Privacy Policy "GDPR"
1. Introduction
1.1 Henzély s.r.o., its subsidiaries, and all affiliated entities ("we" or "our") are committed to respecting and protecting your privacy. This Privacy Policy (hereinafter the "Policy") explains how we will collect, store, and use any personal data you provide through our website, emails, or our retail network, or through our dealers, for as long as you engage with us (during the provision of our business services).
1.2 Data Controller:
Henzély s.r.o., Oskol 275, 767 01 Kroměříž.
ICO Registration Number: 283 17 718
1.3 These rules may change from time to time, and if so, the current version will always be available on our website and will take effect immediately.
1.4 Please take the time to read this policy, which contains important information about how we process personal data.
1.5 For the purposes of this Policy, “European data protection legislation” is defined as being in force (European Data Protection Directive 95/46/EC) during periods in which all laws implementing or seeking to implement European Directive 95/46/EC on data protection (e.g., the Data Protection Act 1998) or data protection-related legislation (to the extent applicable), and, as of May 25, 2018, the General Data Protection Regulation (Regulation (EU) 2016/670), (hereinafter “GDPR”), requires the addition or replacement of the GDPR.
2. Information We May Collect About
You 2.1 We may collect and process information about you and your staff in various ways, including:
• while working for you (or your company)
• through our website (e.g., “Contact Us” or via information forms submitted with job applications, etc.)
• via email or other electronic correspondence
• by telephone
• through collaborations (e.g., at dance exhibitions, client events, and/or other meetings or events that we organized or attended)
• through the implementation of security policies and procedures in our offices (e.g., through our access to CCTV footage recorded by the owners of our buildings and other cameras we operate in our offices)
• otherwise through the provision of our services or the conduct of our business.
2.2 The personal data you provide to us may include:
• your name and title
• contact details, including phone number, mailing address, and email address
• information regarding your residence, preferences, and/or interests
• employment and job application data, date of birth, employment history, qualifications, and equality
monitoring information • photographic identification and video recordings
• in certain circumstances, your signature and those of others, national insurance numbers, financial data such as bank account details, and details of any relevant sanctions or similar restrictions
• in certain circumstances, data relating to (including disability) ethnic origin, race, religious beliefs, trade union membership, and other “special
category” personal data• the
content of any inquiry submitted via our website• any other personal data we collect (e.g., a client reference number that may be assigned to you) in the course of our work for our clients or in the course of business.
2.3 Each time you visit our website, we may automatically collect the following information:
• website usage information (e.g., IP address), login information, browser type and version, time zone settings, operating system, and platform;
• Information about your visit, including the full Uniform Resource Locator (URL) of the page that referred you to our website and the pages you visit on our website (including date and time); time spent on the page, page response times, download errors, length of visits to certain pages, and information about page interactions (such as scrolling, clicks, and mouse-overs)
• Location, device, and demographic information (Google Analytics provides information on age and gender. Learn more about how Google collects demographic data).
2.4 If you report a problem with our website, we may ask you for information.
2.5 If you contact us, we may record this correspondence.
2.6 The personal data described above may relate to any of the following categories of individuals:
• our clients and their staff
• our potential employees, work experience students, or other job applicants
• those emergency contacts whose details have been provided to us by our people
• third parties with whom we are in contact regarding legal services (e.g., third-party invoices and counterparties on the client’s side)
• our contacts or referees, expert advisors, or others with whom we work in the course of our services
• our potential target clients
• our suppliers and customers
• those with whom we work in the context of our system
• those who submit inquiries on our website or whose data is otherwise entered into our customer relationship management
system • any other visitor to our offices.
3. Cookie
Policy 3.1 Our website uses cookies to distinguish you from other users, improve your experience on our website, and recommend content that may interest you.
Most web browsers automatically accept cookies, but you do not have to accept them. For more information about cookies, visit http://www.allaboutcookies.org.
4. How We Will Use Your Information
4.1 We may use your data for the following purposes:
• a) to respond to any inquiry you may submit to us;
• b) manage our relationship with you (and/or your business), including by maintaining a client database and using other third parties for administration, accounting, and relationship management;
• c) fulfill our contractual obligations to you or otherwise take the steps described in our terms and conditions and/or terms of business (including all associated administrative tasks)
;• d) to carry out all relevant conflict of interest checks, anti-money laundering checks, and sanctions checks, and to comply with obligations arising from any applicable anti-money laundering laws or regulations (including those relating to money laundering, terrorist financing, and the Transfer of Funds Act 2017)
; e) send you any relevant information about our services and events that may be of interest to you via the email address and/or postal address you have provided to us, but only if you have given us your consent or we are otherwise able to do so in accordance with applicable European data
protection laws• f) to process any job application you have submitted (or through a representative)
• g) to ensure that the content of our website is as effective as possible for you and your devices or staff
• h) to tailor our website to your interests
• i) to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical and survey responses
• j) to enable participation in interactive features on our website, if you choose to do
so • k) as part of our efforts to keep our website safe and secure•
l) to evaluate and estimate the effectiveness of the advertising we send to you and others, and to provide you with relevant advertising;
• m) to ensure that we properly manage any visit(s) to our offices;
• n) to comply with any other professional, legal, and regulatory obligations applicable to us, or policies we have in place
• o) as we deem necessary to prevent illegal activity or protect our interests.
5. Legal Grounds for Processing Your Information
5.1 We will rely on the following legal bases under European data protection legislation to process your personal data:
• a) performance of or conclusion of a contract. The personal data we must obtain to comply with any additional obligations arising from professional, legal, and regulatory obligations applicable to us must be provided to us so that we can perform this contract—we would not be able to act on your behalf without this personal data.
