The principles of personal data processing protection in Asseco Solutions, a.s.
We handle personal data exclusively in compliance with applicable legislation. Please read the principles of personal data processing protection in Asseco Solutions, a.s., to find out what principles we follow when ensuring the confidentiality and security of your personal data.
Information about the personal data controller::
Company: Asseco Solutions, a.s..
ID No: 64949541
Tax ID No: CZ64949541
Registered Address: Zelený pruh 1560/99 140 02 Praha 4
The Asseco Group consists of the following entities:
Asseco Solutions, a.s. IČO: 64949541
NZ Servis, spol. s r.o. IČO: 25637151
Information about the data protection officer:
Purposes of processing
We process your personal data in the scope necessary for the provision of a service which we will provide you with. We divide them into two groups – personal data that we can process without your consent and personal data that we cannot process without your consent.
Personal data processing for which we need your consent:
• Marketing activities,
• Non-financial services of our partners,
More detailed information about consents given to the processing of your personal data is available in the text of the document that you give to us within the process of arranging the service and signing the contract.
The consent to the processing of personal data for a certain purpose is voluntary and it can be unconditionally withdrawn at any time.
Personal data processing for which we do not need your consent:• Fulfilling our duties that arise from concluded contracts,
• Fulfilling our duties imposed by laws and other legal regulations,
• Ensuring the protection of our rights and interests protected by law (e.g. when asserting claims in court, with insurance companies), the scope of the personal data provided is limited to the personal data that are necessary for the successful assertion of the claim,
• Fulfilment of a task performed in the public interest.
If you refuse to disclose to us the personal data needed for some of the above mentioned reasons, it will not be possible to provide you with the relevant product, service or other performance for which we need the data.
We process your personal data on this legal basis due to compliance with the following laws and legal regulations:
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation),
• Act No. 101/2000 Coll., on the protection of personal data,
• Act No. 127/2005 Coll., on electronic communications,
• Act No. 480/2004 Coll., on certain information society services,
• Act No. 634/1992 Coll., Consumer Protection Act (this Act regulates credit bureaus),
• Act No. 370/2017 Coll. on payment systems (this Act regulates activities of entities that are authorised to provide payment services),
• Act No. 164/2013 Coll., on international cooperation in tax administration (this Act imposes an obligation to exchange information about persons subject to tax obligations in other countries with other financial institutions)
• Act No. 253/2008 Coll., on selected measures against legitimisation of the proceeds of crime and financing of terrorism (this Act imposes an obligation to carry out customer identification and checking)
• Act No. 69/2006 Coll., on implementation of international sanctions (this Act imposes a duty to check that clients are not subject to international sanctions) and Regulation (EU) of the European Parliament and of the Council e.g. Capital Requirements Regulation No. 575/2013, on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No. 648/2012.
The legitimate interests of Asseco Solutions, a.s., and the Asseco Group in the processing of your personal data
In some cases, we process your personal data in order to ensure the protection of rights and interests protected by law of Asseco Solutions, a.s., as well as the whole Asseco Group and potentially other third parties. We can perform this processing without your consent. However, the scope of reasons that authorise us to do this type of processing is limited. We always carefully assess the existence of legitimate interests.
Examples of the processing of personal data for legitimate reasons:
• Simulation of products and services in order to help you choose the most suitable product
• Preparing a contract at your request – collecting and processing of personal data that are needed and necessary for drafting your contract
• Managing relationships with business partners in order to provide you with all the services that are related to product management or to deal with your requests, wishes and complaints, etc.
• Managing customer relationships in order to provide you with all the services that are related to product management or to deal with your requests, wishes, complaints, etc.
• Sending messages, notifications and confirmations that are used for the operation and maintenance of your product
• Reporting and creating analytical models on the basis of aggregated and anonymous personal data and sharing them with the Asseco parent company
• Analyses of your profile data and data about products and services for the purpose of:
- Setting adequate parameters for your contract
• Processing camera recordings to eliminate unlawful conduct and ensure the protection of persons and property,
- Testing software changes,
- Research and development of products/services and analyses of market development,
- Processing analyses using aggregated (anonymous) data for historic, statistical and scientific purposes.
Categories of personal data
Name, surname, title, birth identification number or date of birth
Especially contact address, phone number, e-mail address and other similar data. These include personal data thanks to which we can contact you.
Information about solvency and credibility
Personal data that are necessary for Asseco Solutions, a.s., to transact business without undue legal and material risks – with regard to its legal obligations to proceed cautiously when exercising its activities. The nature and scope of these personal data depend on the nature of the deal made or service provided.
