The companies SOPO s.r.o. with its registered office Modletice 19, tax numer: 47534265 and SOPO-SERVIS s.r.o. with its registered office Modletice 19, tax number: 26119781 and SOPO INVEST s.r.o. with its registered office Modletice 19, IČO: 04285042 and SOPO GASTRO s.r.o. with its registered office Modletice 19, IČO: 08379815 (hereinafter referred to as „SOPO“ or „Controller“) as joint controllers according to the Article 26 of the General data protection regulation (Regulation (EU) 2016/679) („GDPR“) process your personal data for the performance of their business activities in strict accordance with the applicable regulatory regulations in the field of personal data protection.
These Principles of personal data processing („Principles“) refer to:
- Personal data processing carried out by the Controller during your using of Internet pages, the operator of which is the Controller (hereinafter referred to as “Internet Pages”)
- Personal data processing carried out by the Controller during the performance of contracts with business partners
- Personal data processing during the Controller´s performance of legal obligations
- Processing of personal data of applicants for employment or cooperation and of former employees
- Processing of personal data of temporarily allocated employees by means of recruitment agencies
- Personal data processing necessary for the purposes of protection of legitimate interests of the Controller and/or their business partners
- Personal data processing carried out by the Controller based on a consent granted by you
The Principles define the purposes and the method of personal data processing, inform of individual categories of processed personal data, their possible receivers, period of personal data storage, and of your rights in relation with the personal data.
Purposes of personal data processing
Your personal data may be processed by SOPO for the following purposes:
- Performance of a contract (especially the performance of contracts with cooperating persons, performance of contracts with business partners etc.)
- Fulfillment of job duties (especially the duties in the sense of accounting and tax legislation etc.)
- Protection of Controller´s legitimate interest (protection of rights and interests of company SOPO protected by law, e.g. protection of Internet pages and network from abuse, protection of health and property etc.)
- Marketing and targeting of ads
Processed personal data
SOPO companies have the right to process the following personal data according to the purpose of processing:
|Data of the data subject||Purpose of processing|
|First and last names||Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest, Marketing|
|Contact address||Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest|
|Date of birth||Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest|
|Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest, Marketing*|
|Telephone number||Performance of contract, protection of Controller´s legitimate interest|
|Account number (IBAN, BIC)||Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest|
|Company ID No., VAT number||Performance of contract, fulfillment of legal obligations, protection of Controller´s legitimate interest|
|Camera records||Protection of health and property (only in the premises of the factory at Modletice 191)|
|Personal data provided by job applicant||Provisions preceding the execution of the contract, Controller´s legitimate interest|
|Photo and video from events we organize||Controller´s legitimate interest, Marketing (in a limited way)|
* The Controller has the right to process your e-mail address pursuant to Section 7(3) of Act No. 480/2004, on certain information society services and on amendment of some acts (act on some information society services), as amended, for the purposes of spreading business information relating to their own services and products in the case that you have not refused such sending.
Personal data processing based on a consent
In case you grant consent to SOPO with personal data processing, you thereby acknowledge that the granting of the consent is voluntary, and the consent can be withdrawn at any time. The consent is granted for a period adequate to the purpose and specified in the text of the relevant consent or until the consent withdrawal.
Personal data recipients
In SOPO companies your personal data are only disclosed to authorized employees, or to individual personal data processors contractually agreed by the Controller, or to other controllers; however, always only in an extent necessary for the fulfillment of individual purposes of processing and on the basis of a corresponding legal title and guarantee of corresponding security of your privacy. This concerns for instance (i) services suppliers and providers (including on-line services) such as analytic tools, CRM systems, technical services and support, logistic services, legal services; (ii) persons processing company bookkeeping, accounting and business administration of SOPO, (iii) or other third parties providing or receiving services in relation with the fulfillment of contractual or legal obligations by SOPO.
In cases stipulated by law SOPO companies are entitled, i.e. obligated to transfer personal data based on valid legal regulations for instance to bodies acting in criminal proceedings or other public bodies.
Personal data of third parties
Personal data of third parties understood as personal data of employees of Controller´s business partners and other individuals participating in cooperation with SOPO (e.g. transporters and transporters´ employees), personal data of participants in events organized by the Controller, or other data received by SOPO from a business partner in relation with the execution or performance of a contract, will be processed in accordance with the legal regulations for personal data protection in force. The Controller may use such personal data exclusively for the purposes of performance of contracts with business partners. A business partner hereby acknowledges that SOPO companies will processed personal data of third parties for the period of duration of the contractual relation and further for the period specified by special legal regulations. They will be than stored for a longer period in relation with a specific case. A business partner is obliged to duly inform of personal data processing by SOPO companies their employees and other persons participating in cooperation with SOPO companies at the party of the business partner.
Period of personal data storage
We process and store your personal data for a period necessary for the provision of all rights and obligations arising from the relevant contractual relation and further for the period, for which the Controller is obliged to store personal data according to generally binding legal regulations. In other cases the processing period results from the purpose of processing, to which it must be appropriate or given by legal regulations in the area of personal data protection.
