Information on the processing of personal data

Rules governing the principles of processing the personal data of MIBCON’s business partner contacts.

MIBCON a.s., with registered office at Pod kopcem 31/3, 147 00 Prague 4, ID No.: 278 92 743, registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, Insert No. 11831 (hereinafter referred to as “MIBCON“),

as the controller of personal data within the meaning of Art. 13, respectively. 14, Regulation (EU) No. 2016/679 (hereinafter referred to as “GDPR“),

fulfils its legal obligation and provides the following information to data subjects whose personal data are or will be processed by the controller:

This Policy governs the principles of processing personal data of (i) contact persons of business partners who have entered or will enter into a business agreement with MIBCON in connection with the implementation or management of information systems (hereinafter referred to as “Partner Contact Persons“), (ii) contact persons of the Business Partner in connection with the provision of licensed software, (iii) users of the information systems for incident management and project management (hereinafter referred to as “HelpDesk and Project Systems” and “Users“).

Data processed:

Data provided by the business partner, potential business partner and users. MIBCON processes the personal data of the partner’s contact persons that you provide to MIBCON employees involved in service and software implementations via information systems. This data includes in particular name, surname, telephone number, e-mail address. In the case of users who enter a photograph in the information systems, MIBCON processes this photograph.

Identification data for access to HelpDesk and Project Systems. MIBCON also processes your personal data for access to information systems. These data include, in particular, your name, surname, telephone number and e-mail address.

Data collected through cookies. If you have enabled the storage of cookies within the cookie settings on the website or in your browser and agree to their use, MIBCON will collect data about your visit to the website and other activity on the website in order to improve the product and service offerings.

Objective:

To provide maintenance services and SW implementations, i.e. for the implementation of the contract, pre-contractual negotiations between MIBCON and the business partner, MIBCON uses your identification data, in particular your name, surname, telephone number and e-mail. If these data are not provided, MIBCON cannot ensure communication and delivery according to the contract.

MIBCON uses your e-mail address, password or certificate and, to the extent necessary, your identification data to access the HelpDesk and Project Information Systems. The data is primarily used to uniquely identify you. Without this data, MIBCON cannot secure access to the information systems and enable you to use them.

MIBCON primarily uses your e-mail address, and occasionally your telephone number, to offer our services and products and to promote MIBCON through commercial communications. In this case, the processing only takes place after you have given your consent, which is entirely voluntary. You can give your consent as part of an information campaign.

In order to personalize and improve the quality and content of the website, to analyze its traffic and to better target advertising and promotion of MIBCON, MIBCON processes data about your visit to the website and other activity on the website using cookies. In most cases, this processing is only possible after you have given your consent. Based on the collected data, MIBCON obtains statistics, analyses and reports on the behaviour of website users. Based on this, it is then possible to better adapt the content of the website.

Compliance with legal obligations – on this basis, we process identification and contact data in order to comply in particular with the following laws: act no. 89/2012, Civil Code; act no. 235/2004 Coll., on value added tax; act no. 563/1991 Coll., on accounting.

Processing time:

MIBCON processes personal data for the purpose of fulfilling the contract for the entire duration of the contract and for a period of five years after its termination in case of any claim related to the purchase contract.

The data processed for access to the information system is stored until the request for cancellation is made or for the duration of the contract, if the system is needed for implementation.

Commercial communications are sent to the partner’s contacts or users until you unsubscribe or withdraw your consent. However, the longest period of time for which commercial communications are sent is 5 years from the date of consent.

The data collected for marketing purposes via cookies is processed by MIBCON for the entire duration of the consent to the use of cookies, i.e. for as long as you allow the storage of cookies within the cookie settings on the website or in your browser. The processing may also continue after withdrawal of consent, at the latest until the expiry of the respective cookie type.

Processors and processing method:

The following Processors process Personal Data on behalf of the Controller in accordance with the Controller’s instructions and in accordance with the Purposes:

Subcontractors (approved by the business partner in the contract or otherwise)

MIBCON Group companies:

MIBCON Group a.s., ID 08419922 (CZ)

MIBCON DIMA s.r.o., ID 07233566 (CZ)

MIBCON FNPP s.r.o., ID 26850257 (CZ)

Designeo Creative, ID 24690139 (CZ)

SGEN it, s.r.o., ID 04660340 (CZ)

MIBFORMA a.s., ID 52662632 (SK)

MIBCON SK s.r.o., ID 44492804 (SK)

Webscope s.r.o., ID 04114833 (CZ)

The handling of personal data is carried out in full compliance with applicable law. When processing personal data, MIBCON places great emphasis on the technical and organizational security of the processed data to prevent unauthorized or accidental access to personal data, their unauthorized alteration, destruction, loss, processing or misuse.

All persons having access to personal data are bound by confidentiality and this obligation continues even after the end of the cooperation with MIBCON.

Disposal of data:

The Controller shall ensure the destruction (erasure) of the relevant personal data on the day following the expiry of the Processing Period.

Rights of the data subject:

• the right of access to information on processing
• the right to rectification
• the right to erasure
• the right to restriction of processing
• the right to an explanation
• the right to have the defective condition remedied
• the right to object to processing
• the right to portability
• the right to lodge a complaint with the Office for Personal Data Protection

Contact details of the controller for exercising the above rights: gdpr@mibcon.cz

The controller has a notification obligation towards the data subject and the Office for Personal Data Protection in the event of a personal data breach of the data subject.

Prague, 11. 11. 2022

Prepared by MH LEGAL – www.euoffice.cz