Data Protection Principles - BOMEX - CZ s.r.o.
This information is intended for all persons who enter into a contractual relationship with BOMEX - CZ s.r.o. (hereinafter referred to as “Controller”), e.g., suppliers or customers; or persons who are authorized to communicate with the Controller on behalf of their contractual partners who are a legal entity. This information also applies to data protection principles of potential, current or former employees of the Controller.
The Controller processes personal data which the subjects whose data is being processed provide themselves after entering into a contract or within its performance, or during a particular communication. The data is processed within a scope which is necessary for the performance of the contract; or so that the purpose of the communication is fulfilled.
This statement regarding data protection principles explains what personal data the Controller collects and how he uses this data. All principles are in accordance with Regulation of European Parliament and Council (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ES (also as “GDPR” in the text).
Identification of the Controller
The Controller of your personal data is BOMEX - CZ s.r.o., Okružní 410, 755 01 Vsetín, Company registration number: 25839845.
Principles of Processing
When processing your personal data we honor and respect the highest standards of personal data protection and mainly comply with the following principles:
Information about Data Processing
Purpose of Processing and Legal Basis for Processing
Personal data are processed for the following purposes:
a) if you are our business partners or suppliers or if you represent them:
b) if you are job applicants or employees:
Legal Basis for Processing
The legal basis for personal data processing is Article 6 (1) GDPR as follows:
Processing your Personal Data without your Consent
We would like to inform you that your personal data may be processed in accordance with the above mentioned regulation even without your consent, but only for the following purposes:
The possibility and lawfulness of such processing arises directly from valid legal regulations and your consent is not necessary for processing.
Processing Personal Data with your Consent
Some personal data processing requires your consent. They are usually situations when you give your voluntary consent to process personal data provided by you or obtained in another way. If you do not give your consent, it may be the reason for us not to be able to provide certain products or services to you, or we may be forced to adapt the availability, scope or conditions of the provided products or services in a legitimate way.
Based on your consent, we process personal data for the following purposes:
a) if you are our potential business partners or suppliers or if you represent them:
b) if you are job applicants
Scope of Personal Data Processing
Our organization processes personal data in the scope necessary for the performance of the above mentioned purposes.
We process only such personal data which you provide to us mainly:
Therefore, they are mostly (but not exclusively) data which you provide to us or which we are required to process by law or for the purposes of our legitimate interest. The categories of the personal data are as follows:
Manner of Personal Data Processing
The manner in which our organization processes personal data does not include automated processing including algorithmic processing in information systems.
Period of Personal Data Processing
Personal data are kept for no longer than is necessary for the purposes for which they are processed. We constantly assess whether it is still necessary to keep certain personal data for a certain purpose. If we find out that it is not necessary for any of the purposes for which it was processed, we liquidate the data. However, we have already internally determined a certain usual time of use of personal data in relation to certain purposes after which lapse we assess very carefully the necessity to keep the particular personal data for the specific purpose. In this connection the following applies:
Sources of Personal Data
We obtain personal data mainly in the following way:
a) from business partners or suppliers
b) from employees or job applicants, and that is directly, e.g. when entering into a contract, based on a selection process
c) from publicly accessible sources (public registers, records or lists),
d) from third parties who are authorized to handle personal data of the client,
e) from our own activities, by processing and evaluating other personal data.
Recipients of Personal Data
Your personal data are made accessible namely to our employees in connection with performing their job when it is necessary to handle personal data, however, in no larger scope than is necessary in such a case and in compliance with all safety regulations.
Also, your personal data are provided to third persons who take part in their processing, or the personal data may be made accessible to them due to another reason in accordance with law. The Controller has the right to authorize a processor who entered into a Contract on Processing to process the personal data and who provides sufficient assurance of your personal data protection. Therefore, before we provide a third person with your personal data we always enter into a written contract with this third person in which we provide for personal data processing in such a way that it includes the same assurances for personal data processing which we ourselves comply with in accordance with our legal obligations.
Handing over Personal Data
In accordance with relevant legal regulations we have the right to hand over your personal data directly without your consent to the following persons:
a) competent bodies of the state administration, courts and police, judiciary and prosecuting authorities for purposes of performing their obligations and for the purposes of executing a decision;
b) banks and other providers of payment services;
c) other persons within the scope stipulated by legal regulations, e.g. to third persons for the purpose of collecting our claims.
Our organization complies with laws regarding personal data protection which are effective in the European Economic Area, which in case of their validity include the following rights:
a) If the personal data processing is based on your consent, you have the right to revoke your consent for future processing any time (see hereinafter).
b) You have the right to request from us, being the Controller of the data in accordance with legal regulations, the access to your personal data and their correction.
c) You also have the right for the erasure of personal data, the right for limited processing, the right to raise an objection against direct marketing, the right to portability of personal data.
d) You have the right not to give your consent with personal data processing.
e) You have the right to file a complaint with an office authorized for data protection.
The Right to Revoke your Consent
We have tried to explain in this document why we need your personal data and that we can process them for certain purposes only with your consent. You are not obliged to give your consent with processing your personal data to our company and at the same time, you are entitled to revoke your consent. We would also like to remind you that there are certain personal data which we are entitled to process for certain purposes also without your consent. If you revoke your consent, we will terminate processing of the particular personal data which require your consent. Should you wish to revoke your consent with personal data processing, you can do so in the way described in the section Contact Us.
Changes in Statement on Personal Data Protection Principles
We will update this statement on personal data protection principles as necessary, based on our customers’ opinions. When we publish changes of this statement, we will always adjust the date of the last update which is given at the end of this statement including the change description. If there are significant changes in this statement or the manner our organization uses your personal data, we will inform you before the implementation of such changes by publishing a visible notification or by sending you a personal notification. We recommend that you regularly check this statement so that you are informed about the manner of your personal data protection.
A cookie is a small data file placed in your browser in the device (computer, smart phone or tablet) on which you look at the website. Cookies have various purposes and some may contain your personal data. We use the following types of cookies on our website.
These cookies (e.g. PHPSessionID) are necessary for assuring the website operation (e.g. due to responsive design). For such a type of cookies it is not necessary, according to the opinion of the expert group WP29 EU) to obtain your consent. It is possible to block them = ban, but then a part of the website may not be displayed correctly, or some parts may not work at all. You can turn off cookies for the most frequently used browsers here:
Cookies for Marketing Purposes
We use these cookies (e.g. __utma, __utmc, leady_session_id,_ga) for monitoring the number of visits and they are not necessary for the correct operation of the website. For this type of cookie it is necessary to obtain your consent, which can be given, according to the expert group WP29, by setting your browser, that is by turning off cookies of third parties. To turn on/off this function, look for help in the particular browser. Instructions for the most common browsers can be found here.