Information on Data Processing according to Articles 13 and 14 of the General Data Protection Regulation (GDPR)
We hereby inform you about the processing of your personal data and your rights related to data protection. The content and scope of the data processing depends to a large extent on the products and services you request or have agreed to provide.
Who is the Data Controller and who can you contact?
Data Controller:
Real-Treuhand Reality s.r.o. (hereinafter referred to as “Real-Treuhand”)
Dlouhá 29, 110 00 Prague 1
Company ID: 14502763
Phone: +420 224 816 891
E-mail: praha@rt-reality.cz
What data is processed and from what sources does this data come?
We process personal data that we receive from you as part of a business relationship. In addition, we process data that we have permissibly received from publicly available sources (e.g. the Commercial Register, the Federal Register, the Land Registry, the media, the Internet) and from other third party companies (e.g. information agencies such as KSV1870 Holding AG) and that are legitimately passed on to us by other companies of the Raiffeisen banking group (e.g. the Group’s customer management department, the Group’s employee directory) or that are passed on to us in the course of processing orders from our customers.
Personal data includes your detailed personal data and contact details (name, address, date and place of birth, nationality, etc.), identification data (e.g. travel documents, data from identity documents). In addition, this may also include payment data in the context of a joint business relationship, creditworthiness data, proof of income (if required, e.g. for subsidies), data for marketing and distribution, electronic log and identification data (e.g. cookies for websites or special applications, if applicable), and other data comparable to the above categories. To protect our public buildings, we use video cameras to record people entering and leaving the building. These video recordings are only evaluated in justified cases. We also use video cameras in our projects to monitor the progress of construction work on properties.
For what purposes and on what legal basis is the data processed?
We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the 2018 Data Protection Act.
The processing of personal data (Section 4(2) of the GDPR) is carried out for the purpose of fulfilling our contractual obligations (e.g. the evaluation/transfer of the property to our customers). The purposes of data processing are primarily determined by the specific business relationship.
The processing of personal data may be based on various legal obligations (e.g. the Civil Code, the Business Corporations Act, the Consumer Protection Act, the Act on Certain Measures against the Legalisation of Proceeds of Crime and Terrorist Financing, etc.).
If you have provided us with consent to process your personal data for certain purposes (e.g. intra-group data transfer, needs analysis and direct customer contact process), we will only process the data in accordance with the purpose set out in the consent statement and to the extent agreed in the consent statement. The consent granted may be withdrawn at any time with effect for the future.
If necessary, Real-Treuhand or third parties may process data beyond the actual performance of the contract in order to protect the legitimate interests of Real-Treuhand or the legitimate interests of third parties. Data is processed for the purpose of protecting legitimate interests in the following cases:
Who receives my data?
Within Real-Treuhand, your data is received by employees who need it to fulfil contractual and legal obligations and legitimate interests. In addition, service providers we instruct and contract processors (in particular solicitors, civil engineers, tax advisers, IT service providers, accounting companies, office service providers or telecommunications service providers) receive your data from us if they need the data to perform their tasks. All processors are contractually obliged to maintain the confidentiality of the data and to process it only in the context of the provision of services.
In addition, public institutions and authorities (e.g. tax authorities, courts, etc.) may be the recipients of your personal data.
The other recipients of your data may be the places you have indicated in your consent as authorised recipients of your data.
How long is my data stored?
We process your personal data, if necessary, for the duration of the entire business relationship (from the beginning of the relationship, through the implementation to the termination of the contract) and, in addition, depending on the time limits for data retention and documentation (in particular legal claims), which are derived, inter alia, from the Civil Code, the Business Corporations Act, the Consumer Protection Act, the Act on Certain Measures against the Legalisation of Proceeds of Crime and Terrorist Financing, etc.
What data protection rights do I have?
At any time, you have the right to information, rectification, erasure or restriction of the processing of your stored data, the right to object to processing and the right to data portability in accordance with data protection law. Complaints shall be addressed to the Office for Personal Data Protection at Úřad pro ochranu osobních údajů, Pplk. Sochora 27, 170 00 Prague 7.
Am I obliged to provide the data?
As part of the business relationship, you must provide personal data that is necessary for the initiation and implementation of the business relationship and that we are legally obliged to collect. If you do not provide us with this information, we will generally be forced to refuse to enter into a contract or to carry out the order. However, you are not obliged to consent to the processing of data that is not relevant for the performance of the contract or is not required by law.
What is the extent of automated decision-making?
In principle, we do not use automated decision-making pursuant to Article 22 of the GDPR to establish and carry out the business relationship. If we use these procedures in individual cases, we will inform you separately, where required by law.
Do you use profiling?
We do not process any data in order to evaluate certain personal aspects (profiling).
