We greatly appreciate the trust you have placed in us when you decided to use the products and services of ootoolno s.r.o.
In order to be able to provide you with our products and services, or to continue to improve our product range and to prepare products for you that meet your needs and/or comply with legislative requirements, we process a number of personal data about you. It is our priority to provide you with a first-class service and we treat the processing and protection of your personal data with the same standard.
Please see this document for details of the personal data we collect about you, how we handle it and what your rights are in relation to it. Please pay due attention to it.
Please note that we are entitled to change this document from time to time. You can always find the current version on our website.
If you have any questions regarding the processing of your personal data, we are of course at your disposal.
Sincerely
Jiří Brada
Managing Director
On this page you will find an overview of the main principles of data protection and other processed data. Our aim is to process personal data in accordance with the General Data Protection Regulation or GDPR (Regulation of the European Parliament and of the Council of the European Union No.2016/679) and Act No.101/2000 Coll., on the protection of personal data.
ootoolno s.r.o. is a company with limited liability – (hereinafter referred to as the “Company”). ID No.: 08482471, with its registered office at Kaprova 42, 110 00 Prague, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, Insert 319624, and as the controller will process your personal data according to the terms and conditions set out below.
If you wish to communicate with us regarding the processing of your personal data, you can contact us:
Jiří Brada
in writing to Kaprova 42/14, 110 00 Prague
email: ootoolno@gmail.com
The Company may only process your personal data for the purposes for which it has the relevant legal basis for processing. In view of the activities that the Company carries out and the purposes for which it processes your personal data in connection therewith, the processing of personal data comes into consideration as a legal basis:
if this is necessary for the performance of the contract concluded with you or for the implementation of measures prior to the conclusion of this contract at your request
if necessary to comply with our legal obligation
to protect our rights and legally protected interests
on the basis of your consent
Therefore, your consent is only required for the processing of your personal data if the Company has no other legal basis within the given purpose of processing. The purposes for which the Company processes personal data can be divided into the following main categories: client servicing, contract performance, risk management and security, including compliance with the Company’s legal obligations, marketing and internal administration, including service development and improvement.
The provision of personal data is always voluntary. However, in the event that you refuse to provide us with your personal data for processing purposes that have a legal basis for processing other than your consent, it will not be possible for us to enter into a contract with you, as the provision of your personal data for these purposes is a prerequisite for entering into a contract with the Company.
In the case of consent to the processing of personal data for marketing purposes, the provision of personal data for these purposes is always entirely at your discretion. If you are considering giving consent to the processing of personal data for marketing purposes in connection with the conclusion of a contract, we would like to point out that giving consent is not a prerequisite for the conclusion of a contract. In any case, you can withdraw your consent at any time free of charge. However, the withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal.
The Company processes personal data that:
you yourself told the Company;
are generated by your use of our services;
obtain from third parties authorised to handle such data and transfer it to the Company, subject to certain conditions
are publicly available from various registers, records and lists (land register, commercial register, insolvency register, etc.).
Your identification data, in particular your name, surname, academic degrees, date of birth, ID number, VAT number, residential address, registered office address (if you are an entrepreneurial natural person), position within the legal entity you represent;
Your identification data, in particular your name, surname, academic degrees, date of birth, ID number, VAT number, residential address, registered office address (if you are an entrepreneurial natural person), position within the legal entity you represent;
Your payment details, in particular your bank account number, credit card number, variable symbol, possibly also a specific symbol, a note from the sender or recipient, or any other details you provide in the payment;
details of your orders, in particular the goods or services you have ordered;
network data that we collect when you access and use our website, in particular your IP address, the MAC address of the device through which you use the site, data about your access to the site, activity on the site, the length of your visit to the site, cookies, data about the location of the device through which you use the site.
Cookies are small data files that help websites you visit to remember the actions and settings that individual users have made on the website, so that these details do not have to be re-entered. Cookies are stored on individual computers using a web browser. Cookies do not pose a danger, they do not serve to obtain any sensitive personal data, but they are important for privacy protection. We do not use cookies to identify website users or to misuse login data.
For example, cookies allow us to recognize a user as an existing user or to customize a service to a user’s preferences. We also use cookies to display so-called behaviourally targeted online advertising on and off the Company’s web portals, in simpler terms, to display only advertising that is relevant to that particular user, without bothering them with advertising that they are not interested in.
We also use cookies when a user uses services that we offer to our partners, such as advertising services or features of the Company’s services that may appear on other sites.
