Personal data

processing regulations

The company Spinoco Czech Republic, a.s., as the Administrator of personal data (hereinafter referred to as “Administrator”), hereby informs you about the manner and extent of personal data processing.

The Administrator processes the personal data acquired by interacting with the Guestaria website in accordance with the European Union law, especially with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of data (hereinafter as “GDPR”) and in accordance with relevant national legislation, namely Act No. 101/2000 Coll., on the Protection of Personal Data and on Amendments to Certain Acts, as amended.

We only process data necessary to conclude a contract with third parties and its implementation for the period specified by law. In the case of contractual relations, we also process data related to the performance of contracts and, where applicable, the claims from contracts. In this case, we process relevant data for the duration of the warranty/statutory time period.

For contractual partners, we process company name, company identification number, delivery or billing address, contact person, email, telephone number, bank details, subject of the contract and its terms. The Administrator obtains personal data directly from the data subject or from public records.

The Administrator further processes the personal data necessary to protect their interests and to protect the security of tenants, subtenants and users of the Administrator’s property. Such information (especially from the Administrator’s camera and access systems) is processed for the necessary period of time.

The Administrator has not appointed a data protection officer or a representative to fulfil obligations under the GDPR.

The Administrator processes personal data both manually and automatically. The protection of personal data is technically and organizationally secured. The processors of the Administrator personal data are especially persons authorized to administer the Administrator’s IT system, providers of tax and accounting services for the Administrator, or other persons, whose services the Administrator uses to fulfil contracts (delivery, transportation, delivery of services, maintenance and property management, security service etc.).

Rights of Data Subjects

The data subject has the right to request the Administrator to access their personal data, at any time, to correct or delete them, to get information about the processing and any processing limitation. The data subject may object to the processing, has the right to transfer the data to another administrator. The subject has the right to file a complaint with The Office for Personal Data Protection, in case the subject considers that the Administrator violates the GDPR when processing personal data. The application must be submitted in writing to the postal address of the Administrator.

The Administrator shall communicate the requested information, without undue delay, for reasonable compensation not exceeding the costs necessary to provide such information.