Privacy policy CRM Expanzo

This directive is devoted to the topic of personal data protection in connection with the validity of the General Data Protection Regulation (GDPR).

General business principles of DHO s.r.o. (hereinafter also DHO), express our commitment to strive to protect the personal data of our customers, suppliers and business partners. These rules state how this commitment will be implemented and the company's position in the role of controller and processor of personal data.

By using our service, you agree that DHO s.r.o. may use this data in accordance with the principles of personal data protection.

Creating a collaborative community is a top priority for Expanzo, Call Expanzo, CRM Expanzo and other DHO s.r.o. This privacy policy describes what personal information you can share with your Expanzo, Call Expanzo, Expanzo CRM provider, and other users when you install and use Call Expanzo, Expanzo, and Expanzo CRM. What data DHO s.r.o. As part of the Call Expanzo, Expanzo, Expanzo service, CRM receives, collects, uses. When connecting other services with the Call Expanzo, Expanzo, Expanzo CRM service, these services may have additional General Terms and Conditions and Privacy Policy, which users should also become familiar with, and when using the connected services, the user confirms that he has read and agrees with them. .

Principles and rules of personal data protection
We consider the protection of your privacy when processing personal data to be an important matter and we pay special attention to it. Our privacy policy is in accordance with legal provisions and our code of conduct, which applies to the entire DHO company.

We emphasize cooperation with companies that comply with the rules and legal provisions and carry out their activities in accordance with the Regulation of the European Parliament and of the Council (EU) on the protection of personal data. More about processors and recipients below.

Employees are bound by confidentiality and the company's internal rules. The company organizes and provides employees with training on rules and other obligations related to security and data protection, as well as internal audits to check compliance with these rules and policies when working with personal data. Access to personal data is controlled and based on the rights of individual employees as is essential for work in individual departments.

We process personal data obtained during visits to our website in accordance with the legal provisions in force in the Czech Republic. To optimize this website for system performance, usability, and to provide useful information about products and services, we automatically collect and store it. This information is typically information about your IP address, browser type and language settings, operating system, Internet Service Provider (ISP), and the date and length of your visit.

We use this information to effectively manage the website, to obtain information about user behavior on the website, to analyze trends and to collect demographic data about our users as a whole. The information collected in this way can be used for marketing and promotional purposes as well as for communication (eg for better orientation of users on the site, provision of personalized offers. Links on the website may lead to other services not covered by our rules.

Cookie services and their use
The organization's website, e-mail messages, online services, advertisements and interactive applications may use so-called "cookies" in order to optimize the services.

A "cookie" is a small file, usually consisting of letters and numbers, which we send to our browser's cookie file on your computer's hard drive via our Internet server. For example, this allows us to recognize a user's device when there is a connection between an Internet server and an Internet browser. The main purpose of cookies is to enable our internet server to provide the user with a website to which he is accustomed, so that visiting the company's website is more personal for the user and can better respond to his individual needs.

The company uses two types of cookies on its website:

Session cookies - these are temporary cookies that are stored in your browser's cookie until you quit your browser. These cookies are mandatory for the proper functioning of some applications or the functionality of this site.
Permanent cookies - permanent cookies can be used for easier and more convenient orientation of users on the website (eg faster and simpler navigation). These cookies remain in your browser's cookie for a longer period of time, depending on which internet browser settings you choose. Permanent cookies allow information to be transferred to the Internet server each time you visit the site. Permanent cookies are also known as tracking cookies.

Additional personal data is collected after if you give your express consent to such processing.

Category and scope of processed data
With regard to the protection of personal data, we limit the processing of personal data to data that is reasonable and relevant for the relevant business purpose. These are personal data for identification and communication with you and special categories of personal data that are necessary for our business activities in accordance with the relevant legal provisions.

