Privacy policy (GDPR)

PRIVACY POLICY

SONET, společnost s.r.o., ID 15527107, seated at Lužická 2093/9, Žabovřesky, 616 00 Brno, registered in the Commercial Register maintained by the Regional Court in Brno under file No. C 540 (hereinafter referred to as ”SONET”) as the data controller hereby informs you as users of the SONET websites stated below, customers, distributors, suppliers and job applicants about the personal data collection described below and the principles based on which your personal data are processed.

Contact details of the data protection officer: JUDr. Roman Tomek, lawyer seated at Purkyňova 648/125, 621 00 Brno, e-mail: [email protected].

SONET runs several web portals on which your personal data may be processed, namely the following websites and web portals on the domains stated below:

• https://www.sonet.cz including all third-level domains.
• https://www.paytenpos.cz
• https://www.charitativnikiosek.cz
• http://parkujrychle.cz
• https://www.posmansuite.com , including all third-level domains.
• https://www.dokladonline.eu
• https://www.cashhave.com/

Personal data processing is governed by the rules set out in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the “GDPR”).

With respect to personal data processing, SONET has two roles, namely the roles of the controller and processor of personal data. “Controller” means the person which determines the purposes and means of the processing of personal data and generally sets how personal data will be processed. “Processor” means the person which carries out personal data processing activities for the controller according to the controller’s instructions. SONET acts as the processor e.g. in situations when it processes data received from its customers, which include, without limitation, banks.

In this policy SONET informs you how it handles your personal data as the data controller. When SONET acts as a processor of personal data, it has a personal data processing agreement with the respective controller.

If you have any question, do not hesitate to send your question to the e-mail address [email protected] or to the address of the data protection officer stated above.

1. Personal data processed by Sonet

SONET will process the following personal data:

If you are a job applicant

Through the website https://kariera.sonet.cz or other means of communication, SONET may process the following personal data:

• contact details;
• identification details;
• details obtained from the CV sent;
• other information requested by SONET for the purposes of the selection procedure and the admission of the new employee.

If you are a customer, supplier or distributor of SONET

Through contact forms on the websites stated above in situations when you want to start to do business with SONET or inquire about a product offered by SONET, SONET may process the following personal data of yours:

• your identification and contact details;
• information about your company;
• information you provide to SONET in your message in the contact form;
• other information requested by SONET in order to be able to reply to your question or inquiry.

With regard to certain products, SONET also offers support through the portals run by SONET where you can request support or servicing. In such case, SONET processes:

• identification of your company or customer on the basis of the identifier you use with SONET for identification (PID, ID of the terminal, etc.);
• identification and contact details;
• a message you leave for SONET for the purposes of handling your service request or replying to your question;
• other information requested by SONET in the form or in subsequent communication in order to be able to satisfy your request.

If you are a visitor to any of SONET websites

SONET websites use several analytical tools to measure and analyze how you use the website. Such tools also help SONET with marketing activities and continuous improvement of its websites and the products offered by SONET. Information is obtained primarily through cookies that are stored on your device.

SONET uses the following tools, in particular:

• Analytical tools that collect information about your device, help SONET analyze the clarity and traffic load of the websites and give SONET an idea how you use the website. In connection with these tools, your screen may also be uploaded when you are using the websites.
• Marketing tools that help SONET better target advertisements. In this connection, e.g. your information from social networks or your IP address will be processed through the tools.

The particular tools (including identification of the tool operator) used by SONET are listed in sections 2 and 3 of this privacy policy.

The personal data stated above will be subsequently connected by SONET with other information obtained from you in connection with making a contract, replying to answers, hiring, etc. SONET may request invoicing details, details necessary for tax purposes and for purposes of other legal regulations applying to SONET and, where appropriate, for the purposes of secure communication and overall security of contractual relationships.

On certain SONET websites you may subscribe to newsletters and other commercial communication. In such case, SONET will process your e-mail address.

2. How does Sonet use the information obtained and on what legal grounds?

The purposes for which SONET uses your personal data may also be divided depending on whether you are:

Job applicant

In such case, the personal data you sent are processed by SONET for the purpose of the selection procedure and the selection of a suitable candidate. The processing is based on the fulfilment of a contractual obligation under Article 6(1)(b) of the GDPR, because in the selection procedure a future employee/partner will be selected and a labor contract or other contract will be made with them.

