GDPR
Personal Data Protection
INFORMATION FOR CLIENTS
The company KOREJZOVA LEGAL v.o.s., entered in the companies register kept by the Municipal Court in Prague, section A, insert 50452, having its registered office at the address Korunní 810/104E, 101 00 Prague 10, Business ID No: 261 51 103, as the personal data controller (hereafter "Controller"), would like to inform you of the means and scope of personal data processing in connection with the provision of its services.
In connection with the performance of legal services and provision of services of patent attorney, the Controller gathers and processes, amongst other things, personal data about its clients. The Controller processes this personal data in compliance with legal regulations, primarily with Act No 85/1996, concerning legal services, as amended, and Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereafter the "Regulation" or "GDPR").
1) Contact data of controller - where can you reach us?
You can contact us at the personal data controller at any time via the responsible contact person: Pavel Míčka (tel.: 246 090 111).
2) Joint controllers - who are the joint controllers?
The joint controllers along with the Controller in the sense of article 26 of the GDPR are the cooperating lawyers and patent attorneys given on the internet pages of the Controller, www.korejzova.cz (hereafter the "Joint Controllers").
The Joint Controllers process personal data in the context of mutual cooperation. They have joint records of personal data and are governed by the principles for the processing of personal data given in the Controller's internal regulation. The Controller provides technical resources for securing and protecting personal data and also designates the rules about how to handle the personal data. Each of the Joint Controllers is liable independently for a breach of the Regulation and internal regulation of the Controller.
3) Categories of personal data - which personal data will we process?
4) Purpose of processing – how do we utilise the personal data?
5) Legal basis – what is the legal foundation allowing us to process the personal data?
6) Sources of personal data - where do we get the personal data from?
We process the data that clients give us in connection with the provision of our services, data from available public registers, and data which we have gained from state authorities and bodies of public administration. It involves in particular these sources of personal data:
7) Period of processing - how long do we process the personal data for?
We process the personal data for the period necessary for the due provision of our services. For the reason of our legitimate interest, we will keep your personal data for another 10 years after the end of service provision, both in order to protect ourselves and in order to comply with duties designated by special laws (laws concerning lawyers, tax, accounting etc.).
8) Means of recording personal data - where and how is personal data kept?
We keep both hard-copy and digital records:
Personal data is constantly updated on the basis of information from clients, public-administration bodies, third parties and potentially from public sources (internet and public registers).
9) Personal data protection - how do we ensure the protection of personal data?
Personal data is under constant physical, electronic and procedural control. The Controller has modern inspection, technical and security mechanisms ensuring the maximum possible protection of the processed data from unauthorised access or transfer, from its loss or destruction, and from other possible abuse. All persons who come into contact with personal data during the performance of their working or contractually assumed duties are bound by a legal and contractual non-disclosure duty.
Due to the nature of their work, lawyers and patent attorneys apply a high standard of protection of their IT and other systems, i.e., all data is adequately protected. Based on the regular performance of risk analyses, we implement many measures to reduce these risks, such as:
10) Access to personal data – who has access to personal data, who do we pass it to?
The only people with access to the personal data are employees of the Controller, Joint Controllers or external accountancy, tax and IT suppliers, who have access to the personal data only to the extent essential and who are bound by a non-disclosure duty. All of these subjects have been trained properly.
We pass on personal data if it is essential to fulfil our contractual and legal duties, to public-administration bodies (courts, administrative bodies) and other recipients according to the needs and instructions of the client.
The data can also be provided to other subjects with the consent of the client or at its express order.
11) Rights of personal data subjects - what are your rights according to the GDPR?
More information about rights according to GDPR is available on the internet pages of the Office for Personal Data Protection.
12) Supervision – who performs supervision in the area of personal data protection?
If there has been no success in the proper resolution of your question, objection or complaint in the area of personal data protection, you have the right to contact the supervisory authority. This is the Office for Personal Data Protection having its registered office at the address Pplk. Sochora 27, 170 00 Praha 7.