Categories of personal data
As part of our activities, operations and use of the services, we may collect the following personal data of users, customers, business partners or suppliers. They are:

Name and surname
Company name
Address
email address
telephone number
fax number
Website
bank account number
IČO / DIČ
Photographs
Call history
Type of device
Locations
IP address
Contacts directories
User action - date, url, IP, GET data (system user)
Other service identifiers (Users may provide additional user identifiers such as Facebook, Google+, LinkedIn, and Twitter to link to and collaborate with third-party services or to log in to our services account. We do not store users' passwords on third-party services during this link)
Open data provided by authorities, state administration bodies, the statistical office, in particular the Trade Licensing Register, the Public Register and the Collection of Documents and the Register of Economic Entities and other public registers.
Contact details that the data subject publicly presents about himself as contact details of the subject (telephone, e-mail, website, facebook page, Linkedin, messengers,…)
When you use the Expanzo web service, Call Expanzo, CRM Expanzo or their mobile applications, the services may collect, process and store additional data from you from all devices on which you will use the application. This information may include the following: Device ID or unique identification code, device manufacturer and type, device and hardware settings, advertising ID, advertising data, operating system, operator, IMSI, connection information, screen resolution, usage statistics, device log, information events, information about device events such as failures, system activity, pages found, way of using services, date and time of events, evaluation of telephone numbers and other data depending on the application version used and Call Expanzo, Expanzo, CRM Expanzo other services DHO sro

When you contact DHO s.r.o., we may keep a record of your communication to assist you in resolving any issues. We may use your email address to send you information about our services, such as notifications of upcoming changes or improvements.

In the location service, we can determine using various technologies, such as IP address, GPS system and other sensors, which DHO s.r.o. they can provide, for example, information about nearby devices, Wi-Fi access points, and mobile network transmitters.

Creating a user account in the Call Expanzo, Expanzo, Expanzo CRM service also creates a global account that can be used to register and log in to other DHO s.r.o. services.

The data you provide in the Call Expanzo, Expanzo, Expanzo CRM profile can be used in all offered services, which will be linked to the global account for DHO sro services, and we can replace the previous names assigned to your account so that you have the same name .

We may combine personal information from one service with information (including personal information) from other DHO s.r.o. services, as well as data and third-party applications - for example, to make it easier for you to share content with people you know. Depending on your account settings, your activity on other websites and other applications may be associated with your personal information, for example to improve DHO s.r.o. and advertisements.

If a non-paying user wants to terminate the use of the service and permanently deletes his account in the Expanzo Call, Expanzo, Expanzo CRM and other services, DHO s.r.o. may continue to process and use the data provided by the user, but the connection of the user with this data will be deleted. For inserted posts, the username may remain. User profile data will be stored until they are modified or deleted, in the case of using other services of DHO s.r.o. the user's global account remains active and can be used for service pairing. If it is a user who uses commercial services such as call history recording, then information about his customer profile and user accounts will be kept under this customer even after the cancellation of the service, eg due to the retention of information for accounting purposes.

When creating a free account, at least information about the login e-mail and password will be stored about the user. Other data is optional if the user chooses to provide it. For paying customers, information related to the invoicing of services must be provided. DHO s.r.o. can these in information to include their information and third party information. For example, adding other contact information that is publicly available, etc. The information may be provided to third parties.

Users may share photos, names, numbers, e-mail and other contact information contained in the directory of their devices and other services, hereinafter referred to as "Contact Information", if this information can be shared on the device, platform and service. If a user shares such information about another person, confirms that he or she has informed such person or has a legitimate interest, you agree to provide us with such data in accordance with our information protection policy.

Users and customers are in the role of personal data administrator in the system, especially in cases where they fill, import and manage data in their storage in the system, for example in the Directory of Companies and Persons, Contact Persons. If a user creates a company, lists companies, exports companies or imports a company from the register of companies into their companies, he becomes a personal data administrator at that moment.

Assigning names and companies to phone numbers. We may assign a name to a phone number if a sufficient number of users of the service have shared a similar or the same person and company name as part of sharing their contacts. In the case of a call, we can use the call as a basis for verifying the existence and functionality of the telephone number.

Call barring
If a Call Expanzo user reports a number as spam, Call Expanzo stores that number in combination with the user's id to block calls and keep the blocked call list online so that the user can block the number on other devices and create a community directory of blocked numbers. Users or our Call Expanzo service and other DHO s.r.o. they can link the number with the company, or evaluate the number. In order to create a community number rating and number database.

