Information on the processing of personal data
when providing our services
(hereinafter referred to as „GDPR‟)
We are glad that you have decided to join our happy customers. VIMcredit a.s. will also help your company finance invoices. We handle money and data carefully. In our company we ensure that all your personal data that you kindly provide to us are properly processed in accordance with the relevant legal regulations, i.e. with the GDPR.
This information on the processing of personal data has been prepared in accordance with the new regulation of the European Parliament and of the Council 2016/679 of April 27, 2016 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and on the repeal of Directive 95/46/EC (hereinafter referred to as the "regulation") and according to other legal regulations and defines what personal data our company collects as part of the services provided to clients, how we communicate with clients and how we process them.
1. Who we are and our contact details
We are the VIMcredit a.s. IČO 095 05 318 with registered office at Walterovo náměstí 985/6, Jinonice, 158 00 Prague 5, registered in the commercial register kept at the Municipal Court in Prague under file number B 25665.
Based on all contracts concluded by our company, we are obliged to receive, process and properly use personal data of customers, so we are the processor and administrator of personal data obtained from customers, employees, management bodies, authorized or contact persons of customers and potential customers.
If you have any questions about your personal data after reading this information, please contact us at info@vimcredit.com.
2. What data we process
When providing our services to clients, we process various types of information, which can be divided into the following categories
(a) Identification data
(b) Contact information
Contact data means telephone number, e-mail address, residential address.
(c) Data on services provided
By the term data about services provided (to be provided in the future) we mean data about services provided by us.
(d) Data used in communication
By the term data used in communication with you, we mean all data provided to us by customers, employees, authorities, agents or contact persons of customers and potential customers as part of communication with us, as well as the specific content of communication with that person, for example the content of e-mails or messages sent via the e-mail form.
3. How we use data
We collect and use personal data about customers, employees, management bodies, authorized or contact persons of customers and potential customers in accordance with applicable legal regulations, as follows:
(a) Provision of services and customer service
In order to ensure the safe and constant performance of our services, we may process identification, contact and service data and data contained in communications with you or your employees, authorities, agents or contact persons. We process this data for the purpose of fulfilling the contract (providing services) with the customer and based on our internal interests. We also process (store) some data for the purpose of fulfilling our legal obligations regarding data retention. Providing personal data in this case is not a legal or contractual requirement, but providing it will enable us to effectively and securely fulfill the contract we have concluded with you.
(b) Fulfillment of obligations under Act No. 253/2008 Coll., about some measures against the legalization of proceeds from criminal activity and financing of terrorism
In order to comply with Act no. 253/2008 Coll. on certain measures against the legalization of the proceeds of crime and the financing of terrorism (hereinafter referred to as "AMLZ"), in certain cases we are obliged to identify and store the identification data of the client or persons representing the client and to store documentation related to concluded contracts. We do not need your consent to process the personal data you have provided us, as your personal data is necessary for the conclusion of the contract, and if you do not provide us with your personal data, we will be forced to refuse the conclusion of the contract.
We are committed to providing a high level of protection for your personal data, so that your personal data will only be used for the intended purpose or within the limits of applicable laws. This information applies to all relationships between us.
4. What data we share
We never transfer your personal data to third parties. We do so only exceptionally, if the state administration authorities of the Czech Republic order us to do so in accordance with the law:
(a) Complying with applicable laws or other legal regulations and discussing court proceedings or handling state administration requests.
(b) Application of relevant contractual terms and conditions, including examination of their possible violation.
(c) Detection, prevention or other action aimed at investigating fraud and in the event of technical or security problems.
(d) Protection against harm to the health, property or safety of the company, our clients or the public as required or permitted by law.
We always take care not to provide third parties with more of your personal data than the situation requires.
5. How you can manage your personal data
As a client – natural person, managing body, authorized or contact person of our customer and potential customer, i.e. data subject, you are authorized to make decisions about activities related to your personal data within the specified scope. You can exercise the rights listed below 1) in person at the address of our company office, 2) by email to info@vimcredit.com 3) in writing to the address of our company office. We will try to respond as quickly as possible, but no later than one month after receiving your request. In case of doubt about your identification data, we will ask you for additional verification of your identity.
