Hide form

Information for customers and employees of our business partners

In connection with the processing of personal data, in accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), we provide you with the following information on how we process personal data in our company Solitea, a.s.

We have divided the content of this document into the following sections for your better orientation:

Our commitment to privacy

The protection of personal data is very important to us. It is our aim and intention to provide our services in such a way that the fundamental principles and tenets of privacy and in particular data protection are respected at all times. Our guiding principle is to collect and retain personal data to the extent necessary and for as long as necessary.

When processing personal data, we are governed in particular by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), as well as other legislation that applies to the processing of personal data and the protection of privacy.

Personal data controller information

The controller who determined the purpose and means of processing personal data is Solitea, a.s., ID No.: 01572377, with registered office at Drobného 555/49, 602 00 Brno, registered in the Commercial Register of the Regional Court in Brno, Section B, Insert 70172.

Solitea, a.s. is (on the basis of Article 37 of the General Data Protection Regulation (GDPR)) together with the joint stock company Solitea Slovensko, ID No.: 36 237 338, registered office Plynárenská 7/C, 831 02 Bratislava, registered in the Commercial Register of the District Court Bratislava I, Section SA, Insert 2969/B, part of a group of companies that are interconnected. Within this group of companies, data is transferred for administrative purposes, including the processing of personal data of clients or employees. This processing is based on legitimate interest (according to Article 48 of the General Data Protection Regulation (GDPR)).

Regardless of whether Solitea processes your personal data individually or as a joint controller, you can exercise your rights with any of the group companies.

If you have any questions about the protection of your personal data, you can contact us in writing at our registered office or by e-mail at gdpr@solitea.cz.

Purposes and legal bases for personal data processing

We process personal data that we obtain in the course of our activities directly from you as the data subject or in other ways (e.g., provided by your employer or obtained from publicly available sources) in accordance with the law for the following purposes:

In connection with business activities:

Purpose

Legal basis

Searching for potential customers

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Preparation and implementation of commercial contracts

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Business communication with customers and their employees

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Provision of customer and employee data for software licensing purposes

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Implementation of surveys to verify customer satisfaction

Consent of the data subject pursuant to Article No. 6 paragraph No.1 letter a) GDPR or legitimate interest of the processor pursuant to Article No. 6 paragraph No.1 letter b)

Recording phone calls to improve the quality of our service

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

User experience services (mini-course, training, academy)

Performance of a contract pursuant to Article No. 6 paragraph No.1 letter b) GDPR or the legitimate interest of the agency pursuant to Article No. 6 paragraph No. 1 letter f)

Providing technical support and advice to users in relation to our products

Performance of a contract pursuant to Article No. 6 paragraph No.1 letter b) GDPR or the legitimate interest of the agency pursuant to Article No. 6 paragraph No. 1 letter f)

In connection with marketing activities:

Purpose

Legal basis

Sending information to customers and their employees by e-mail (newsletter)

Consent of the data subject pursuant to Article No. 6 paragraph No.1 letter a) GDPR or legitimate interest of the processor pursuant to Article No. 6

PR communication via social networks

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Social media engagement analysis

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Analysis of e-mail recipient engagement

Legitimate interest of the processor pursuant to Article No.6 paragraph No.1 latter f) GDPR

Publication of references with customer and employee details

Consent of the data subject pursuant to Article No. 6 paragraph No.1 letter a) GDPR

In connection with other activities:

Purpose

Legal basis

Accounting

Compliance with the legal obligation pursuant to Article No. 6 paragraph No.1 letter c) GDPR

Mail registration and archive management

Compliance with the legal obligation pursuant to Article No. 6 paragraph No.1 letter c) GDPR

Proving, defending and pursuing legal claims

Compliance with the legal obligation pursuant to Article No. 6 paragraph No.1 letter f) GDPR

Handling requests from data subjects in relation to the protection of personal data

Compliance with the legal obligation pursuant to Article No. 6 paragraph No.1 letter c) GDPR

Legitimate interests pursued by the processor

In the context of the legitimate interests pursued by us, we, as the controller, process your data without your consent only to the extent strictly necessary to achieve the stated purpose. To explain, we provide:

Legitimate interest

Additional information

Searching for potentional customers

In an effort to offer our products and services to companies and organizations, we obtain business contacts through public registries or from others. This includes common data such as name, email or telephone number.

Business communication with customers and their employees

If our customers are companies and organisations, we communicate with the relevant employees when communicating about products and services. When communicating, we use common personal data such as name, business phone number or e-mail.

User experience services (mini-course, training, academy)

If our customers are companies and organisations, we communicate with the relevant employees when communicating about products and services. When communicating, we use common personal data such as name, business phone number or e-mail.

Providing technical support and advice to users in relation to our products

If our customers are companies and organisations, we communicate with the relevant employees when communicating about products and services. When communicating, we use common personal data such as name, business phone number or e-mail.

Provision of customer and employee data for software licensing purposes

If we supply electronic licenses (e.g. Microsoft, AVG, etc.) to our customers. In order to manage and protect the licenses, the contact details of the customer and relevant staff are required for registration and delivery of activation keys.

Implementation of a survey to verify customer satisfaction

Satisfaction surveys are usually conducted anonymously or with the customer's consent. In some cases, we may use contact details, e.g. email, to send questionnaires.

Recording phone calls to improve the quality of our service

We record phone calls to improve our operations, and the recordings are used to better understand the situation and analyse the problem. After a set period of time, the recordings are automatically deleted. If a call is recorded, you will be notified of this at the beginning of the call.

Sending information to customers and their employees by e-mail (newsletter)

As part of building relationships and in an effort to keep you informed about products and services that may be of interest to you, we process your contact email. You can always unsubscribe.

