GDPR statement


processing of personal information

Statement of Personal Data Processing under Regulation (EC) 2016/679 of the European Parliament and of the Council on the Protection of Individuals with regard to the Processing of Personal Data and the Instruction of Data Bodies („GDPR“)

Personal Data Manager

Company H & D as, registered office Olomoucká 37, 796 01 Prostějov, Czech republic, VAT: CZ60745451, entered in the Commercial Register kept by the Regional Court in Brno, „Administrator“ hereby informs you of the processing of your personal data and your rights in accordance with Article 12 GDPR

Personal Data Entity

The natural person whose personal data are being processed.

Scope of Personal Data Processing

Personal data is processed to the extent that the data subject has provided the data subject in connection with the conclusion of a contractual or other legal relationship with the trustee or otherwise collected by the trustee. it shall process them in accordance with the applicable law or the legal obligations of the controller.

Personal Data Sources

• directly from data subjects (registrations and purchases via e-shop, emails, applications, offers, offers, contracts, etc.)

• publicly accessible registers, lists and records (eg business register, trade register, cadastre, etc.)

The categories of personal data that are processed in the address and identification data used to uniquely and unambiguously identify the data subject (eg name, surname, title or birth number, date of birth (address, permanent address, company ID, VAT number) and contact data (contact details - eg contact address, telephone number, fax number, e-mail address and other similar information) necessary for the performance of contractual relations between the controller and the personal data subject.

Categories of data subjects

- Administrator Customer

- Employee Administrator

- Supplier or recipient of the service

- Another person who is in a contractual relationship with the trustee

- Jobseeker

Categories of recipients of personal information

- Processor

- Public Institutions, State, etc. in the course of fulfilling the legal obligations established by the relevant legislation

Purpose of processing personal information

- The purpose of creating a business offer

- Negotiation of a contractual relationship

- Performance of the contract

- Protecting the Rights of the Administrator, Recipient or other Affected Persons

- Archive Archives

- Selection for Administrator Jobs

- Execution of statutory duties by the administrator

- Protecting the vital interests of the subject of personal data

How to process and protect personal information

- The processing of personal data is done by the administrator, processing is carried out at the administrator's headquarters by the individual authorized personnel of the administrator. For the management and processing of personal data in such a way that unauthorized or accidental access to personal data, alteration, destruction or loss, unauthorized transmission or processing may not occur.

Personal data may be entrusted by the trustee to third parties - the processor on the basis of a contract in which the GDPR principles are grounded.

Time to process personal data

- In accordance with the deadlines specified in the relevant contracts, in the Administrator's File and Sharing Rules or in the relevant legislation.


In accordance with Article 6 (1) of the GDPR, the controller may, without the consent of the data subject, process the following data:

- processing is necessary to fulfill the contract to which the data subject is a party

- processing is necessary to meet the legal obligations of the controller, whether necessary to protect the vital interests of the data subject or other natural person.

- processing is necessary for the purposes of the legitimate interests of the controller or a third party, except where the interests, rights and freedoms of the data subject prevail over those interests.

Personal data is not used for automatic decision making.

Data subject's rights

Access Right:

- the right to know what data we are processing, how long we are passing on and the right to access that information

Right to data portability:

- the ability to retrieve their personal data in a structured, commonly used and machine-readable format and the right to pass this data to another administrator.

Right to Repair:

- if your details are incomplete or outdated, we are entitled to correct or supplement these without undue delay.

Right to Deletion:

- If the reason for keeping your personal information is met and there is no legitimate reason for further processing and storing, you have the right to request their immediate removal.

Right to Restrict Processing:

- In certain cases, you may require that you identify the personal information you do not wish to process further.

Right to object to processing:

- you have the right to object to the processing that occurs on the Administrator's legitimate interest

Right to file a complaint:

- By exercising your rights in the same way, your right to file a complaint with the appropriate authority (the Personal Data Protection Authority) is unaffected

You can contact the H & D, a.s., phone +420 582 305 600 or by an authorized employee of Mrs. Pavla Brablecova, tel. +420 582 305 645, e-mail: in all matters relating to the processing of your personal data.

This statement is publicly accessible on the administrator's website.