TERMS AND CONDITIONS FOR PERSONAL DATA PROTECTION

Identity and Contact Details of the Controller

AD-IN-ONE Europe, a.s., Company Registration No.: 280 82 869, with its registered office at Bavorská 856, Prague 5, 155 00, registered in the Commercial Register maintained by the Municipal Court in Prague under File No. B 14840

To exercise the rights of the data subject under Personal Data Protection Act No. 101/2000 Coll., and Regulation (EC) 2016/679 of the European Parliament and of the Council (hereinafter referred to as the “General Regulation“), you may contact us personally at our registered office, by post at the above-mentioned correspondence address, through data box, Data Box ID: siickh6 or by e-mail at info@ad-in-one.com. Our company does not fulfil conditions for the mandatory appointment of a Data Protection Officer. If in doubts about your identity, we may ask you for additional verification of your identity.

Object of Data Processing

As part of our business, we process only common categories of personal data:

1. Identification data such as title, name, surname, job position;

    

2. Contact data such as telephone number, e-mail address and workplace e-mail address;

    

3. Transaction data include, but are not limited to, data about services received and provided, user rights, products, payments, bank accounts and other data resulting from services provided to our customers and business partners;

    

4. The data included in communication, i.e. in particular, any personal data during communication of data subjects with our company, but also the very content of the communication with the subject concerned, these being written and electronic communications and records of telephone calls, chat and video chat between the customer or user and AD-IN-ONE Europe, a.s., as well as information voluntarily provided by questionnaires, forms, surveys or similar sources;

    

5. Data relating to the use of the website www.ad-in-one.com and other sites operated by AD-IN-ONE Europe, a.s. where we can collect data such as IP address, browser type, operating system type and approximate location. We also store information obtained through cookies and web server logs.

    

6. Data relating to the use of software and applications developed by AD-IN-ONE Europe, a.s., where we can collect data such as IP address, browser type, operating system type and approximate user location. In addition, we process the name, surname, job position, email and phone number of individual users.

    

7. Data processed on the basis of a consent, where the processing of such data is not strictly necessary for the performance of an agreement or statutory obligations or for the protection of the legitimate interests of AD-IN-ONE Europe, a.s., but their processing allows AD-IN-ONE Europe, a.s. to improve services, focus on what customers are really interested in, or, as the case may be, get customers acquainted with the offers that suit them. These data are processed only if consent is given and they can be processed throughout the duration of this consent. These include in particular:

• Data obtained from marketing surveys;
• Data on the use of services, products, benefits and bonuses and the type behaviour when using the services;
• Contact data in the event that this is not a customer of AD-IN-ONE Europe, a.s .;
• Behaviour reports on the website of AD-IN-ONE Europe, a.s. obtained from cookies, provided that cookies are permitted on the given web browser (they are processed for improving the operation of the website of AD-IN-ONE Europe, a.s., for internet advertising and, if the consent to the processing of personal data for business purposes is provided, these data are processed together with other personal data for this purpose);

   

Categories of Data Subjects

Employees, members of bodies corporate (statutory bodies), authorised or contact persons of business partners, website visitors, users of software and applications developed by AD-IN-ONE Europe, a.s. within the licenses granted to customers for their use, customers and potential customers.

Purpose and Legal Basis of the Processing

(a) Processing of data necessary for performing under the agreement

Personal data processed to provide services, safe and proper performance of an agreement, user rights management and to ensure customer service to our customers. The provision of these personal data is a contractual obligation, and failure to do so would make it impossible for us to perform an agreement with the client efficiently and safely.

(b) Processing of data necessary for fulfilling a legal obligation applicable to the controller

Personal data processed to fulfil obligations arising from legislation, imposing the obligation to process personal data. Typically, this includes the retention of data for bookkeeping purposes; providing these data is a statutory requirement.

