Privacy policy

These principles are based on the Directive for handling personal data, adopted by RR food delivery s.r.o. (hereinafter referred to as the "Company") for the processing of personal data in the sense of the GDPR general regulation and in accordance with the applicable legal order of the Czech Republic, in particular Act No. 110/2019 Coll., on the processing of personal data with effect from 24/04/2019, in the valid wording. The policy provides information on the basic principles according to which the Company processes personal data of statutory representatives, candidates for job positions, natural persons doing business, interested parties, representatives of legal entities, suppliers, customers (subscribers), business and contractual partners, employees, part-timers, transporters, visitors , guests, service users and their legal representatives, and other persons (hereinafter referred to as the data subject), and about the Company's approach to the processing, protection and security of personal data of data subjects.

1. Introduction

1.1. The Company, in the role of a personal data administrator, processes the personal data of data subjects within the framework of all its main activities, based on the Company's organizational structure and not only in the form of controlled access to such information. It also processes personal data of employees for legitimate purposes related to their employment relationship with the Company.

1.2. The company, from 25/05/2018, processes personal data of subjects in accordance with the effectiveness of the Regulation of the European Parliament and of the Council (EU) No. 2016/679 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46 /EC (General Data Protection Regulation), which is directly applicable in all EU member states (General Data Protection Regulation "GDPR"). Furthermore, the Company processes the personal data of data subjects in accordance with Act No. 110/2019 Coll., on the processing of personal data, effective from 24 April 2019.

1.3 The company, as a legal entity, processes personal data and in doing so fulfills the obligations of the administrator of this data, or their processor, as stipulated by applicable legal regulations.

1.4. The subject of personal data provides the Company with their personal data depending on the purpose of their processing, which is contained in its entirety in the form of Annex No. 1 issued by the Company's Directive for the Protection of Personal Data, and it is primarily and exclusively a definition of the purposes of personal data processing:

a) selection procedure for a job position;

b) to ensure the provided services of the Company;

c) for the purposes of legitimate interests of the Company or a third party;

d) to fulfill the contract between the entity and the Company;

e) for communication with customers, suppliers, contractual and business partners;

f) to ensure the purpose of the lease and ensure security;

g) for training and educational activities;

h) for promotional and marketing activities;

i) for the purposes of registration to www.yeskrabicky.cz www.yeskrabicky.cz

j) for the area of ​​invitations sent to events organized by the Company;

k) to ensure internal security and personal data protection processes, management of payroll and personnel agendas and related agendas and the resulting obligations of the Company's accounting;

l) for other purposes with the subject's consent to the processing of his personal data.

1.5. Consent to the processing of personal data is granted by the subject of personal data in the event that no other legal title can be used for the purpose of processing.

The company accepts the data subject's consent as a free, specific, informed and unambiguous expression of will, by which the data subject gives his/her consent to the processing of his/her personal data by means of a statement or other clear confirmation. The data subject has the right to withdraw his consent at any time. The withdrawal of consent does not affect the legality of the previous processing of the subject's personal data based on the consent previously granted. The data subject will be informed about this before consent is granted.


2. Purpose of personal data processing of personal data subjects

2.1. Personal data of personal data subjects must be collected only for specific, explicitly expressed and demonstrable purposes and must not be further processed in a way that is incompatible with these purposes. The processing of personal data is mainly carried out to cover the main subject activities of the Company, which are mainly production, trade and services not listed in Annexes 1 to 3 of the Trade Act.

2.2. The Company further processes the subjects' personal data to secure its contractual and other relationships, accounting, personnel and payroll agendas, recruitment agendas and other activities that are directly related to the Company's main activities and are defined in the Company's internal Directive for the protection of personal data.

3. Categories of processed personal data

3.1. The company collects, processes and stores the following categories of personal data of subjects, the composition of which is always determined by the necessity of personal data processing always according to the defined purpose of personal data processing for the given data subject, in particular:

3.1.1. address, contact and identification personal data - in particular: name, surname, date of birth, social security number, place of residence, telephone number, e-mail, delivery address, citizenship, OP number, CP number, ŘP number, bank number account, data box, personal experience; education,
3.1.2. descriptive personal data – in particular: subject data relating to the contractual relationship, such as, in particular and in addition to the personal data already mentioned in point 3.1.1. Tax identification number, address of registered office and place of business, etc.;
3.1.3. other personalized data – e.g. photos or camera recordings.

