GEMA ART International s.r.o., a company with its registered office at Haštalská 760/27, 110 00 Prague 1, Id. No.: 07687672, registered in the Commercial Register kept by the Municipal Court in Prague, Section C, File 305517, as a personal data controller, hereby provides information on the manner and scope of personal data processing carried out by GEMA ART International s.r.o., including the scope of data subjects’ rights related to processing of their personal data.
GEMA ART International s.r.o. processes personal data in compliance with the laws of the European Union, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and in compliance with the applicable national legal regulations, in particular Act No. 101/2000 Coll., on personal data protection, as amended (hereinafter the “Act”).
Purpose and scope of personal data processing
GEMA ART International only processes accurate personal data obtained in compliance with the Act, where such personal data are collected and processed only for the relevant purpose, in the scope specified below, and for the term of the contractual relationship and 10 years after the termination thereof, unless stipulated otherwise by legal regulations and terms and conditions of the contract.
The basic purposes of personal data processing by GEMA ART International s.r.o.
- performance of a contract and provision of services;
- negotiations of a contract;
- ensuring operational activities
- accounting and tax purposes;
- enforcement of receivables;
- performance of legal obligation;
- increasing the security of persons and protection of property.
The cope of personal data processing by GEMA ART International s.r.o.
GEMA ART International s.r.o. processes personal data in the following scope:
- identification data: academic degree, name, surname, tax Id. No.;
- address: mailing or other contact address, phone number, e-mail address;
- other personal data: proof of qualification (licences, authorisations), education (finished degrees, school type, specialty), CV, bank account number, and other personal data following from a specific contract or from the law.
Sources of the personal data
GEMA ART International s.r.o. obtains the personal data in particular from the data subjects within the negotiations on conclusion of a contract and in the course of performance of the contract.
Processors and recipients
To ensure the above described purposes, the personal data may be processed by processors, other than GEMA ART International s.r.o. and its employees, on the basis of agreements on personal data processing concluded in accordance with the Act.
Protection of personal data is technically and organisationally ensured by GEMA ART International s.r.o. in compliance with the Act. GEMA ART International s.r.o. requires the same level of protection from personal data processors.
Please note that on the basis of a legitimate request, the personal data may be transferred to third parties with the statutory power to require such transfers of the personal data.
Rights of data subjects
In cases stipulated by the law, the data subject is entitled to request information on the processing of his/her personal data, the right to access the personal data, the right to rectification or supplementation of personal data, portability of personal data to a third party, erasure and restriction of processing of personal data.
The data subject has the right to lodge a complaint regarding our processing of personal data with the Office for Personal Data Protection https://www.uoou.cz/.
- personal data – means any information relating to an identified or identifiable data subject; an identified or identifiable data subject is one who can be identified, directly or indirectly;
- data subject – means a natural person to whom the personal data are related;
- controller – means any entity which determines the purposes and means of the processing of personal data, and which performs, and is responsible for, the processing;
- processor – means any entity which processes personal data on the basis of a special law or an authorisation of the controller in compliance with such law;
- recipient – means any entity to which the personal data are disclosed;
- processing of personal data – means any operation or set of operations systematically performed with personal data by the controller or the processor, whether or not by automated means; processing of personal data means, in particular, collection, storage on information carriers, disclosure, adaptation or alteration, search, use, transfer, dissemination, publication, storing, exchange, sorting or combination, blocking and destruction.