Personal data processing policy

1. Personal data processor

We, Railsformers s.r.o, IN: 24704440, company address Technologická 372/2, Pustkovec, 708 00 Ostrava, registeres by Regional Court in Ostrava, section C, file 36254 (hereinafter "Company“), are the processor of personal data. By the 1st May 2018 we have appointed our DPO - data protection officer:

Name:

Contacts:

2. Scope of processed personal data

If you decide to contact us, we'll process primarily your email or phone number, depending on which you insert into the contact form. Further we will process all data you insert into the body of the message sent to us.

Also, we will process your electronic entries, mainly IP address, type of browser used, domain name and cookies. Closer information about cookies processed on our web presentation can be found here (link Cookies).

Providing your personal data is voluntary in any case.

3. Purpose, legal basis for processing and processing period

All personal data put into contact form will be processed with purpose of processing your message and preparation of the answer, or for the purpose of contacting you. Veškeré osobní údaje vložené do kontaktního formuláře budeme zpracovávat za účelem zpracování vaší zprávy a přípravy odpovědi na ní, případně proto, abychom vás mohli přímo kontaktovat. Legal basis of this processing is the legitimate interest of us (see Article 6(1)(f) GDPR), namely interest in communicating with you regarding the issue you contact us with. For this purpose, we will process personal data for the whole period of communication with you, maximally for the period of 24 months since the last date of communication with you.

We are still entitled to have the right to process these data for other purposes, on different legal basises (for example contractual execution, if you decide to cooperate with us). We will inform you about these purposes and legal basises in Personal data rocessing policy for business partners.

Also, if you give us consent with personal data processing, we will process your contact entries for the purpose of submitting a business proposal, meet arrangement or other  business activities. Your consent (see Article 6(1)(f) GDPR), voluntarily given, willl serve as a legal basis for that. You can withdraw the consent at any time. If you withdraw the consent, personal data processing based on the consent before its withdrawal won´t be affected. Also, your consent is time-limited, for the period of 2 years since the moment of giving.

4. Categories of recipients of personal data

Railsformers s.r.o. may provide personal data mainly to recipients who we have signed Data processing agreement and those whose services it uses mainly in the context of the operation and maintenance of the System. These are in particular entities providing accounting, printing and mailing services, legal services, IT services, cloud services, services for sending Communications or operators of payment gateways and systems, etc.

5. Data subjects rights

As a data subject you have:

  • the right of access to personal data (under the terms of Article 15 GDPR)
  • the right to rectification of personal data (under the terms of Article 16 GDPR)
  • the right to erasure of personal data (under the terms of Article 17 GDPR)
  • the right to restrict the processing of personal data (under the terms of Article 18 GDPR)
  • the right to object to processing (under the terms of Article 21 GDPR)
  • the right to data portability (under the terms of Article 20 GDPR)
  • the right to lodge a complaint with a supervisory authority (i.e. the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, e-mail posta@uoou.cz)
  • the right to withdraw consent to the processing of personal data