We keep records of personal data according to the purpose of processing for the period specified below:
|Purpose of processing||Record keeping period|
|Performance of a contract||For the period of duration of the contract and for 10 years after the termination of the contract|
|Fulfillment of legal obligations||No longer than for the period of 3 years from the commencement of the data processing, unless special legal regulations specify otherwise, or unless a reasonable case results in a need to keep record for a longer period|
|Marketing and targeting of ads||For the period, for which the consent with processing was granted or until its revocation, in other cases no longer than for 3 years from the commencement of the data processing, unless special legal regulations specify otherwise, or unless a reasonable case results in a need to keep record for a longer period|
|Provisions preceding the execution of a contract||For the period of duration of negotiations regarding the entering into a contract (for the period of a tender)|
Cookies files are contextually small data files stored in your computer, telephone or another device when visiting Internet pages. Cookies files serve for storing or receiving identifiers and other pieces of information regarding computers, telephone or other devices, which are used to access Internet pages, and this way help us provide, protect and improve offered services.
On SOPO Internet sites we use two basic types of cookies files:
Temporary: These cookies are not permanent. They store in the cookies files of your browser only until you finish your work with the browser. These cookies are necessary for the proper functioning of Internet pages or of affiliate applications.
Persistent cookies: We may use these cookies for your simpler and easier orientation in our Internet pages (e.g. simples and faster navigation). These cookies remain in your browser for a longer period. The length of this period depends on the selected settings of your Internet browser. Persistent cookies allow the transfer of information to the Internet server during each visit of Internet pages.
Privacy setting in your computer, where cookies may be refused or allowed, can be found in the menu of the relevant Internet browser. The setting of cookies in the most often used browsers can be found on the following Internet sites:
List of used cookies
|Technical name||Issuer||Purpose and description of cookies||Type/Period of duration|
|APISID, ANID, AID, APNUID||Google.com||Company Google uses these cookies files based on the last searches and interactions and adjust ads on Google webs||Persistent (24 months)|
|CONSENT||Google.com||Web page language setting||Persistent (20 years)|
|c_user||Facebook.com||Used in relation with cookies to verify your identity on Facebook||Persistent (3 months)|
|_datr||Facebook.com||Identifies browsers for the purposes of security and integrity of web, including account restoration and identification of potentially threatened accounts||Persistent (24 months)|
|fr||Facebook.com||Serves for the provision of a series of advertising products such as offer in real time from third parties´ advertisers||Persistent (3 months)|
|Ga||Google Analytics||Serves for diversification of users of web pages by allocating a randomly generated number||Persistent (24 months)|
|Gat||Google Analytics||Serves for the evaluation of requests on the web page||Temporary|
|Gid||Google Analytics||Serves for customer identification||24 hours|
|IDE||Doubleclick.net||These advertising cookies files are stored in Google DoubleClick service and serve for the personalization of ads displayed to users based on preceding visits to our web pages||Persistent (6 months)|
|NID||Google.com||The browser sends this cookie file together with requests to Google webs. NID cookie file contains a unique ID through which Google remembers your setting and other information, for example your preferred language (e.g. Czech), how many searching results you want to see on one page (e.g. 10 or 20) and if you want to have the Safe Google search filter on||Temporary|
|1P_JAR||Google.com||Company Google uses these cookies files based on the last searches and interactions and adjusts ads on Google webs||30 days|
|Sessid||Contains a link to a relation saved on the web server. The user´s browser has no saved information and this cookie file may be only used by the actual web page||Temporary|
|sb||Facebook.com||dentifies the browser for the purposes of log-in verification||Persistent (24 months)|
|SID, SSID, SAPISID, HSID, APISID, SAPISID||google.com a google.cz (Google AdWords)||Adjustment of displaying, storing of visitor´s pre-selections||Persistent (24 months)|
|_sonar||Used for the displaying of ads||Persistent (12 months)|
|SEARCH_SAMESITE||google.com a google.cz (Google AdWords)||Administration of cookies sharing, the main goal is to lower the risk of information leakage and to raise security|
|xs||Facebook.com||Used in connection with the c_user cookie file to verify your identity on Facebook||Persistent (3 months)|
DATA SUBJECT´S RIGHTS
As a data subject you have the rights stated below, which result for you from the legal regulations and which you may enforce at any time:
- Right of access to personal data: if you want to know whether SOPO companies process your personal data, you have the right to gain information about the processing of your personal data and if so, you have the right of access to your personal data.
- Right to rectification of inaccurate and untrue personal data: in the case that you assume that SOPO process inaccurate or untrue personal data about you, you have to right to rectification of such data. SOPO must rectify such data without undue delay and with regard to their technical possibilities.
- Right to erasure: in the case that you file a request for erasure, SOPO companies will erase your personal data in the following cases:
- They are not needed for the purposes for which they were collected or otherwise processed
- Processing is unlawful
- You object against their processing and there are no superseding legitimate reasons for the processing, or
- The Controller is not bound by law to the processing
- The right to restrict processing of personal data: in the case that you have no interest in erasure, but only in a temporary restriction of processing of your personal data, you may require from the Controller to restrict the processing of your personal data.
- Right to data portability: in the case that you wish that SOPO companies processing your personal data based on your consent or based on a contract transfer the data to a third subject, you may use your right to data portability. In the case that the execution of the right would lead to an unfavorable prejudice to the rights and freedoms of third persons, SOPO will not be able to satisfy your request.
- Right to object: you have the right to object to the processing of personal data, which are processed for the purposes of protection of Controller´s legitimate interests. In the case that SOPO fails to prove the existence of a serious legitimate reason for the processing prevailing over your interests or rights or freedoms, they will terminate the processing based on your objection without undue delay.
To enforce your rights please contact us in a letter addressed to the SOPO company´s office or via email at firstname.lastname@example.org.
The Controller reserves the right to reasonably verify the identity of the applicant for rights in question.
These Principles of Personal Data Processing are valid from 25 May 2018.
Date of last revision – February 2020.