Analysis of e-mail recipient engagement

In order to effectively send information by email only to those who are interested, we evaluate the success rate of delivery and readership of our email messages. Once you unsubscribe from our emails, we will stop evaluating the information.

PR communication to raise awareness of the company through social networks

If you choose to follow our fan pages on social media, your data, profile or posts will be part of the information we process as a joint controller with Facebook. However, you can hide your posts or stop following our pages at any time.

Proving, defending and pursuing our legal claims

In the case of dispute resolution, contractual negotiations, debt recovery or notification to public authorities and similar activities, we process personal data necessary to prove, defend and assert our legal claims.

Processors of personal data and provision of personal data

When processing your personal data, we may provide your personal data to a third party (another controller) or to our contractors (processors) who assist us with the processing of your personal data.

Our processors who process personal data under our instructions and in compliance with secure measures are:

  • Application hosting and cloud service providers
  • Providers of communication tools
  • Marketing agencies in the field of online advertising and social media communication
  • Satisfaction survey companies

We provide your personal data to the following categories of processors:

  • Public authorities where required by legislation
  • Audit companies, tax advisors
  • Post and courier services
  • Software licensors

Security of personal data processing

In accordance with the requirements of applicable legislation, we ensure all necessary security, technical and organizational measures to protect your personal data. Electronic data is stored in protected databases on a server that is owned by us or dedicated to us. We protect your personal data from damage, destruction, loss and misuse. All persons who come into contact with the personal data of our clients are obliged to maintain confidentiality of information obtained in connection with the processing of such data.

Transfer of personal data outside the EU

We process personal data through information and communication systems so that personal data is not transferred to third countries outside the European Economic Area (EU, Iceland, Norway, Liechtenstein). Our systems and applications are mostly operated in the Czech Republic and Slovakia or in data centres in the EU with verified providers (e.g. Microsoft).

However, in the case of our communications via social networks (e.g. Facebook, LinkedIn, Google, Youtube), we use the services of global suppliers whose headquarters may be located outside the EU in third countries, e.g. the USA, which do not provide an adequate level of protection.

The transfer of personal data outside the EU or outside the European Economic Area only takes place in the context of compliance with the data protection requirements of the GDPR on the basis of standard contractual clauses approved by the Commission.

Below are links to the standard contractual clauses that apply to data transfers to the US:

Processor

Privacy information

Reasonable safeguards within the meaning of Article 46 GDPR

Google

https://policies.google.com/privacy?hl=en-US

https://privacy.google.com/businesses/controllerterms/mccs/

Facebook

https://www.facebook.com/policy.php

https://www.facebook.com/help/566994660333381?ref=dp

LinkedIn

https://www.linkedin.com/legal/privacy-policy

https://www.linkedin.com/legal/l/dpa

https://www.linkedin.com/legal/l/eu-sccs

Microsoft

https://privacy.microsoft.com/en-us/privacystatement

https://docs.microsoft.com/en-us/microsoft-365/compliance/offering-eu-model-clauses?view=o365-worldwide

Duration of processing of personal data

We process personal data only for the time period necessary to achieve the stated purpose. After this period, we dispose of the personal data by shredding the paper data and data carriers, anonymising the data in electronic form or deleting them in a way that prevents their misuse.

The processing period and time limits for the disposal of personal data are determined by our file plan and are as follows: 

Processing activities

Time

Personal information that is processed for the purposes of commercial activities

We process data for the duration of the contract (business relationship) and then for 5 years after its termination.

Personal data processed for purposes relating to marketing and advertising

In most cases, we do not process this data for more than 24 months.

Personal data processed for accounting purposes

We process personal data in accordance with the relevant legislation, currently for 10 years.

Proving, defending and pursuing legal claims

For the duration of the litigation, out-of-court settlement, but no longer than the expiry of the limitation period.

Data subject rights

When processing personal data, we are ready to ensure the exercise of your rights:

  • You have the right to access your personal data as well as the right to know the purpose and duration of the processing and the possible recipients of your personal data.
  • You have the right to rectification, if your data is incorrect or has changed, please contact us, we will correct it.
  • You have the right to have your personal data erased if it is incorrect or unlawfully processed.
  • If your personal data is processed on the basis of consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on consent given before its withdrawal.
  • You have the right to restrict the processing of your personal data. If you so wish, we will only process the data for the most necessary statutory reasons or not at all.
  • You have the right to object to an automated individual decision if such processing is carried out and you find or believe that such processing is unlawful or in breach of your rights.
  • You have the right to data portability, if you wish to transfer your data to another controller, we will provide it to you in an appropriate format, provided that technical or legal obstacles do not prevent this.
  • You also have the right to lodge a complaint with the supervisory authority, which is the Office for Personal Data Protection of the Czech Republic, with registered office at Pplk. Socha 27, 170 00 Prague 7, Czech Republic, ID No.: 70837627, tel. no.: +420 234 665 800, https://www.uoou.cz/vismo/

You can exercise your rights in writing at the address of the company's registered office, by post or by e-mail.

We will respond to your request free of charge within 30 days. In the event of complexity or a large number of requests, we are entitled to extend this period by a further 60 days. If this happens, we will inform you of this fact. 

Modifications and changes

The protection of personal data is not a one-off matter. The information contained in this document is subject to change or may no longer be current. Therefore, we reserve the right to change or modify this information at any time. We will notify you of any changes via this website or by e-mail.

Contact

Solitea, a.s.
Drobného 555/49, 602 00 Brno
https://solitea.com/, e-mail: info@solitea.cz

Tel: +420 511 182 400

Just leave us your contact details, we will let you know as soon as possible.

* Mandatory fields