GDPR

Company BRNOCLIMA a.s., ID No. 255 78 456, with registered office at Košinova 2974/13, Královo Pole, 612 00 Brno, registered in the Commercial Register maintained by the Regional Court in Brno, Section B, Insert 7916.

The business entity BRNOCLIMA a.s., ID No. 255 78 456, with its registered office at Košinova 2974/13, Královo Pole, 612 00 Brno, registered in the Commercial Register maintained by the Regional Court in Brno, Section B, Insert 7916 (hereinafter referred to as the “Controller”) offers air conditioning and ventilation equipment from LG, DAIKIN, and SINCLAIR for purchase to natural and legal persons, and further offers these persons its services in the field of air conditioning and ventilation equipment, primarily consisting of service tasks (repairs, maintenance, and/or cleaning) and installation work (collectively referred to as “Services”).

If a natural person (business or consumer) is a direct or indirect participant in a contractual relationship with the Controller (hereinafter referred to as the “Customer”), the Controller processes the Customer’s personal data. The protection of the Customer’s personal data is governed by Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “Regulation”).

Pursuant to Article 7(2) of the Regulation, the Controller specifies in this document the terms of customer data protection in relation to the provision of services by the Controller to Customers. For the purposes of these terms, the following definitions apply:

• Personal Data as defined in Article 4(1) of the Regulation: any information about an identified or identifiable person (i.e., the data subject), where an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

1. Processing as defined in Article 4(2) of the Regulation: any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

2. Controller as defined in Article 4(7) of the Regulation: the person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

3. Processor: a natural or legal person who processes personal data on behalf of the Controller.

The Controller can be contacted in the following ways:

• At any time by sending a message to the email address info@brnoclima.cz (the primary means of communication with the Controller),
• On working days between 9:00 a.m. and 5:00 p.m. by calling +420 541 260 705-8 (switchboard) or 778 544 473,
• By letter delivered to the Controller’s business address (Košinova 13, 612 00 Brno),
• By personal visit to the Controller’s business premises (Košinova 13, 612 00 Brno) after prior arrangement with the Controller’s office (tel. no. +420 778 544 472).

These methods allow customers to contact the Controller with any questions, requests, or objections related to personal data. The Controller indicates that, due to the speed and nature of electronic documents, it prefers email communication as specified in item (a) above as the primary communication method. However, this does not restrict customers from contacting the Controller by any of the other means listed above.

From the moment of the establishment of the contractual relationship between the administrator and the customer, which was established between the administrator and the customer for the purposes of providing services to the customer by the administrator, the administrator processes in particular the personal data of the customer that identify him as a contracting party (name and surname, place of residence or registered office and date of birth or identification number), if without the administrator processing these personal data of the customer, the administrator is unable to fulfill its obligations arising from the contractual relationship with the customer; the administrator is therefore entitled to this processing of the customer's personal data pursuant to Article 6(1)(b) of the Regulation. The administrator and the customer may also agree that the administrator will inform the customer (by telephone or e-mail address), e.g. about the goods being put into storage, the goods being sent to the customer, the expected date of performance, etc.; for these cases, the relevant contact for the customer (telephone number and/or e-mail address) is specified in the contract concluded with the customer, provided that in this case the administrator has a reason for processing pursuant to Article 6(1)(b) of the Regulation. In view of the nature of the contractual and legal obligations of the controller, it may also be necessary for the controller to process the customer's bank account number if it is relevant in the given contractual relationship (e.g. when exercising rights arising from defective performance by the customer or withdrawal from the contract, etc.), when without processing this customer's personal data the controller would not be able to fulfil its contractual and/or statutory obligations; this is therefore lawful processing pursuant to Article 6(1)(b) and/or c) of the Regulation.

These personal data protection conditions are presented to the customer so that the customer can familiarise himself with them before the contractual relationship between the controller and the customer is established. The controller does not process the customer's personal data without the customer having a real opportunity to familiarise himself with these conditions.

The customer acknowledges that the controller will process such personal data that the customer communicates to the controller; if these personal data are untrue, inaccurate, incomplete or become outdated over time due to reasons on the part of the customer, this cannot be attributed to the administrator. This does not exclude the customer's right to rectification within the meaning of Article 16 of the Regulation, regardless of whether the data previously provided by the customer were inaccurate, inaccurate, incomplete or have become outdated over time; the customer may exercise this right at any time during the processing of his personal data by the administrator, based on a request communicated to the administrator by any of the methods set out in Article II of these terms and conditions. In the request, the customer shall state his name and surname (to identify the customer) and the data he wishes to correct in relation to his person, as well as the method by which this correction should be carried out. The administrator is obliged to comply with this request without undue delay after its delivery. The request for correction does not affect the performance already provided by the administrator before the delivery of this request. The Administrator is entitled to verify in an appropriate manner that the request has been submitted by an authorized entity before deciding on the request.

The Customer is also entitled at any time during the processing of his/her personal data by the Administrator to exercise the right to erasure within the meaning of Article 17 of the Regulation, i.e. the right for the Administrator to cease processing all or some of the personal data concerning the Customer without undue delay; however, this is only if at least one of the conditions under Article 17(1)(a) to (f) of the Regulation is met, and at the same time if one of the reasons under Article 17(3)(a) to (e) of the Regulation is not present. The Customer may exercise this right at any time during the processing of his/her personal data by the Administrator, in any of the ways specified in Article II of these Terms and Conditions. In the request, the Customer shall state his/her name and surname (to identify the Customer) and the data that the Administrator is to cease processing. Article V(3) of these Terms and Conditions of these Terms and Conditions remains unaffected by the exercise of the right to erasure. The administrator's procedure for handling such a request is set out in Article V. Paragraph 6 of these terms and conditions. Before deciding on a request, the administrator must always verify in an appropriate manner that the request was submitted by an authorized entity.