4. Principles of working with Cookies

Cookies are short text files that the website sends to your browser. They allow the website to record information about your visit, for example the chosen language and the like, so that the next visit to the website can be easier and more pleasant for you. Cookies are important because without them browsing the Internet would be much more difficult. Cookies enable better use of our website and adaptation of its content to your needs; almost every website in the world uses them. Cookies are useful because they increase the user-friendliness of repeatedly visited websites.

4.2 The administrator may use the following types of cookies on the website:
4.2.1 Relational (i.e. temporary) cookies allow us to connect your individual activities while browsing this website. These files are activated when you open your browser window and are deactivated when you close your browser window. Session cookies are temporary and all these files are deleted after closing the browser.
4.2.2 Persistent cookies help us identify your computer if you visit our website again. Another advantage of persistent cookies is that they allow us to adapt our website to your needs.

4.3 In accordance with the provisions of § 89, paragraph 3 of Act. No. 127/2005 Coll., on electronic communications, as amended, we would like to inform you that our website uses cookies for its operation, i.e. that we process your cookies, including permanent ones.

4.4 Internet browsers usually include cookie file management. Within the settings of your browser, you can probably manually delete individual cookies, block or completely prohibit their use. For more information, use your internet browser's help. If you do not allow the use of cookies, some functions and pages may not work as they should. Within the settings of your browser, you can also delete all or selected cookies stored on your device. To browse the web without saving information, you can also use the so-called anonymous browsing function, which some browsers offer. No cookies are stored on your device during anonymous browsing.

4.5 We use cookies to personalize content and ads, provide social media features and analyze our traffic. We share information about how you use our website with our social media, advertising and analytics partners. By using the website, you consent to the connection of the following services in particular:

  • 4.5.1         Google
  • 4.5.2         Facebook
  • 4.5.3         Twitter
  • Instagram
  • And others, such as internet browsers in particular: Opera, Safari, Mozilla Firefox, Seznam.cz, Microsoft Edge, Internet Explorer.

4.6 In order to display targeted advertising within advertising and social networks on other websites, we transmit data about your behavior on the website to these advertising and social networks; however, we do not share your identifying information with them.

5. Method of processing and storage of personal data and the period of their storage with the Company

5.1. The company processes the subject's personal data manually or in an automated manner and securely stores them in paper or electronic form for the period determined by the archiving, file and shredding regulations. Following the purpose of the processing, some of the subject's personal data is kept in the Company's information system (e.g. economic and accounting information system, etc.).

5.2. The company processes personal data in a way that ensures their proper security using established security measures against unauthorized or illegal processing and against accidental loss, destruction or damage, e.g. in the form of controlled access to this information, encryption and anonymization of personal data, the ability to restore the availability of personal data data or, for example, in the form of regular audits of established security measures.

6. Transfer of personal data

6.1. The Company does not transfer personal data to other persons, except for its personal data processors or personal data managers (where this obligation is imposed by a contractual relationship with the controller, processor or sub-processor), if the obligation to transfer them to authorities, authorities or institutions is not imposed on the Company by legal regulation or consent of the data subject was not granted.

6.2. During the processing of personal data by the Company, the administrator of personal data, there is no automated decision-making on the basis of which actions or decisions would be made, the content of which would interfere with the rights or legitimate interests of the data subjects.

7. Rights of the subject of personal data

7.1. Based on the request, the data subject will receive from the Company, unless specified in the request, all information about the processing of his data, in a concise, understandable and easily accessible manner using clear and simple language.

7.2. The application can be submitted by electronic means, by submission made through a data box or postal service provider, or by oral submission made on record with the Company; the application cannot be submitted by telephone.

7.3. If the personal data relating to the data subject is obtained directly from him, the Company will provide him with the following information at the time of obtaining the personal data:
a) the identity and contact details of the administrator,
b) contact details for the personal data protection officer (DPO),
c) processing purposes for which personal data are intended and processed, and the legal basis for their processing,
d) the legitimate interests of the administrator or a third party in the event that the processing is based on this legal title,
e) potential recipients or categories of recipients of personal data, including potential processors,
f) any intention of the controller to transfer personal data to a third country or internationally
organization including reference to appropriate safeguards,
g) the period for which personal data will be stored with the Company, or if it cannot be determined, the criteria for determining this period will be used,
h) the existence of the right to request from the Company access to personal data relating to the data subject, its correction or deletion, or restriction of processing, as the case may be, and to object to processing, as well as the right to data portability,
i) if the processing is based on the consent of the data subject, the existence of the right to revoke the consent at any time, without prejudice to the lawfulness of the processing based on the consent granted before its revocation,
j) the possibility to file a complaint with the supervisory authority,
k) the fact whether the provision of personal data is a legal or contractual requirement, or a requirement that must be included in a future contract, and whether the data subject has an obligation to provide personal data, and regarding the possible consequences of not providing this data,
l) the fact of whether automated decision-making takes place, including profiling, and at least in these cases, meaningful information regarding the procedure used, as well as the meaning and anticipated consequences of such processing for the data subject.

