Přinášíme vám informace, které potřebujete pro lepší rozhodování a růst vašeho podnikání.

Spojte se s námi ještě dnes a objevte, jak může Scaut posílit důvěryhodnost a bezpečnost vašich pracovníků.

Naplánovat schůzku

Zásady ochrany osobních údajů

Ve společnosti Scaut klademe důraz na vaše soukromí a jsme odhodláni chránit vaše osobní údaje.

PRIVACY POLICY

(For business partners)

The proper processing of your personal data is very important to our company and its protection is a priority for us. Therefore, we would like to provide you with detailed information on the manner and scope of processing of your personal data within the meaning of Act No. 110/2019 Coll., on the processing of personal data, and Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as "GDPR"), including the scope of your rights related to the processing of personal data.

1. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

The controller of your personal data is the company SCAUT, s.r.o, ID No. 092 96 182, with its registered office at Inovační 122, Hodkovice, 252 41 Zlatníky-Hodkovice, Czech Republic, registered in the Commercial Register kept at the Municipal Court in Prague, Section C, Insert 333927 (hereinafter referred to as "the company" or "we").

Contact details of our company are:

Address: Kaprova 15/11, 110 00 Prague 1 - Josefov, Czech Republic

Email: info@scaut.com

Web: www.scaut.com

Our company also has a Data Protection Officer who oversees the proper processing of personal data. You can contact the Data Protection Officer at any time by writing to dpo@scaut.com or by correspondence to Kaprova 15/11, 110 00 Prague 1 - Josefov, Czech Republic.

2. WHAT PERSONAL DATA DO WE PROCESS?

We process personal data of our business partners, i.e. customers, suppliers and their employees, to the extent necessary to provide our services, to comply with our legal obligations and to protect our legitimate interests.

We process the following categories of personal data for the purposes set out below:

a) Identification data (name and surname, date of birth, job title/position, signature, company name, address of the company's registered office, identification number, tax identification number)

b) contact details (email address, phone number, contact address)

c) data and outputs from public registers and records (extracts from registers, from the register of reliable VAT payers, from the criminal register of legal entities)

d) payment details (bank account number)

e) financial data (payments, payables, receivables)
f) place of permanent residence

g) footage taken by the camera system installed on the company's premises.

3. WHAT IS THE LEGAL BASIS AND PURPOSE OF THE PROCESSING OF PERSONAL DATA?

We process your personal data only on the basis of a specific legal basis and for a specified purpose, store it in a form that allows its unambiguous identification for the necessary period of time and protect it using appropriate technical and organisational measures. Your personal data is processed both manually and automatically. The automated processing of personal data occurs mainly for the purpose of fulfilling a mutual contractual relationship. Our company does not carry out any automated decision-making, including profiling. The legal bases for the processing of personal data, with their associated purposes and the period for which the personal data will be retained, are:

a) Conclusion and execution of a contract in connection with the provision of services to our company (including the pre-contractual phase) for the purpose of carrying out our business activities, with a storage period of personal data (identification data, contact data, extract from the commercial register and payment and financial data) up to 10 years after the termination of the contract. The processing of your personal data is necessary for the conclusion of the contract and without the provision of such data the contract cannot be concluded and the obligations arising from it cannot be fulfilled.

b) Protecting the legitimate interests of the company in order to:

• send newsletters (commercial communications) to our customers, with a period of storage of personal data (name, surname, contact details) for the duration of our contractual relationship and subsequently for 2 years. However, you have the right to refuse further commercial communications at any time, either via a link in the e-mail you receive or by sending a message to info@scaut.com.

• to ensure proper protection and effective exercise of our company's rights and claims, with a storage period of 10 years from the end of the contract based on the limitation period for the possible exercise of property rights and obligations arising from the contractual relationship, and in the event of the initiation of judicial, administrative or other proceedings, we process your personal data to the extent necessary for the duration of such proceedings.

• identification and assessment of the potential risk of future or ongoing cooperation with the supplier, with a retention period of personal data (identification data, data and outputs from public registers and records, payment data) for the duration of our contractual relationship and subsequently for 3 years.

• dealing with enquiries sent via the contact form on our website. After the enquiry has been dealt with, the personal data (name, surname, e-mail address and any data contained in the enquiry itself) will be deleted.

• ensuring the protection of property and security in the company's premises through a camera system with recording of company visitors, with a storage period of 7 days from the time of recording, as the necessary time to document any security incident.

• demonstration of compliance with the requirements of the GDPR by keeping a record of requests from data subjects, with a period of storage of personal data (name, surname, place of residence, date of birth, e-mail address, telephone number) for up to 3 years from the granting or refusal to exercise the right under the GDPR.

c) Consent to the processing of personal data for the purpose of sending commercial communications. You can subscribe to our newsletter on our website. In this case, however, you must consent to the use of your e-mail address for this purpose and then confirm your e-mail address via the e-mail message we will send you after you have filled in your details on our website. You give us your consent for a period of 2 years, but you can withdraw it at any time by using the link provided in the email newsletter or by sending a message to info@scaut.com.

d) Compliance with the legal obligations to which our company is subject, in particular the obligations in terms of accounting and tax records, i.e. the transfer of personal data to the tax authorities or other public authorities in accordance with the relevant legislation. We will store personal data to the extent and for the period of time specified by the relevant legislation (e.g. the Accounting Act, the Value Added Tax Act, the Archive and File Service Act).

We apply the principle of minimization when dealing with personal data, i.e. once the period for which we are entitled or obliged to keep personal data has expired, your personal data will be deleted from our databases and information systems.

