top of page

PRIVACY POLICY

I. Basic Provisions

The controller of personal data pursuant to Article 6 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR”) is:

TOKOZ a.s.
Santiniho 20/26
591 02 Žďár nad Sázavou
Company ID (IČ): 25670042
(hereinafter referred to as the “Controller”).

Controller Contact Details

TOKOZ a.s., Santiniho 20/26, 591 02 Žďár nad Sázavou
E-mail: mbox@tokoz.cz
Phone: +420 566 802 111

Personal data (hereinafter referred to as “Personal Data”) means any information relating to an identified or identifiable natural person, who can be identified directly or indirectly, in particular by reference to an identifier such as name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

II. Legal Basis for Processing Personal Data

 

The legal basis for the processing of Personal Data is the performance of a contract between you and the Controller pursuant to Article 6(1)(b) GDPR (hereinafter referred to as “Contract Performance”).

The processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.

The Controller does not carry out automated individual decision-making within the meaning of Article 22 GDPR.

 

III. Purpose of Processing, Categories and Sources of Personal Data

  • Legal basis: Contract performance

  • Purpose: Processing of orders or responding to inquiries / job applications submitted via the contact form

  • Processed data: Personal data of clients (contact details)

  • Source of data: Contact form, order form

 

IV. Data Retention Period

 

The Controller retains Personal Data:

  • In the case of inquiries:
    Personal data provided via the contact form are processed solely for the purpose of responding to or handling your inquiry, and only for the duration of negotiations prior to the conclusion of a contract, for a maximum period of 3 years from the date of the inquiry, unless you provide consent for further processing.

  • In the case of orders:
    Personal data are processed for the period necessary to exercise rights and obligations arising from the contractual relationship between you and the Controller, and for the assertion of claims arising from such contractual relationships, for a period of 15 years from the termination of the contractual relationship.

After the retention period expires, the Controller deletes the Personal Data.

 

V. Recipients of Personal Data

 

Příj

Recipients of Personal Data are persons:

  • ensuring website operation services provided by TOKOZ a.s., Company ID 25670042, and other services related to website operation.

Personal Data of the data subject may be provided, for the purpose of proper contract performance, to providers of delivery services, as well as to persons providing legal, accounting, and IT services to the Controller in order to ensure compliance with legal obligations.

The Controller does not intend to transfer Personal Data to third countries, international organizations, or third parties other than those specified above.

VI. Other Provisions

 

You have the right to access your Personal Data.

You are entitled to update, correct, or modify your Personal Data at any time, or to restrict the processing of Personal Data.

You may object to the processing of Personal Data.

You also have the right to lodge a complaint with the Office for Personal Data Protection if you believe that your right to the protection of Personal Data has been violated.

 

VII. Personal Data Security Conditions

The Controller declares that it has adopted all appropriate technical and organizational measures to secure Personal Data.

The Controller has implemented technical measures to secure data storage systems and paper-based personal data storage, including passwords, antivirus software, data backups, and physical security measures.

The Controller declares that access to Personal Data is granted only to authorized persons.

 

VIII. Final Provisions

 

By submitting an order via the online order form or an inquiry via the online inquiry form, you confirm that you are familiar with these Privacy Policy terms and that you accept them in full.

The Controller is entitled to amend these Privacy Policy terms. The new version will be published on the Controller’s website or sent to you via the email address you provided.

 

These Privacy Policy terms become effective on 1st January 2025.

bottom of page