• b) compliance with a legal obligation to which we are subject.
• c) we have a legitimate interest in doing so as a service provider (and where our legitimate interests are not overridden by your own interests (or those of your relevant persons) or fundamental rights or freedoms). These legitimate interests will include our interests in managing our relationships with our clients, managing visits to our offices, and ensuring compliance with appropriate standards, policies, procedures, or practices.
• d) where the processing of “special categories of data” is necessary in connection with the establishment, exercise, or defense of legal claims.
• e) under certain circumstances, such as those described in Section
4.1(e), or where, as part of our work, we need to process “special category data” but outside the scope of Section
5.1(d) above, where we have obtained your explicit consent. As we will explain at the time we collect your consent, you may withdraw it at any time in accordance with the information we provide to you at that time.
6. Sharing Information
6.1 We may share your data with carefully selected third parties. These include service providers, support services, and organizations that help us offer our services, as well as third parties that enable us to fulfill our contractual obligations to you and/or our clients in the course of our business.
6.2 When we share your information with third parties, we process your data either as a data controller or as our data processor, depending on the purpose of sharing your personal data. We will only share your personal data in accordance with European data protection legislation.
6.3 We may disclose information to third parties if:
• you expressly request it, or it is necessary to provide our services to you (e.g., when we need to instruct a service provider in another jurisdiction to provide the advice you have requested)
• in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
• if our website or substantially all of its assets are acquired by a third party, in which case the personal data it holds about its customers will be transferred as part of the
assets• if we are required to disclose or share your personal data to comply with any legal obligations or to protect the rights, property, or safety of our website, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and reducing credit risk.
6.4 Third parties include:
• our bank (as permitted by the Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations 2017, which may require the disclosure of your personal data to our bank upon request from time to time for the purpose of preventing money laundering or terrorist financing)
• our insurers•
our auditors, including external accreditation bodies
• other professional advisors or third parties with whom we collaborate as part of our work for our clients or who deal specifically with our clients in the same context
• our regulators
• our data processors providing hosting, data management, archiving, and other IT services and business support
• our email marketing platform provider and website platform
provider • selected partner digital agencies and job
application providers • analysts and search service providers who help us improve and optimize our website services •
any third party with whom you ask us to share data.
6.5 From time to time, our website may contain links to the websites of advertisers and partners. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we accept no responsibility for these policies. Please check these policies before submitting any personal data to these websites.
6.6 We will not “rent” or sell our users’ details or other contact information to any other organization or individual.
7. Storage and Retention of Your Personal Data
7.1 All personal data you register on our website will be stored behind a firewall. Once we receive your information, we use strict procedures and security features to try to prevent unauthorized access. Unfortunately, transmitting information over the internet is not entirely secure, and although we strive to protect your personal data, we cannot fully guarantee the security of your data.
7.2 We retain your information stored in our systems for as long as we provide services to you. We may retain your data for longer than our retention period if we cannot delete it for legal, regulatory, or technical reasons. We may also retain it for research, conflict of interest prevention, or statistical purposes. If we do so, we will ensure that your privacy is protected and that the data is used only for these purposes.
7.3 Any contact information stored in our customer relationship management database will be removed from our mailing lists if you do not interact with our emails (i.e., open emails or click on links within them) for a certain period of time, after which it will be moved to an archive folder before being permanently deleted.
7.4 Third parties to whom we engage to provide services on our behalf will retain your data stored in their systems for as long as necessary to provide those services.
7.5 Subject to paragraph 7.2, we will not retain your information for longer than is reasonably necessary or required by law.
8 Transfer of Information Outside the EEA
8.1 If we need to share your personal data with a recipient outside the European Economic Area (EEA) (e.g., a professional advisor or a third party that engages us or you as part of our work under a contract), we will ensure that we do so in accordance with European data protection legislation, including, where applicable, ensuring that the transfer is necessary for the performance of a contract with you.
8.2 Our employees may access our systems remotely while working abroad (including from jurisdictions outside the European Economic Area). If they do so, they must use our systems and access all personal data in accordance with all standard policies and procedures.
9 Withdrawal of Consent
9.1 Where we process your personal data, we do so on the basis that you have provided your consent for the purposes set out in this policy when you submitted your personal data to us. You may withdraw your consent to this processing at any time by contacting us at obchod@dance-point.cz.
9.2 If you withdraw your consent, we may still need to process some of the data you have provided to us for other reasons, and we will inform you of those reasons at that time.
10. Your Information Rights
10.1 European data protection legislation gives you the right to access information about yourself. You have the right to be told whether we or anyone acting on our behalf is processing your personal data; what personal data we hold; details of the purpose of processing your personal data; and details of any third parties with whom your personal data has been shared.
10.2 You may send your request for access to the personal data we hold to us at the following address: Henzély s.r.o., Oskol 275, 767 01 Kroměříž. You may also contact us at obchod@dance-point.cz.
10.3 We will ask you to provide proof of identity before we show you your personal data—to prevent unauthorized access.
10.4 You have additional rights to request the correction and deletion of your personal data, as well as to request restrictions and other objections to our processing of your personal data, and you may exercise these rights at any time by contacting us at obchod@dance-point.cz.
10.5 Starting May 25, 2018, you will also have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to another data controller. You may exercise this right starting May 25, 2018, by contacting us at obchod@dance-point.cz.
11. Complaints
11.1 If you agree to us contacting you, we will always strive to be considerate, relevant, and appropriate. If at any time you feel we have failed to do so, please contact us to let us know.
11.2 You also have the right to file a complaint with the Information Commissioner’s Office. For more information, visit the ICO website.