The Regulations and relevant legislation give you these rights
(a) Right of access
You have the right to ask us to confirm whether we are processing your personal data. If we process your data, you have the right to request a copy of this personal data and information from us in accordance with § 15 of the Regulation.
(b) Rights of correction
In order to process only your current personal data, we need you to inform us of changes to your personal data. If we are processing your outdated personal data, you have the right to request that it be updated, which we will do based on your request.
(c) The right to erase your personal information
Under the conditions specified in § 17 of the Regulation, you can request the deletion of your personal data. We will of course be very disappointed. You can request the deletion of your data, for example, if you have withdrawn your consent to the provision of your personal data, you have successfully defended your decision and there is no legal basis for the processing of your personal data. Or, for example, if we process your personal data unlawfully or if the purpose for which we processed your personal data is no longer current.
However, we will never be able to delete your personal data if we need it to prove, enforce or challenge legal rights.
(d) The right to restrict the scope of processing
If you meet the conditions of § 18 of the Regulation, you can ask us to limit the processing of your personal data. You can request restriction of processing, for example, if you claim that the legal conditions for the processing of personal data are invalid and you request that the processing of your personal data be restricted. Your personal data will continue to be processed if there are grounds for establishing, exercising or protecting legal rights.
(e) Right of transfer
If the processing of your personal data is based on your consent and our internal processing of your personal data is ongoing, you have the right to receive your personal data from us in a standard electronic format. If necessary and if technically possible, we will transfer your personal data to another personal data controller.
(f) Right to object
In the event that we process your personal data based on our internal requirements or those of third parties, you always have the right to object to such handling of your personal data. Based on your request, we will limit the processing of your personal data, and if we do not demonstrate a need to process your personal data, we will limit the processing of your personal data completely and delete all of them.
Please note that VIMcredit does not use your personal or business information for advertising purposes or provide it to third parties that collect large amounts of data.
(g) Right to appeal
If you suspect that we are processing your personal data in violation of the Regulation, you always have the right to file a complaint against us with the competent authority at your place of residence, workplace or the place where the violation occurred. For the territory of the Czech Republic the supervisory authority is the Office for the protection of personal data, with office in Plk. Sochora 27, Holešovice, 170 00 Prague 7,
Czech Republic, website: www.uoou.cz, tel.: +420 234 665 111.
(h) Right to withdraw your consent
If the processing of your personal data is based on your consent, you always have the right to withdraw your consent at any time. Withdrawal of consent has no effect on the processing of your personal data already carried out.
6. Where we get your personal data from
The personal data we process about employees, management bodies, authorized or contact persons, customers or potential customers, we mainly obtain directly from you or our customers / potential customers.
7. How long and where we store personal data
We store personal data for different purposes and for different periods of time. The retention period of personal data depends on the reasons for the processing and the subject of the services provided. As a rule, the processing of personal data is necessary for the legitimate interests of our company for a period of:
(a) the duration of our contractual relationship with the client or the provision of our services to the client.
(b) in order to fulfill our obligations under the AMLZ, we will process the personal data of the customer or his representative for the duration of the contract and further for a period of 10 years from the first year following the year of termination of the contract with the customer. In the event that the contract is not concluded, we will no longer store the personal data provided for the purpose of fulfilling the obligations under the AMLZ.
After this period, we can process your personal data only in special cases for data archiving purposes or for statistical purposes.
We store personal data in electronic form exclusively on the servers of VIMcredit a.s. and physically only on the premises of our company and under the supervision of our employees.
8. Changes to this information
The content of this information on data retention may be changed in the event of changes in legal regulations or changes in the purposes or means of processing. We cannot limit your rights under these rules and regulations. If we change this information in a way that could affect your rights, we will notify you immediately.