If you are not selected in the selection procedure, SONET will process your personal data after the end of the selection procedure on the grounds of the legitimate interest which consists in contacting you in future in the event of a selection procedure for another suitable position or if the position for which you applied becomes vacant.

If you are selected in the selection procedure, SONET will inform you about the scope and means of processing of personal data of employees in a separate document.

Customer, supplier or distributor

SONET will process your personal data for multiple purposes:

• For the purpose of handling your inquiry or question. In such case, if you contact SONET through the contact forms available on the websites, SONET will process your personal data for the purpose of replying to your question or inquiry, or offering services. If the message you sent relates to the establishment of a contractual relationship, the processing is based on the fulfilment of pre-contractual negotiations in accordance with Article 6(1)(b) of the GDPR. However, if you do not want to establish a contractual relationship and you only contact SONET with a general question, then the processing is based on the legitimate interest which consists in securing the communication of SONET with you.
  • In such case, if you contact SONET through the contact forms available on the websites, SONET will process your personal data for the purpose of replying to your question or inquiry, or offering services. If the message you sent relates to the establishment of a contractual relationship, the processing is based on the fulfilment of pre-contractual negotiations in accordance with Article 6(1)(b) of the GDPR. However, if you do not want to establish a contractual relationship and you only contact SONET with a general question, then the processing is based on the legitimate interest which consists in securing the communication of SONET with you.
• For the purpose of handling a service request. If you are a customer, supplier or distributor of SONET and send a request through the respective form, your personal data will be processed for the purpose of handling such service or similar request, on the grounds of fulfilment of contractual obligations under Article 6(1)(b) of the GDPR.
• For the purpose of fulfilling obligations imposed on SONET by legal regulations. In connection with accounting and tax obligations, in particular, SONET processes your personal data on the grounds of fulfilment of obligations arising from legal regulations under Article 6(1)(c) of the GDPR.
• For the purpose of protecting own claims and securing communication. In connection with your questions, requests and inquiries, SONET also stores personal data for the purpose of protecting its legal claims or, as the case may be, for the purpose of ensuring their security, on the grounds of the legitimate interest consisting in the protection of claims and ensuring security.

Visitor to SONET websites

SONET will process your personal data for the following purposes:

• For the purpose of sending commercial communications. If you subscribe to commercial communications, you give consent to receiving commercial communications from SONET in accordance with Article 6(1)(a) of the GDPR, and you may withdraw such consent at any time either by contacting SONET at the e-mail address stated above or through any e-mail you receive from SONET. The withdrawal of consent does not affect its lawfulness before its withdrawal.
• For the purpose of analyzing your behavior on the website. In this connection we use the following tools that collect analytical cookies and make it possible for us to measure the performance of our websites:
  • Google Analytics provided by Google Ireland Limited („Google“) and used to measure user behavior on websites.

  All these tools are activated on SONET websites after you give consent to their use in accordance with Article 6(1)(a) of the GDPR.

• For the purpose of securing efficient marketing. In this connection we use the following tools:
  • The tools that collect advertising cookies and facilitate better targeting of campaigns on social networks and in browsers:
    • Facebook and Instagram by Meta. (“Facebook”) – for more information go to https://www.facebook.com/business/help/471978536642445?id=1205376682832142.
    • Linkedin by LinkedIn Ireland Unlimited Company („Linkedin“) – for more information go to: https://cz.linkedin.com/legal/l/cookie-table?#thirdparty.
    • Twitter by Twitter International Company, Ireland – for more information go to: https://business.twitter.com/en/help/campaign-measurement-and-analytics/conversion-tracking-for-websites.html.

  All these tools are activated on SONET websites after you give consent to their use in accordance with Article 6(1)(a) of the GDPR.

Your personal data are processed by SONET on the grounds of fulfilment of a mutual contract or your request, on the grounds of fulfilment of statutory obligations imposed on SONET, on the grounds of legitimate interests of SONET, or on the grounds of your consent given to the particular processing.

3. Who has access to your personal data?

For the purposes of personal data processing described above, SONET uses several different recipients of personal data, always depending on the product or website to which the processing relates. In all cases, personal data are disclosed to the following recipients:

• Providers of server, web and other services related to web operation.
• The employees and workers of SONET who participate in providing products and handling individual questions and inquiries.
• The marketing agency that secures analyses of the website traffic success, and other marketing activities of SONET.