The Customer acknowledges that, in accordance with recital 47 of the Regulation, the Controller is entitled to process the Customer's personal data received from him in connection with the provision of services (specifically the e-mail address), also for the purpose of direct marketing of the Controller's own products and services (in particular discount promotions and new services offered by the Controller) within the meaning of Article 6(1)(f) of the Regulation due to the Controller's legitimate interests, and that the Customer's consent is not required for this purpose. The Controller expressly declares that it will not process the Customer's personal data other than his e-mail address for marketing purposes.

The Customer is entitled, in accordance with Article 21 of the Regulation, to object at any time to the processing of his personal data for the purposes of direct marketing by the Controller, in any case in a simple manner and free of charge. The Customer is entitled, in particular, when the Controller obtains the Customer's personal data, as well as at any time thereafter, to inform the Controller that he is not interested in receiving marketing communications. The customer can also exercise his right via the link provided in each individual marketing communication of the controller. By objecting to the processing of the customer's personal data for the purposes of direct marketing by the controller, or by refusing to send further offers to the customer, the customer's personal data can no longer be processed by the controller for marketing purposes until the customer gives consent to the controller again.

The controller does not carry out any automated decision-making within the scope of marketing within the meaning of Article IV, paragraph 1 of these terms and conditions, including profiling, within the meaning of Article 22, paragraphs 1 and 4 of the Regulation, and the controller does not carry out targeted advertising within the scope of these commercial communications (advertising taking into account the activities, preferences and previous orders of the customer).

The administrator did not appoint a personal data protection officer, nor did he appoint a representative for the fulfillment of duties in the sense of the Regulation. The customer's personal data may be provided to persons who provide legal or accounting services to the administrator in order to ensure the proper fulfillment of the administrator's obligations set forth by generally binding legal regulations (including obligations arising from tax or accounting regulations) or the application and/or protection of generally binding legal regulations resulting from claims and rights of the administrator vis-à-vis the customer, if necessary (especially related to the possible non-payment of the price for services by the customer or the exercise of rights from defective performance by the customer against the administrator). Last but not least, the customer's personal data may be provided to public authorities if there is a legal title to do so (especially law enforcement authorities, administrative authorities or judicial authorities). The administrator does not intend to transfer the customer's personal data to a third country, an international organization or to persons other than those mentioned above.

The customer's personal data will be processed for the duration of the contractual relationship between the customer and the controller, and then for the period during which the controller is obliged to store this data according to generally binding legal regulations, i.e. at least for a period of 5 years according to the Accounting Act or for a period of 10 years according to the VAT Act, always to the extent necessary to fulfill the obligations of the administrator under the relevant generally binding legal regulations.
according to the VAT Act, always to the extent necessary to fulfill the obligations of the administrator under the relevant generally binding legal regulations.
dle zákona o DPH vždy v rozsahu nezbytném ke splnění povinností správce podle příslušných obecně závazných právních předpisů.
according to the VAT Act, always precisely to the extent necessary to fulfill the duties of the administrator in accordance with the relevant generally binding legal regulations.
dle zákona o DPH vždy přesně v rozsahu nezbytném pro plnění povinností správce v souladu s příslušnými obecně závaznými právními předpisy.
 In addition, after the termination of the contractual relationship between the controller and the customer, the controller is entitled to process the customer's personal data to the extent absolutely necessary, also for the eventual application and/or protection of claims and rights of the controller towards the customer resulting from generally binding legal regulations, i.e. for the duration of the objective limitation period, which is 10 years.

After the expiry of the period according to the previous paragraph, the administrator will destroy all the customer's personal data, which he is no longer authorized to process, without further ado, unless the customer gives him a written instruction for the administrator to transfer all the customer's personal data to him (in such a case, the customer will also inform the method of transfer) . In such a case, the administrator will hand them over to the customer at the customer's expense.

Furthermore, in addition to what is already stated in these terms and conditions, the customer has the right to request from the administrator access to his personal data, their correction or deletion, or restriction of processing, and to object to the processing, he has the right to the transferability of this data to another administrator, in the sense Articles 15 to 21 of the Regulation. The customer also has the right to file a complaint with a supervisory authority (the Office for Personal Data Protection, or another supervisory authority with competence in the field of personal data protection) if he believes that the administrator is acting in violation of the Regulation when processing the customer's personal data. the administrator is obliged to handle any customer request in the sense of the previous paragraph without delay, no later than 30 days after receiving the request; this period can be extended by up to another two months for the reasons stated in Art. 12 par. 3 Regulations. Applications are accepted by the administrator in accordance with Art. II of these conditions. The request must always contain the identification of the customer so that the administrator can reliably determine which specific customer it is, as well as a statement of what the customer is about and what he requires from the administrator; if necessary, the customer will also indicate which personal data relating to him his request specifically relates to. The administrator will provide the customer with information about the processing of the request in electronic form at the customer's e-mail address known to the last administrator, unless otherwise explicitly stated in the request; if the customer's e-mail address is not known to the administrator, the administrator will provide the information in writing to the last known address of the customer's residence or registered office. If the administrator does not accept the measures requested by the customer in the request (does not comply with the request), the administrator informs him of the reasons for such non-acceptance and at the same time of the possibility of filing a complaint with the supervisory authority and a request for judicial protection.

These terms and conditions become effective on 25/05/2018.

The content of the Regulation (and its provisions expressly referred to and not referred to in these conditions) can be found at the following internet address: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679. The regulation is available here in the language of all European Union countries.