 20 GDPR)
    • To withdraw consent to processing
  2. You have the right to lodge a complaint with the Office for Personal Data Protection.

VII. Conditions of Personal Data Security

  1. The controller has taken technical and organisational measures to protect personal data.
  2. Protection includes encryption, antivirus protection, and secure protocols.
  3. Access to data is granted only to authorised persons.

VIII. Final Provisions

  1. By submitting an order, you confirm your agreement with these terms.
  2. Consent is given by ticking the box in the form.
  3. The controller reserves the right to amend these terms. A new version will be published on the website or sent by email.

These terms shall take effect on 25 May 2018.