In addition to the recipients stated above, some other parties may also have access to your personal data, depending on the SONET website or SONET product concerned:

4. For what period will sonet process your personal data?

Your personal data will be processed by SONET only for a period necessary for the fulfilment of the aforesaid purposes for which they were collected, e.g. for handling your request or fulfilling a mutual contractual relationship, or for other necessary purposes, such as compliance with legal obligations of SONET, settlement of disputes, and legal enforcement of mutual contracts and agreements. These needs may differ for various types of data in the context of various products and services, so the actual period of keeping such information may also considerably differ. The criteria based on which the period of keeping information is determined include:

• How long are the personal data necessary for providing products, replying to a question or inquiry, etc. and for securing the operation of SONET? This includes activities, such as maintaining and improving the performance of the particular products, maintaining the security of SONET systems, and keeping the relevant business and financial records. This is a generally applicable rule, based on which the period of keeping the data is determined in most cases.
• Has SONET established and announced a specific period of keeping a certain type of data? If it has, it will definitely not exceed it ever.
• Did you give consent to an extension of the period of keeping information? If you did, SONET will keep the data in accordance with your consent.
• Do any legal, contractual or similar obligations to keep data apply to SONET? Examples include laws regulating compulsory keeping of data, or government decrees to keep data related to investigations of criminal offences or data that have to be kept for the purposes of lawsuits.

5. Your rights in relation to the protection of your personal data

Your rights in relation to the protection of your personal data:

• right of access to your personal data;
• right to rectification;
• right to erasure (“right to be forgotten”);
• right to restriction of data processing;
• right to object to the processing;
• right to data portability;
• right to withdraw consent to the processing of data;
• right to lodge a complaint about personal data processing.

Your rights are explained below to give you a clearer idea of their contents.

Right of access means that at any time you may request SONET for confirmation whether or not the personal data concerning you are being processed, and, where that is the case, for what purposes, to what extent, to whom they are disclosed, how long they will be processed by SONET, whether or not you have the right to request rectification, erasure or restriction of processing or the right to object, from what source SONET obtained your personal data, and whether or not automated decision-making, including profiling, is carried out on the basis of processing your personal data. You also have the right to obtain a copy of your personal data.

Right to rectification means that at any time you may request SONET to rectify or complete your personal data if they are inaccurate or incomplete.

Right to erasure means that SONET has to erase your personal data if (i) they are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) their processing is unlawful, (iii) you object to their processing and there are no overriding legitimate grounds for the processing, (iv) SONET is obliged to do so for compliance with a legal obligation, or (v) you withdraw your consent regarding the personal data to the processing of which you gave your consent.

Right to restriction of processing means that until SONET settles any disputed issues regarding the processing of your personal data, SONET must not process your personal data otherwise than by storing them only, or may only use them with your consent or for the establishment, exercise or defense of legal claims.

Right to object means that you may object to the processing of your personal data that are being processed by SONET for the purposes of direct marketing or on the grounds of a legitimate interest, including profiling based on a legitimate interest. If you object to the processing for the purposes of direct marketing, your personal data will no longer be processed for such purposes. If you object to the processing based on other grounds, your objection will be assessed and you will be subsequently notified by SONET whether it sustained it and will no longer process your data, or that the objection was not justified and the processing will continue. In any case, the processing will be restricted until the objection is resolved.

Right to portability means that you have the right to obtain the personal data concerning you, which you have provided to SONET under consent or a contract, and which are also processed by automated means, in a structured, commonly used and machine-readable format, and you have a right to have those personal data transmitted directly to another controller.

Right to withdraw consent means that at any time you may withdraw your consent to the personal data processing you have given to SONET. In such case SONET will cease to process your personal data if there is no other legal ground for their processing for other purposes. The withdrawal of consent does not affect the lawfulness of processing before its withdrawal.

If you have any remark or complaint regarding the protection of personal data or a question for SONET or if you are exercising any of your rights, contact please SONET at the e-mail address [email protected] or through the data protection officer.

The activities of SONET are supervised by The Office for Personal Data Protection (in Czech: Úřad pro ochranu osobních údajů) with which you may lodge a complaint if you are dissatisfied. For more information go the website of the Office (www.uoou.cz).

Changes to the policy

This policy may be changed from time to time. All changes to the privacy policy will be published on all our websites and if the changes are significant, SONET will inform you in more detail. Preceding versions of this policy are archived and will be provided by SONET at a request.

This policy takes effect from 1 January 2022