The information is provided for the purposes stated in these terms and conditions of information protection and in particular for the purpose of providing extended functions to the user, the Call Expanzo user community, verifying the functionality and existence of telephone numbers and other contact details. This information can also be used by other services of DHO s.r.o.

Special categories of personal data
The Company does not process special categories of personal data ("sensitive personal data").

Processing time
We work with your personal information:

For the time necessary to fulfill the relevant business purpose and legitimate interest.
For the time necessary to comply with legal regulations (ie at least the duration according to the Archives Act).
To determine, enforce or defend legal claims.
If the user deletes his entered records in the system, the data will be deleted after six months after being marked as deleted, also due to the possibility of recovery. When you delete an entire account, the data is deleted earlier.



After the end of the specified period for processing and storing personal data, your data will be securely deleted or destroyed, anonymized.




In the case of granting consent for marketing purposes (incl. Profiling for the purpose of offering suitable products and services), the data are processed for the period of validity of the purpose of processing.

Data source
We obtain the data that we process mainly from personal data subjects. However, we may also learn about you from other sources to make sure that what we know about you is true and complete.

We process personal data that is communicated to us when establishing a business relationship, registration, conclusion of the contract, during its and the use of our services directly by the data subject or his employees.
We may obtain your personal data as well as sensitive personal data for the purpose of fulfilling the obligation under the contract.

The processing of personal data may also occur in the case of the provision of your data by a third party to whom you have given consent or directly a power of attorney for this purpose. We can also supplement the information with data published by you from publicly available sources.

Open data provided by authorities, state administration bodies, the statistical office, in particular the Trade Licensing Register, the Public Register and the Collection of Documents and the Register of Economic Entities and other public registers.
Contact details that the data subject publicly presents about himself as contact details of the subject (telephone, e-mail, website, facebook page, Linkedin, messengers,

Purposes of personal data processing
The company processes personal data only to the extent necessary for the fulfillment of the relevant business purpose. Personal data may be processed in one or more of the following circumstances:

Legitimate processing purposes
If you are dealing with DHO s.r.o. as a customer, business partner or supplier, we will ask you to provide personal data for the following purposes:

Conclusion, administration and performance of contracts.
Public interest
Customer support
Availability of open data from public registers in one place.
Verification of the existence, active status of business legal and natural persons and their publicly presented contact details.
Verification of the existence and functionality of contact details
Prevention and detection of tax and other fraud
Prevent unsolicited service and product offerings at

Direct marketing.
Promotion and presentation of products and services of data subjects
Relationship management, providing (online) services and contacts.
Improvement of services, development, interconnection of services.
Marketing and analysis of customers / processes.
Detection, prevention, in accordance with AML (money laundering) law.
Scientific and statistical analysis.
Fulfillment of legal and regulatory obligations.



If you are a job seeker, your personal data is processed for the following purposes:

Fulfillment of employment contracts, contractual obligations and human resources management.
Internal management, including evaluation of the organization or corporate culture.
Health and satisfaction of employees.
Fraud detection, prevention.
Fulfillment of legal and regulatory obligations.
Protection of vital interests of employees.
Analysis of employee profiles.
Recruitment and filling of vacancies, incl. former employees and jobseekers.



Expanzo.com database for the following purposes:

Conclusion, administration and performance of contracts.
Public interest
Availability of open data from public registers in one place.
Verification of the existence, active status of business legal and natural persons and their publicly presented contact details.
Prevention and detection of tax and other fraud
Prevent unsolicited offers of services and products
Direct marketing
Promotion and presentation of products and services of entities
Detection, prevention, in accordance with AML (money laundering) law.
Scientific and statistical analysis.
Fulfillment of legal and regulatory obligations.
Improving services.
Marketing and analysis of customers / processes.



Agreement
If this is not one of the above variants or the consent is required by another legal requirement, the consent will be obtained from the owner of the personal data before their processing. When granting consent, we will provide you with the following information:

Processing purposes for which consent is required.
Our contact details as a controller of personal data.
Your rights in connection with the processing of personal data.
If the processing is reasonably necessary to process the request, the consent of the data subject is assumed (for example, a visit to the website, use of DHO s.r.o. products and services).