Information about services used
Information about what products and services Asseco Solutions, a.s., provides you with and how you use them.
Recipients and processors of personal data
We process and store personal data that you have disclosed within the Asseco Group. If the processing of personal data is based on your consent or the legitimate interests and purposes of Asseco Solutions, a.s., mentioned above, your personal data may be processed by external co-workers of Asseco Solutions, a.s., and by contractors. We carefully choose entities that work with us on the basis of guarantees by which they ensure the technological and organisational protection of the personal data that we give to them. Personal data for Asseco Solutions, a.s., can be processed only by processors exclusively on the basis of a contract for the processing of personal data.
In this sense, Asseco Solutions, a.s., can disclose personal data for legitimate reasons to the following recipients:
• Companies that operate within the Asseco Group
- NZ SERVIS, spol. s r.o., with its registered address at Cyrila Boudy 1444, Kročehlavy, 272 01 Kladno, ID No.: 25637151
• External co-workers of Asseco Solutions, a.s., and contractors for the purpose of the performance of a contract,
• Marketing and research agencies for the purpose of marketing processing or survey and for offering the business, products and services of Asseco Group members and selected business partners,
• Stock exchange and mediators of securities trading,
• Providers of payment services and payment processors for the purpose of securing transfers of financial resources and the realisation of foreign payments,
• Providers of postal and communication services and services of electronic communication,
• Bank and non-bank registers, mobile operators for the purpose of fulfilling the obligations of the responsible provision of loans,
• Executors and auctioneers for the purpose of filing related claims,
The period for which your data are stored by Asseco Solutions, a.s.
We only keep your personal data for the period necessary and archive them according to the statutory periods regulated by the applicable legal regulations.
We process personal data for the duration of the contractual relation or other legal title which authorises us to process your personal data. It means that we have set strict internal rules that verify the legality of keeping personal data and that we do not keep the data longer than we are authorized to do so. After the loss of the legitimate reason, we erase the relevant personal data.
We store personal data that we process with your consent only for the duration of the purpose to which the consent has been given or for the duration of your consent.
Your rights related to the protection of personal data
We process your personal data transparently, correctly and in compliance with legal requirements. However, at the same time you have the right to contact us at any time to ask for information about the processing of your personal data or to exercise the below mentioned rights related to personal data.
Right of access to personal data
You have the right to ask for a copy of your personal data that Asseco Solutions, a.s., processes.
Right to have personal data rectified
If you suspect that the personal data that we keep about you are incorrect or incomplete, you have the right to ask that they be updated or corrected.
Right to personal data erasure (right to be forgotten)
You have the right to request the erasure of your personal data if they are not needed for the purpose for which they have been processed, if you have withdrawn your consent to their processing, if they have been unlawfully processed, they have to be erased to ensure compliance with legal obligations, or if they have been collected in relation to the offer of information society services.
Right to the restriction of personal data processing
You have the right to the restriction of processing, if you contest that the personal data are not accurate or their processing is unlawful and you oppose the erasure of the personal data; or if you ask us, we can process your selected personal data even when they are no longer needed for the purpose for which you have provided Asseco Solutions, a.s., with them (e.g. in connection with asserting a claim in court for which you need the processed personal data) or you have objected to the processing and when it is not apparent whether our legitimate interest overrides your legitimate interests.
Right to personal data portability
In the case of the automated processing of personal data that is based on a concluded contract or a consent that you have given to us, you have the right to the so-called portability of such data; you will be provided with them in a structured, commonly used and machine-readable form.
Right to object to the processing of personal data
At any time you can object to the processing of personal data, including profiling that we process due to legitimate reasons. You also can object to the processing of personal data for direct marketing purposes at any time. In such a case, we will no longer process your personal data for this purpose.
Right to withdraw consent to the processing of personal data
If you have given us consent to the processing of personal data for purposes that require consent, you have the right to withdraw this consent at any time. The processing of personal data that was carried out before the withdrawal of consent is lawful.
For the exercise of your rights, you can contact any contact point or use the electronic communication channels that you use for communication with Asseco Solutions, a.s.
We will respond to your requests concerning the exercise of your rights without undue delay within 30 days of the receipt of your request. However, the period can be extended by two months if necessary. We will always inform you about such an extension including the reasons that led us to it. We will communicate with you using the method which you prefer (e-mail, letter).
The right to lodge a complaint with the supervisory authority
If you believe that personal data protection rules have been violated during the processing of your personal data, you have the right to lodge a complaint with the supervisory authority (the office for personal data protection).
The office for personal data protection:
Pplk. Sochora 27
170 00 Prague 7
tel. no: +420 234 665 111