4. WHERE DO WE GET YOUR PERSONAL DATA FROM?

We obtain your personal data directly from you in the preparation and conclusion of our contractual relationship. Other personal data we collect is subsequently generated during our contractual relationship through our internal processes and applications. We will also collect your personal data from publicly available registers and records. We may also collect your personal data from you when you make a request through our website http://www.scaut.com/ to be contacted by someone from our company or you are interested in receiving our newsletter.

5. WHO ARE THE RECIPIENTS OF PERSONAL DATA?

We only transfer your personal data to the following categories of recipients to the extent necessary:

a) our suppliers (processors), if they are involved in processing your personal data alongside us, namely persons providing accounting, tax and consulting services and IT support providers. We have a contract with these processors for the processing of personal data and they are also bound by strict data protection rules, including confidentiality.

b) to other entities in cases where the provision of your data to us is required by law (e.g. the Police of the Czech Republic, other public authorities);

c) to other entities where necessary to protect our legitimate interests (e.g. lawyers, bailiffs, courts, authorities). We do not transfer your personal data to third countries (i.e. countries outside the European Economic Area) or to international organisations.

6. WHAT ARE YOUR RIGHTS WHEN PROCESSING PERSONAL DATA?

Regarding the processing of your personal data, you have the right to:

a) access to your personal data processed by our company, with the possibility to obtain confirmation of whether and what personal data is being processed.

b) to correct or complete your personal data if you believe it is inaccurate or incomplete.

c) to delete personal data if the purposes for which they were collected or processed no longer exist, or if they were processed unlawfully, or if you object to the processing.

d) to restrict the processing of personal data if you contest the accuracy of the personal data processed, the processing is unlawful in your opinion, but you refuse to erase it, or the purposes of the processing have passed but you require it for the establishment, exercise or defense of legal claims.

e) to transfer your personal data to another controller in a structured, commonly used and machine-readable format, which we process automatically in electronic databases.

f) unsubscribe from receiving further information and commercial communications from our company.

g) object to the processing of personal data that we process on the grounds of legitimate interest (see Article 3(b) of this Policy). This objection will be evaluated and we will no longer process your personal data unless we have compelling legitimate grounds to continue such processing. In any event, processing will be restricted until the objection is resolved.

You also have the right to file a complaint with the Office for Personal Data Protection, located at Pplk. Sochora 27, 170 00 Prague 7, phone number: +420 234 665 111, website at: www.uoou.cz.

7. HOW DO I EXERCISE MY RIGHTS?

If you have any questions, objections or concerns about how your personal information has been used, please contact our Data Protection Officer at dpo@scaut.com.

We will deal with all your requests without undue delay, but within one month at the latest. We will inform you, including all recipients, of any changes, corrections or deletions of personal data without delay, unless this proves impossible or requires disproportionate effort. If we do not act on a request, we will always inform you of our reasons.

8. WHAT IS THE SECURITY OF PERSONAL DATA?

We have established generally accepted technological and operational security standards to protect your personal information from loss, misuse, alteration or destruction. We require all employees, company officials and recipients to keep personal information confidential. Only trained and authorized personnel have access to personal information.

9. PROCESSING OF PERSONAL DATA AS A PROCESSOR

Our company also processes personal data as a processor (according to Article 28 of the GDPR) within the scope of its business activities, based on a contractual relationship between the customer as a personal data controller and our company.

When processing personal data, we strictly follow the customer's instructions and the concluded processing contract, which determines in particular the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and the method of their protection.

The subject of our processing is the personal data of an applicant for employment or a contractual relationship with the customer or an existing employee and associate of the customer ("candidate").

The purpose of processing the candidate's personal data is to verify their truthfulness and credibility by performing selected checks in public and commercial registers, databases and records or according to information from information sources of state and non-state institutions.

The scope and categories of the candidate's personal data processed are directly dependent on the type of control selected by the customer. The categories of personal data of the candidate that we are authorised to process are in particular identification and contact data, birth number, identity card number, photographs, data on documents, data on education and professional qualifications, data on previous employment, data on creditworthiness and debtfree status, data on criminal record and data from publicly available sources.

When processing candidates' personal data, we cooperate with recipients of personal data such as public and commercial registry administrators, database administrators and information sources, schools, educational institutions and previous employers who have been named by the candidate in personal questionnaires or our contractors who have been approved by the customer for the processing.

We process candidates' personal data both manually and automatically using our own software and that of our suppliers. Our company does not carry out any automated decision-making, including profiling.

If necessary to carry out the specified check, we only transfer the candidate's personal data to a safe third country where an adequate level of protection is ensured according to the European Commission Decision. In other cases, we only transfer data on the basis of an explicit instruction from the customer, if the candidate has given his/her consent to the transfer to a third country, unless standard contractual clauses approved by the European Commission can be used for the transfer.

To ensure the security of personal data, we have implemented a set of recognized technical and organizational measures in accordance with the international standard ISO 27001, which include the protection of data against security breaches that could lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to the data (personal data breach).

We keep the candidates' personal data for the duration of our service and after the final report is submitted to the customer, we anonymize the candidate's personal data in our records according to the customer's deadline.

In this context, the candidate may exercise his/her rights about the processing of personal data with the DPO of our company, email: dpo@scaut.com, or with his/her future/existing employer, similarly according to Article 6 of this Policy.

10. UPDATES TO THIS PRIVACY POLICY

This Privacy Policy was updated on 28 November 2022.