7.4. If the Company intends to further process personal data for a purpose other than the purpose for which they were collected, it will provide the data subject with information about this other purpose before said further processing.

7.5. The company does not have to provide the personal data subject with information about the processing if the data subject already has the said information and to the extent that it has it.

7.6. If the personal data was not obtained from the data subject, the Company will provide him with the same information and, in addition, the source from which the personal data originates and, where appropriate, information on whether the data originates from publicly available sources.

7.8. The Company will not apply an information obligation in the case of obtaining personal data from someone other than the data subject, if the acquisition or disclosure is expressly provided for by a legal regulation that applies to the Company and which establishes security and organizational measures to protect the legitimate interests of the data subject .

7.9. A subject of personal data who discovers or believes that the Company as controller
or another person who processes personal data for the Company, processes his personal data in violation of the regulation in the field of personal data protection or in violation of legislative obligations in the field of personal data protection, may request an explanation or request that the Company or the processor remove such resulting state. If the Company or the relevant processor does not comply with the request, the subject of personal data may contact the Office for Personal Data Protection, while the right of the subject to contact the Office for Personal Data Protection is not affected by this.

7.10. The subject of personal data has the following additional rights:

1. obtain from the Company, if the conditions for this are met, information on the processing of his personal data (information on the identity and contact details of the controller and his possible representative; possibly contact details of the personal data protection officer (DPO), processing purposes for which personal data are intended, and the legal basis for processing, potential recipients or categories of recipients of personal data and other information necessary to ensure transparent and correct processing of his personal data),
2. obtain access to personal data from the Company, i.e. obtain confirmation from the Company as to whether it processes personal data concerning him, and if so, the subject of personal data has the right to obtain access to this personal data and to other information within the legal scope,
3. to correct your incorrect personal data, or to complete incomplete personal data,
4. to delete your personal data, if the legal conditions have been met, e.g. if the personal data are no longer needed for the purposes for which they were obtained or otherwise processed, or e.g. if the subject withdraws his consent, on the basis of which the personal data was processed ,
5. to limit the processing of personal data by the Company, if the legal conditions are met,
6. on data portability, i.e. on obtaining personal data concerning him and which he has provided to the Company, in a structured, commonly used and machine-readable format,
7. raise an objection at any time for reasons of his specific situation against the processing of personal data concerning him;
8. not be the subject of automated individual decision-making, including profiling, if the subject does not give consent, except in cases where automated processing is permitted by law;
9. submit a complaint to the supervisory authority.

7.11. The company is entitled to require from the subject of personal data when applying for the fulfillment of any of the above-mentioned rights, his personal identification by verification with the relevant employee, or identification by verification by other available methods (e.g. data box, notary verification/Czechpoint verification of signature at the request of the subject, or . in person at the Company's headquarters).

7.12. In cases defined by law, the company is entitled to demand a reasonable payment, not exceeding the costs necessary for providing the information, for the provision of information about the subject's processed personal data.

8. Final Provisions

8.1. The subject of personal data can obtain all information about the processing of his personal data in person or via e-mail. Current contact information for the Personal Data Protection Officer can be found on our website www.yeskrabicky.cz. The data subject can exercise the rights arising from the applicable legislation in the area of ​​personal data processing and protection at the email address of the personal data protection officer dpo@yeskrabicky.cz.

8.2. The data subject has the right to contact the Office for the Protection of Personal Data, located in Prague 7, Pplk. Sochora 27, 170 00, tel. ústředna +420 234 665 111, https://www.uoou.cz, especially if the Company does not comply with a request for an explanation or removal of a situation arising from the processing of personal data that is inconsistent with valid legal regulations in the area of ​​personal data processing and protection.