Consent should be the free, specific, informed and unambiguous consent of the data subject to the processing of personal data concerning him or her, in the form of a written declaration, also made electronically, or an oral statement.

The data subject has the right to refuse or revoke consent to the processing of personal data at any time. DHO s.r.o. cease to publish the data or delete it if it no longer has a legitimate and legitimate reason to process and publish it.

Data owners' rights
With the validity of the General Regulation on Personal Data Protection, the owners (subjects) of personal data have the right to:

Information and access to personal data.
Data portability.
Processing restrictions.
Correction and deletion of personal data.
Information regarding the correction or deletion of personal data or restrictions on processing.
Raise an objection.
Exclusion from automated decision making, including profiling.

The roles in which we can record your personal data and determine the unique identification of your person are:

You are our client - buyer, person interested in purchasing, debtor, user of services.
You are our business partner - a trade intermediary.
You are a partner customer - a customer of our partner.
You are our supplier - provider of service and technical support, processor of partial processes.
You are our employee - a permanent and former employee or job seeker.
You are a natural or legal person registered in the public register. In particular, the Register of Trade Licensing, the Public Registers and the Collection of Documents and the Register of Economic Entities and other business registers.



We would also like to warn you that when exercising your rights in connection with the protection of personal data, there may be a certain restriction on our activities towards you and our contractual relationship.





Exercising the rights of the client and business partner
To exercise the rights of personal data subjects, we accept applications at the address DHO s.r.o., Cejl 53/115, 602 00 Brno, or at the electronic address info@expanzo.com

The application can be accepted in the case of unambiguous identification of the person, both in writing and electronically. Otherwise, we will ask you to provide additional documents for the correct identification of your person.


Information and access to personal data

In the event that we obtain your personal data for processing directly from you, we are obliged to inform you of the following:

Identity and contact details of DHO s.r.o ..
The purposes of the processing for which the personal data are obtained and the legal basis for the processing.
The legitimate interests of the controller or of a third party where those interests take precedence over the interests and rights of the data subject.
Potential recipients of personal data and the intention to transfer your personal data to a third country or international organization.
The period for which the data will be used, or saved.
A list of your rights, including the right to file a complaint.
Whether the provision of personal data is a legal or contractual requirement, ie when the data is processed on the basis of the law and when on the basis of your consent.
The fact that there is automated decision-making, including profiling.



In the event that your personal data has not been obtained directly from you, we are also obliged to provide you with information on the category of personal data concerned and the source from which the data was received.




We will provide the information within one month of the request at the latest.




Portability

The owner of personal data has the right to obtain his personal data provided to us in a structured form in a commonly used and machine-readable format. At the same time, as the owner of your personal data, you have the right to transfer this data to another administrator. The transfer of personal data is only possible for personal data that are obtained on the basis of consent or contract and are processed automatically.




This right may not be applied to processed data for the performance of a task performed in the public interest or in the exercise of public authority entrusted to the controller.



The transfer of data must not adversely affect the rights and freedoms of others.




Processing restrictions

As the data owner, you have the right to restrict the processing of personal data if:

Deny the accuracy of your personal information.
You suspect that personal data has been processed illegally, but you refuse to delete this personal data and instead request that your use be restricted.
We no longer need personal data for processing purposes, but you, as the data subject, request it to determine, enforce or defend legal claims.
You object to processing - processing will be limited to the time necessary to verify that the controller's legitimate reasons outweigh the data subject's legitimate reasons.



In the event of a request to restrict the processing of your personal data, our activities towards you and our contractual relationship may be limited.




Correction and deletion of personal data

As a data subject, you have the right to correct inaccurate or outdated personal data that concerns you.

You can correct your personal data by sending a request to our contact details.

You have the right to cancel or to be forgotten if you:

Personal data is no longer needed for the purpose for which it was collected and processed.
You revoke the consent on the basis of which we process the data and there is no other legal reason for processing.
Personal data is processed illegally.
Personal data was collected under the conditions of granting the child's consent in connection with information society services.



Your right to cancellation can be exercised only after the expiration of the specified period for determining, exercising or defending legal claims.




Information regarding the correction or deletion of personal data or restrictions on processing

Whenever you request it as the owner of the data, we will inform you about the recipients of your personal data at the moment when your data was made available to them. We will also inform you about corrections, deletions or if the processing of personal data concerning you is restricted.




