Principles of processing and protection of personal data
If you are our customer, newsletter subscriber or website visitor, you are entrusting us with your personal data. We are responsible for their protection and security. Please familiarize yourself with the data protection, policies and rights you have in relation to the GDPR (General Data Protection Regulation).
Who is the Controller of Your Personal Data?
SPECTRA spol. s r.o., with its registered seat at Zlínská 1152, 763 11 Vizovice, Company ID No.: 15546608, entered in the Commercial Register maintained by the Municipal Court of Brno, Section C, File No. 948, since 18. 4. 1991. We run the spectrachemie.cz website. We process your personal data as a Controller, which means that we determine how your personal data will be processed, for what purpose and for how long, and the selection of potential further processors.
In case you would like to inquire about the data processing, you can contact:
- Tomáš Peterka, +420 724 895 237, firstname.lastname@example.org
- Hana Trávníčková, +420 727 909 065, email@example.com
Scope of Personal Data and Purposes of Processing
We process data which you provide us with yourself, and we do so for the following reasons (purposes):
- provision of services and performance of a contract
We will process your personal data in the following scope: e-mail address, name, surname, phone number, postal address in order to perform a contract (e.g. to send a quote, deliver goods, provide service etc.)
If you are a customer, we will require your personal data (billing data) in order to meet the statutory obligation to issue and record tax documents.
- marketing – sending newsletters
We will make use of your personal data: e-mail address and name, gender, what you click on in an e-mail and when you most often open it, for the purpose of direct marketing – sending commercial communications.
If you are a customer, we will do so on the grounds of a legitimate interest, since we can reasonably assume that our news will interest you. We will send communications for a period of 2 years since your last order.
If you are not a customer, we will only send you newsletters if you grant your consent, and will do so for a period of 2 years thereafter.
In both cases, you can withdraw your consent by using the unsubscribe link in any sent e-mail.
- advanced marketing with consent
Provided that you grant your consent, we can also send you offers from third parties or use your e-mail address, for remarketing and targeted advertising on Facebook, for a period of 2 years after consent is granted. Of course, you can contact us to withdraw your consent at any time.
We will keep your personal data for the duration of limitation periods, unless the law establishes a longer period for their retention or we state otherwise in specific cases.
When you browse our web pages, we record and immediately anonymize your IP address, how long you spend on a page and which page brought you there. For us, using cookies for the sake of measuring the website traffic and adjusting how our websites are displayed is a lawful interest of a data controller, as we believe we can thus provide even better services to you.
The cookies for targeted advertisement shall only be processed upon your granted consent.
Our web pages can also be browsed in a mode that does not allow personal data collection. You can disable cookies on your computer.
Security and Personal Data Protection
We protect personal data in a maximum possible manner by means of modern technologies, which reflect the current state of technology. We protect your data as if they were ours. We have implemented and maintained all possible (currently known) technical and organizational measures that prevent abuse, damage, or destruction of your personal data, particularly:
- Logins to all software tools that help us process your personal data are password protected and only a limited number of employees who necessarily need them have access to them.
- When saving electronic documents, we use verified providers of secured cloud services and all data is encrypted.
- Paper documents that we store and archive are limited to a necessary minimum. They are stored in a safe or in a lockable archive cabinet and are shredded regularly. Only the documents stated by the law are archived and only for the necessary period defined by the law.
Handover of Personal Data to Third Parties
Our employees and associates have access to your personal data.
In order to ensure specific processing operations that we are unable to provide ourselves, we use the services and applications of processors who are capable of protecting data better than we are and who specialise in the particular kind of processing.
They are providers of the following platforms:
- SmartSelling a.s. (SmartEmailing, MioWeb, FAPI, ProAffil)
- SQC s.r.o.
- myWAC TECHNOLOGIES s.r.o.
- PRIA SYSTEM s.r.o.
- AMCO, spol. s r.o.
- Ing. Jitka Brychtová
- KEMAR, spol. s r.o.
- Mgr. František Kel, advokátní kancelář
- Aleš Bartoš
- Ivo Markytán
- Ing. Zbyněk Křupka
- Lubomír Lukašík
- Ing. Richard Bořuta
- Pelmi Logistic Services s.r.o.
- PPL CZ s.r.o.
- K A M E X, spol. s r.o.
- VEPE Logistics s.r.o.
- Radim Pechal
It is possible that, in the future, we will decide to make use of other applications or processors in order to facilitate and enhance processing. However, when choosing such a processor we promise you that we will at least place the same demands on the processor for the security and quality of processing as we place on ourselves.
Transferring Data Outside the European Union
We process data exclusively within the European Union or in countries which ensure a corresponding degree of protection based on a decision of the European Commission.
Your Rights in Connection with Personal Data Protection
You have a number of rights in relation to the protection of your personal data. If you wish to enforce any of these rights, please contact us at the e-mail address: firstname.lastname@example.org.
- You have the right to information that has already been provided in this information page containing personal data processing principles.
- Thanks to the right of access, you can call upon us at any time and, within 30 days, we will provide you with evidence as to what personal data we are processing and why.
- If any of your details change, or if you find your personal data to be outdated or incomplete, you have the right to supplement and alter your personal data.
- You can enforce your right to restrict processing if you suspect that any data we are processing is incorrect, if you believe we are carrying out said processing illegally, but do not wish to erase all of the data, or if you raise an objection against processing. You can restrict the scope of personal data or the purpose of processing. (For example, by unsubscribing from the newsletter, you restrict the purpose of processing for the intention of sending business communications).
- Based on your right to portability, if you wish to take your personal data and to transfer it to another person, we will proceed in the same manner as in the case of enforcement of the right of access – the sole difference being that we will supply you with the information in a machine-readable format. In such a case we will need at least 90 days.
- Another of your rights is the right to erasure (right to be forgotten). We do not want to forget about you, but should you so wish, it is your right. In such a case we will erase all of your personal data from our system, as well as from the systems of all partial processors, and all backups. We will need 30 days to fulfil the right to erasure. In some cases, we are bound by statutory obligations. For example, we have to keep records of issued tax documents for the established statutory period. In such case we will erase all such personal data which is not bound by another law. We will inform you by e-mail once the erasure has been completed.
Complaints to the Office for Personal Data Protection
If you believe that we are not handling your data in compliance with the law, you are entitled to contact the Office for Personal Data Protection with a complaint at any time. We will be glad if you first inform us of such suspicion, so that we can do something about it and potentially correct any errors.
Unsubscribing from the Commercial Communications
If you are a customer, we will send you e-mails containing inspirations, articles or products and services based on a legitimate interest. If you are not yet a customer, we will only send you such e-mails with your consent. In both cases, you can unsubscribe from our e-mails by clicking on the unsubscribe link in every sent e-mail.
We can assure you that our employees and collaborators who will process your personal data are obliged to maintain confidentiality regarding your personal data and regarding the security measures whose disclosure could put your personal data at risk. This confidentiality remains in place even after the contractual obligations with us expire. Your personal data will not be handed over to any third party without your consent.
These personal data protection principles come into effect on May 5, 2018.