(c) Processing of data necessary for negotiating and fulfilling an employment relationship

Personal data processed for the purpose of recruiting staff, retained for the purposes of concluding a contract of employment, if any, with applicants. Providing these personal data is a contractual obligation, and failure to do so would prevent us from efficiently carrying out a selection process and safely performing the contract with an employee.

(d) Processing of data necessary for the purposes of legitimate interests during business communication

Personal data processed to establish, maintain, and deepen our business relationships and contacts with our business partners and customers, for example, for the purpose of sending out sale offers, identifying and improving your customer experience, PR, and brand strengthening. Our legitimate interest includes also the use of personal data for the proper protection of our legal claims, keeping internal statistics and records, carrying out internal checks, etc. In the event of instigating any judicial, administrative or other proceedings, we process personal data to the extent necessary for the duration of such proceedings. The provision of such data is voluntary, you are entitled, under Article 21 of the General Regulation, to object to the processing for such purposes at any time; if objection to the processing for the purposes of direct marketing is made, the data shall immediately cease to be processed.

(e) Processing of cookies from websites

As part of our business strategy, we also use cookies used primarily to identify user devices, optimise our web presentation, and for third-party services (especially Google Analytics). If visitors to AD-IN-ONE Europe, a.s. disagree with the use of cookies, they may set their blocking settings in their browser. If a visitor has enabled cookies in their web browser, we process their behaviour  records from the cookies placed on the website pages of AD-IN-ONE Europe, a.s.

Categories of Personal Data Recipients

All personal data are used solely for the internal use of AD-IN-ONE Europe, a.s. and are protected from misuse. Personal data are, to the extent necessary, transferred for processing by public authorities and other processors who, in accordance with the guidelines imposed, provide sufficient guarantees for introducing technical and organisational measures so that the processing concerned would comply with the requirements of the General Regulation.

The processors include but are not limited to advisory and consulting companies, attorneys-at-law, external hauliers, law enforcement agencies, supervisory authorities in the field of personal data protection and other state administration authorities competent under special regulations.

Recipients also include the cloud storage provider Amazon Web Services Inc., and card payment gateway operators. Credit card numbers and other sensitive data are processed by the payment gateway provider. AD-IN-ONE Europe, a.s. does not retain or have available credit card numbers.

During the processing of personal data these are not transmitted to third countries outside of the European Union or to international organizations.

Time and Method of Personal Data Processing

Personal data are processed for a period of time that is strictly necessary to ensure all rights and obligations arising from agreement, as well as for a period of time that is required for their retention in accordance with generally binding legal regulations.

In general, however, we use and process personal data out of legitimate interest for:

• The duration of our business relationship;
• The duration of communication with an employee, a statutory representative, an authorised or contact person during their activity, if you notify us of its termination;
• A period of time needed to exercise such rights, and after the expiration of the time limits set out in previous points we process the data out of our legitimate interests, in particular, to exercise, demonstrate and defend our rights, interests and claims;
• Until objection to the processing is made where your rights and interests override our legitimate interests.

After this time, we are authorised to process your personal data only for compatible purposes or for special purposes (archiving or statistics).

Personal data are stored in electronic form solely on the servers of our company in the Czech Republic or in the territory of the European Union. Physically, we store data only on the premises of our company or under the supervision of responsible persons.

Rights of Data Subjects

Data subjects are entitled to turn to AD-IN-ONE Europe a.s. for the purpose of exercising the right of access to personal data concerning them, their correction or erasure or, as the case may be, limitation of processing, the right to object to processing, as well as when exercising the right to the portability of data and other rights under the General Regulation.

If you believe that your data is not adequately and in compliance with legal regulations handled, you are entitled to file a complaint with the supervisory authority, i.e. with the The Office for Personal Data Protection, with its registered office at Pplk. Sochora 27, 170 00 Prague 7 – Holešovice, or through the Office website: www.uoou.cz.

AD-IN-ONE Europe, a.s. , 01/2019