General Data Protection Regulation (GDPR) is a general set of rules governing data protection in the EU. Its goal is to protect the rights of EU citizens against unauthorized use of their personal data and to give them more control over what happens to their data. GDPR concerns anyone who collects or processes personal data. It was enacted in the EU on 25thMay 2018. In the Czech Republic, it replaces the previous legal regulations codified in act no. 101/2000 Sb., On Personal Data Protection.
In Aquarex WATERPROFIT s.r.o. (hereinafter referred to as “the Company”), personal data is processed in compliance with GDPR. Any manipulation with personal data is done solely with previously stated purpose and based on relevant legal grounds. The Company always heeds the basic legal principles – lawfulness, correctness, transparency, restriction of purpose, minimalization of data, precision, restricted storage, integrity and confidentiality and responsibility of the administratior. The rules for personal data processing are defined within the Company’s internal guidelines.
Every citizen (subject of personal data) has a right to access the personal data that affect him – he has a right to claim information on whether and in what scope his personal data is processed by the Company. The Company will provide him with copies of personal data processing.
Furthermore, each subject has the right to request deletion of the data he provided to the company, the right to correct his personal data that is being processed, and the right to object to, or to limit, the processing of the personal data he provided to the Company, based on his agreement to personal data processing. The aforementioned rights can be exercised only upon a written request from the subject of the personal data, after authentication of the provided identification data, so it’s not possible to make the data of another person available. Such a request can be administered at the Company’s premises – Aquarex WATERPROFIT s.r.o., Průmyslová 1153, Uherské Hradiště.
If the subject of personal data has a suspicion that his personal data is not being processed in compliance with valid legislation, he has a right to give notice to the representative of the Company at the aforementioned address. If the situation is not remedied then the subject of personal data has a right to file a claim with the oversight authority, which is The Office for Personal Data Protection.