1) Introductory provisions

1) For the purposes of these Rules and Information:

  • Administrator – trading company Intecha, spol. s r.o., Prague 7, Argentinská 320/34, PSČ 17000, e-mail: intecha@intecha.cz,
  • A Data Subject – a person who acts with the Administrator on performance of a contract or on the terms of a contract, a person who provides any personal information to the Administrator on the basis of their consent, or the person whose personal data are collected by the Administrator under another legal title in accordance with the Regulation of Parliament and Council (EU) No 2016/679 of 27 April 2016 (hereinafter referred to as GDPR).
2) Administrator – is a design, engineering and trading company operating in the petrochemical, refinery and chemical industry.

3) Administrator generally processes Personal Data about the Data  Subject in particular for the following purposes:

  • performance of contractual responsibilities of the Administrator and negotiation of the contract;
  • fulfillment of accounting, tax and archival obligations arising from legislation;
  • marketing or business services proposals of the Administrator;
  • open job vacancies;
  • purposes contained within the data subject's consent;
  • protection of the rights and legitimate interests of the Administrator (Legitimate Interest).

4) The Personal data Administrator declares that they will collect personal data to the extent necessary to fulfill the intended purpose and process it only in accordance with the purpose for which they were collected.  Administrators´ employees are required to maintain confidentially of personal data, even after termination of employment with the Administrator.

5) A Data Subject who, during of a business, contractual or pre-contractual negotiation with the Administrator through free and free consent to the processing of personal data or otherwise, provides his personal data for the purpose of transmitting it to the Administrator does it voluntary and on his behalf.

2) Personal Data Protection and Information about Data Processing
1) Personal Data is processed to the extent that the Data Subject has provided to the Administrator in connection with conclusion of a contractual or other legal relationship with the Administrator, or which the Administrator has collected otherwise and are processed in accordance with the valid legal regulations or the fulfilment of Administrator´s legal obligations.

2) The sources of Personal Data, processed by the Administrator, are Data Subjects, who provide to the Administrator Personal Data necessary for the fulfilment of the contractual and legal obligations. Other sources are public open registers of lists and records, possibly other sources, from which the Administrator will always require a legal reason for the personal data processing.

3) Personal Data means the address and identification data used  for the unambiguous  the Data Subject identification (eg. Name, Surname, Title, Birth Number, Date of Birth, Permanent Address, ID, VAT Number) and contact data ( e.g. contact address, telephone number, fax number, e-mail address and other similar information), descriptive data (e.g. bank details, other  data necessary for the contract performance and data provided beyond the relevant laws processed under the consent from the Data Subject (photo processing, use of personal data for personal management etc.)

4) Administrator divides the Data Subjects into the following categories:

  • Administrator´s Business Partner;
  • Administrator´s Employee;
  • Service provider;
  • Another person who is in a contractual relationship with the Administrator;
  • Job applicant.
5) The processing of Personal Data by Data Subjects is carried out by the Administrator at the registered office or branches by the individual authorized employee of the Administrator, its statutory representatives and the processor. The processing of personal data is carried out mainly via computer technology or manually and at the same time, while complying with all security principles for managing and processing of personal data. In order to secure the legal handling of personal data, the Administrator has taken technical and organizational measures to ensure the protection of personal data, in particular measures to prevent unauthorized or accidental access to personal data, their change, destruction or loss, unauthorized transmissions, unauthorized processing, as well as other misuse of Personal Data.

6) In accordance with the principles of minimization and limited time for storing Personal Data, the Administrator will process and store the Personal Data only for the time necessary to ensure the rights and obligations arising from both the contractual relationship and the applicable legal regulations.

7) The Administrator processes the data with the consent of the Data Subject, except for the cases where the processing of Personal Data does not require the consent of the Data Subject. In accordance with Article 6 (1) of the GDPR, the Administrator may, without the consent of the Data Subject, process personal data if:

  • processing is necessary for the performance of the contract to which the Data Subject is a contractual party or for the implementation of measures taken prior to the conclusion of the contract at the request of this Data Subject;
  • processing is necessary for the compliance with legal obligations that are applied to the Administrator
  • processing is necessary to protect the vital interests of the Data Subject or other natural person;
  • processing is necessary for accomplishment of a task carried out in the public interest or in the exercise of public authority entrusted to the Administrator;
  • processing is necessary for the purposes of the legitimate interests of the relevant Administrator or third party, except for cases the interests or fundamental rights and freedom of the Data Subject that require such protection prevail over such interests.
8) In accordance with Article 12 of the GDPR, the Administrator inform the Data Subject  on request about right of access to Personal Data and the following information:

  • the purpose of processing;
  • the category of personal data concerned;
  • the recipients or categories of recipients whose personal data has been or will be made available;
  • the planned time for which personal data will be stored;
  • any available information about the personal data source;
  • if they are not obtained from the Data Subject, whether automated decision making, including profiling.
9) Each Data Subject may,  if there is discovered or believed that an Administrator or Processor has carried out processing of their personal data which is inconsistent to the privacy of the Data Subject or is inconsistent with the law, especially if personal data are inaccurate with respect to the purpose of their processing:

  • Asks the Administrator for explanation;
  • Ask the Administrator to remove this state, in particular, it may be blocking, repairing, adding or deleting Personal Data.
If the data subject's request under point 1 of this paragraph and the article is found to be justified, the Administrator shall immediately remove the defective condition. If the Administrator does not comply with the request of the Data Subject in accordance with point 1 of this paragraph and the Article, the Data Subject has the right to contact directly the relevant Supervisory Authority, i.e. the Personal Data Protection Authority. The Administrator is entitled to require a reasonable compensation for the provision of the information, not exceeding the costs necessary to provide such information.

10) All legal relations arising out of or in connection with the processing of Personal Data comply with the legal measures of the Czech Republic, irrespective of where access has been made to them. In order to resolve any disputes arising in connection with the protection of privacy between the Administrator and the Data Subject, Czech Law shall be applicable by the relevant Czech Courts.

Ing. J. Černý, Company Director