The right to object

You can only object to certain specific cases, as regards:

Processing of personal data which is necessary for the performance of a task performed in the public interest or in the exercise of public power or for the purposes of our legitimate interests or the interests of a third party (incl. Profiling).

If you object to the relevant reasons, we will inform you of the reasons for processing. If our reasons do not outweigh your interests and rights, or if it is not a reason to determine, exercise or defend legal claims, the processing of personal data will be interrupted.
Processing for direct marketing purposes (incl. Profiling).

In the event that you object and do not wish your data to be further processed for this purpose, there is no need to state the reasons for the termination. Upon receipt of the objection, we will stop using your data for this purpose. However, if we also process the relevant data for another purpose on the basis of a different legal basis, such processing is not affected by the objection.
Processing for the purposes of scientific or historical research or for statistical purposes.

If you object to the relevant reasons, we will inform you of the reasons for processing. The right may be exercised only if it is not processing for the performance of a task carried out in the public interest.



Exclusion from automated decision making, including profiling

As the owner of your personal data, you have the right not to be the subject of any decision based solely on automated processing. It is a protection against a potentially adverse decision that could be made without human intervention.

We hereby confirm to you that, according to legal definitions, there is no automated decision-making in our company, including profiling.




However, there may be manual profiling of data based on open data provided by authorities, government agencies, the statistical office and types of contact information.




Children-exercising minor rights and representation
In the case of the provision of information services to a minor, the child's consent to the processing of his or her personal data is considered legal if the child has reached the age of at least 13 years. The consent of a child under the age of 13 must be expressed or approved by law an idiot (a person with parental responsibility for a child).

The above does not apply to the general contract law of the Member States, such as rules on the validity, conclusion or effects of a contract in relation to a child.





Exercise of supplier rights



To exercise the rights of personal data subjects, we accept applications at DHO s.r.o., Cejl 53/115, 602 00 Brno, or by e-mail at info@expanzo.com. The request can be accepted in case of unambiguous identification of the person.




If you are a natural person with whom we cooperate on the basis of a contractual relationship, in this case we are the administrator of your personal data and you can exercise your rights with us.




Information and access to personal data

In the event that we obtain your personal data for processing directly from you, we are obliged to inform you of the following:

Identity and contact details of DHO s.r.o.
The purposes of the processing for which the personal data are obtained and the legal basis for the processing.
The legitimate interests of the controller or of a third party where those interests take precedence over the interests and rights of the data subject.
Potential recipients of personal data and the intention to transfer your personal data to a third country or international organization.
The period for which the data will be used, or saved.
A list of your rights, including the right to file a complaint.
Whether the provision of personal data is a legal or contractual requirement, ie when the data is processed on the basis of the law and when on the basis of your consent.
The fact that there is automated decision-making, including profiling.



In the event that your personal data has not been obtained directly from you, we are also obliged to provide you with information on the category of personal data concerned and the source from which the data was received.




As our service provider, you have the right to information and access to data that will be provided to you at the time of writing the contract for the collection of personal data. You will also be provided with information after the correction, deletion or restriction of the processing of personal data. In all and other cases, we will provide you with information no later than one month from the fact.




Portability

The owner of personal data has the right to obtain his personal data provided to us in a structured form in a commonly used and machine-readable format. At the same time, as the owner of your personal data, you have the right to transfer this data to another administrator. The transfer of personal data is only possible for personal data that are obtained on the basis of consent or contract and are processed automatically.




This right may not be applied to processed data for the performance of a task performed in the public interest or in the exercise of public authority entrusted to the controller. The transfer of data must not adversely affect the rights and freedoms of others.




Processing restrictions

As the data owner, you have the right to restrict the processing of personal data if:

Deny the accuracy of your personal information.
You suspect that personal data has been processed illegally, but you refuse to delete this personal data and instead request that your use be restricted.
We no longer need personal data for processing purposes, but you, as the data subject, request it to determine, enforce or defend legal claims.
You object to processing - processing will be limited to the time necessary to verify that the controller's legitimate reasons outweigh the data subject's legitimate reasons.



