Privacy Policy and GDPR
We are System4u and we provide IT services to you, our customers. In this context, we also need to know some of your personal data. Whether to process an enquiry, conclude a contract, provide a service, issue an invoice or send a sales or marketing message.
We guard your personal data carefully and always have. We process them in accordance with all regulations and rules, including the EU General Regulation No. 2016/679 – GDPR – data protection.
In this Personal Data Processing Policy (“Policy”), we would like to inform you about what personal data we collect about you and how we use it. You will also learn what your rights are in relation to data protection.
Generally about our website
We use Google Analytics, a service developed and operated by Google Inc., headquartered at Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), to analyse the website using cookies.
The analysis by Google Analytics is carried out by transferring the information about the use of the website generated by the collected cookies to a Google server in the USA and analysing it there. As a result of the anonymisation of IP addresses set up on the website, the IP address is shortened by Google before the data is transmitted to a Google server in the USA in an EU or EEA member state. Only in exceptional cases is the full IP address transferred to a Google server in the USA and only there is it truncated (anonymised).
Google will not transfer data, incl. shortened IP-addresses, to combine with other data. Google’s privacy statement can be viewed here.
Visitors to the website can prevent the collection of cookies and their analysis by Google Analytics by installing the browser plug-in available here. This plugin only works in the respective browser on the respective computer and must not be deactivated or deleted after installation in order to preserve the deactivation of Google Analytics.
Purpose and legal reason for processing personal data
Processing category | Purpose of processing | Legal reason for processing |
Contact details of business partners – marketing | Direct marketing | Legitimate reason Administrator |
Contact details – web form | Marketing and web promotion | Consent |
Contact details – job seekers | Offer of job positions | Consent |
Scope of processing of personal data
Contact details of business partners – marketing
The contact details of business partners are processed in electronic documentation and are protected against unauthorised access by appropriate means. Processing and archiving shall be carried out for the period of time specified in the relevant legislation. Archiving shall be for a minimum period of 10 years. After this period, the personal data is deleted.
The following categories of personal data are processed
- Identification data – title, name, surname
- Address data – contact address, e-mail, telephone
Contact details – web form
The contact data from the web form is processed electronically and is protected against unauthorised access by appropriate means. Processing and archiving shall be carried out for the period of time specified in the relevant legislation. Archiving shall be for a minimum period of 10 years. After this period, the personal data is deleted.
The following categories of personal data are processed
- Identification data – name, surname, company
- Address details – e-mail, telephone
Contact details – job seekers
The contact data from the web form is processed electronically and is protected against unauthorised access by appropriate means. Processing and archiving shall be carried out for the period of time specified in the relevant legislation. Archiving shall be for a minimum period of 10 years. After this period, the personal data is deleted.
The following categories of personal data are processed
- Identification data – name, surname, company
- Address details – e-mail, telephone
- Personal data contained in the CV of the applicant
System4u Security
System4u has strict security rules in place in terms of technical and personnel security. We have appointed a Data Protection Officer. We have set out the processing processes and the obligations of employees in relation to the processing of personal data in the relevant internal directive.
Rights of data subjects
- Right to be informed – the data subject has the right to be informed about the processing of his or her personal data. This means the right to certain information about the processing of his or her personal data. This includes information on the purpose of the processing, the identity of the controller, the controller’s legitimate interests and the recipients of the personal data.
- Right of access – gives the data subject the opportunity to verify the lawfulness of the processing of their data. Every data subject has the right to know and be informed of the purposes of the processing, the recipients to whom the personal data have been or will be disclosed, the period for which the personal data will be stored.
- The right to rectification – if the data subject has a subjective or objective suspicion of the inaccuracy of his or her processed data, he or she may request the controller to rectify it. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by providing an additional declaration.
- The right to erasure – obliges the data controller to erase the personal data of the data subject without undue delay if the reason for their processing has ceased to exist. However, as long as the legal reason persists, the controller is not obliged to delete the data on request.
- Right to be forgotten – extends the right to erasure. If the data subject so requests, the controller shall take reasonable steps to erase all personal data, references to, copies of, etc. At least one of the following conditions must be met for the controller to be obliged to destroy personal data:
- the personal data is no longer necessary for the purposes for which it was collected or otherwise processed,
- the data subject withdraws consent and there is no further legal basis for the processing,
- the data subject objects to the processing and there are no overriding legitimate grounds for the processing,
- personal data have been unlawfully processed,
- personal data must be erased to comply with a legal obligation,
- The right of portability – is essentially an extended right of access and can be exercised subject to two conditions that must occur simultaneously:
1. the processing is based on the consent of the citizen or on a contract and 2. is carried out automatically. In the case of automated processing of personal data based on consent or a contract, the person has the right to. the portability of such data. This consists in the obligation of the controller to transmit to the data subject all information processed about him in a structured, commonly used, machine-readable format. By exercising this right, the person gains greater control over his or her personal data and also has the possibility to transfer it in the form thus obtained to another controller. - Right to object to processing – if the data subject is not able to exercise the right to erasure, he or she has the right to object and thereby force the controller to restrict the processing of the data subject to the objection.
- Right to restriction of processing – ways to restrict the processing of personal data include, but are not limited to, temporarily moving selected data to another processing system, making selected personal data unavailable to users, or temporarily removing published data from the website
Contact details
Personal data controller
System4u a.s.
Lidická 48, 602 00 Brno
ID: 26945231
Data Protection Officer
Jitka Šafářová
Email: jitka.safarova@system4u.com