Another group is represented by third-party cookies (e.g. Google Analytics to analyse traffic to a particular website or a particular service, or cookies from operators of advertising systems that run on our site).
You as a user have the option to refuse the use of cookies. However, in some cases it may not be possible to view a particular service or product of ours without the use of cookies.
If your browser is enabled to use cookies, we will assume that you consent to the use of standard cookies by our websites.
The processing of personal data is carried out manually and automatically in electronic information systems, in electronic or paper form, always with high technical, organisational and personnel security in accordance with legislative requirements.
In accordance with a comprehensive internal regulatory framework, personal data are under constant physical, electronic and procedural control. In order to protect the data, the so-called information security management system and the related organisational and technical security measures, including technical, organisational and personnel measures, are clearly defined. Control, technical and security procedures defined by law and internal regulations are implemented for maximum security. All persons who come into contact with personal data from their work position (or within the framework of contractually assumed duties) are trained and bound by confidentiality obligations.
Information on the processing of personal data
You can ask us for information about the processing of your personal data, in the context of which we are obliged to provide you without undue delay with information about:
the purpose of processing,
the personal data or categories of personal data processed, including any available information about their source,
beneficiaries or categories of beneficiaries,
information on the nature of the automated processing, if the data are used to decide on the rights of the data subject.
We are entitled to charge a reasonable fee for providing this information, not exceeding the cost of providing the information.
Request for clarification/removal of an illegal situation
If you believe or discover that we are processing your personal data in violation of the protection of your private and personal life or in violation of the law, you have the right to ask us for an explanation and/or ask us to remedy the unlawful situation, i.e. to block, correct, supplement or destroy your personal data.
In the event of a breach of our obligations, you may also address your complaints to the Office for Personal Data Protection (“OPPD“), which is located at Pplk. Sochora 27, 170 00 Prague 7, tel. 234 665 111 (switchboard). The OPPD operates a website: www.uoou.cz, where you can find more information on what and how the OPPD can help you.
Withdrawal of consent
Based on your consent, the Company processes your personal data for marketing purposes only. You can withdraw your consent to this processing at any time free of charge. However, withdrawal of consent does not affect the lawfulness of processing based on consent prior to withdrawal. Withdrawal of consent also has no effect on our contractual relationship.
Exercising your rights
If you wish to exercise your rights, please contact us via one of the contacts listed above.
We process personal data relating to the conclusion and performance of the contract and the care of the client for the duration of the contract, and for the period for which we are obliged to retain such data under generally binding legal regulations, and we also retain it for the period necessary in the event that we have to provide evidence in court or administrative proceedings, but always no later than the expiry of the relevant statutory limitation periods.
Personal data that we process on the basis of your consent for marketing purposes are processed for the period for which you have given your consent or until you withdraw your consent.
In accordance with the principle of data minimisation, we always process only the personal data that we strictly need for the purpose and keep it for as long as necessary. Once the time period has elapsed, the personal data is deleted or anonymised.
Generally speaking, the recipient of personal data is any subject to whom the personal data is disclosed. Depending on the nature of the situation, the recipient of the personal data may therefore be either another data controller (who determines the purposes and means of processing the personal data) or a data processor (who processes the personal data for the data controller).
The Company does not, as a matter of principle, share your personal data with other data controllers unless we are obliged or authorised to do so by law or you have given us your consent.
Your consent is not required to share personal data with data processors. We always carefully vet entities that are to become processors of personal data that the Company manages and ensure that they comply with appropriate technical and organisational security measures. Any entity that may become a processor of personal data that we manage for us in the course of its business is subject to a written contract for the processing of personal data and that processor is only entitled to handle personal data to the extent necessary to perform its task, for the purposes of performing its task and for the agreed period of time.
The processors are in particular:
Marketing agencies, external call-centres, market research agencies
IT service providers
Law firms, accountants and tax advisors
Debt collectors (including collection agencies)
Entities providing printing and mailing services
Entities providing advisory services
Data storage and cloud service providers
External auditor
We may be required by law to share your personal data without your consent with third parties (e.g. bailiffs, law enforcement authorities, courts and others) for the purpose of carrying out their obligations and, where applicable, enforcing their decisions. Clients’ personal data may also be disclosed to sectoral supervisory authorities in the performance of their activities (e.g. the Office for Personal Data Protection or the Office for the Protection of Competition).
Within the European Economic Area (“EEA”), a regime of free movement of personal data applies and the same rules apply to the processing of personal data as in the Czech Republic.
In some cases, it may happen that our suppliers process personal data in third countries (i.e. countries outside the EEA), but always in compliance with all legislative requirements.