In the event of a request to restrict the processing of your personal data, our activities towards you and our contractual relationship may be limited.





Correction and deletion of personal data

As a data subject, you have the right to correct inaccurate or outdated personal data that concerns you.

You can correct your personal data by sending a request to our contact details.

You have the right to cancel or to be forgotten if you:

Personal data is no longer needed for the purpose for which it was collected and processed.
You revoke the consent on the basis of which we process the data and there is no other legal reason for processing.
Personal data is processed illegally.
Personal data was collected under the conditions of granting the child's consent in connection with information society services.



In the event that the right to delete personal data that has been published or passed on by us to third parties is exercised, we take the necessary steps to inform all recipients of your personal data and notices to delete all links.





Your right to cancellation can be exercised only after the expiration of the specified period for determining, exercising or defending legal claims.





Information regarding the correction or deletion of personal data or restrictions on processing

Whenever you request it as the owner of the data, we will inform you about the recipients of your personal data at the moment when your data was made available to them. We will also inform you about corrections, deletions or if the processing of personal data concerning you is restricted.




The right to object

You can only object to certain specific cases, as regards:

Processing of personal data which is necessary for the performance of a task carried out in the public interest or in the performance of public authorities or for the purposes of our legitimate interests or the interests of a third party (incl. profiling).

If you object to the relevant reasons, we will inform you of the reasons for processing. If our reasons do not outweigh your interests and rights, or if it is not a reason to determine, exercise or defend legal claims, the processing of personal data will be interrupted.
Processing for direct marketing purposes (incl. Profiling).

In the event that you object and do not wish your data to be further processed for this purpose, there is no need to state the reasons for the termination. Upon receipt of the objection, we will stop using your data for this purpose. However, if we also process the relevant data for another purpose on the basis of a different legal basis, such processing is not affected by the objection.
Processing for the purposes of scientific or historical research or for statistical purposes.

If you object to the relevant reasons, we will inform you of the reasons for processing. The right may be exercised only if it is not processing for the performance of a task carried out in the public interest.



Exclusion from automated decision making, including profiling

As the owner of your personal data, you have the right not to be the subject of any decision based solely on automated processing. It is a protection against a potentially adverse decision that could be made without human intervention.

We hereby confirm to you that, according to legal definitions, there is no automated decision-making in our company, including profiling.




However, there may be manual profiling of data based on open data provided by authorities, government agencies, the statistical office and types of contact information.

Exercising the rights of job seekers
To exercise the rights of personal data subjects, we accept applications at the address DHO s.r.o., Cejl 53/115, 602 00 Brno, or at the electronic address info@expanzo.com.




The request can be accepted in case of unambiguous identification of the person. Otherwise, we will ask you to provide additional documents for the correct identification of your person.





Information and access to personal data

In the event that we obtain your personal data for processing directly from you, we are obliged to inform you of the following:

Identity and contact details of DHO s.r.o.
The purposes of the processing for which the personal data are obtained and the legal basis for the processing.
The legitimate interests of the controller or of a third party where those interests take precedence over the interests and rights of the data subject.
Potential recipients of personal data and the intention to transfer your personal data to a third country or international organization.
The period for which the data will be used, or saved.
A list of your rights, including the right to file a complaint.
Whether the provision of personal data is a legal or contractual requirement, ie when the data is processed on the basis of the law and when on the basis of your consent.
The fact that there is automated decision-making, including profiling.



In the event that your personal data has not been obtained directly from you, we are also obliged to provide you with information on the category of personal data concerned and the source from which the data was received.




We will provide the information within one month of the request at the latest.




Portability

The owner of personal data has the right to obtain his personal data provided to us in a structured form in a commonly used and machine-readable format. At the same time, as the owner of your personal data, you have the right to transfer this data to another administrator. The transfer of personal data is only possible for personal data that are obtained on the basis of consent or contract and are processed automatically.




This right may not be applied to processed data for the performance of a task performed in the public interest or in the exercise of public authority entrusted to the controller. The transfer of data must not adversely affect the rights and freedoms of others.




Processing restrictions

As the data owner, you have the right to restrict the processing of personal data if:

Deny the accuracy of your personal information.
You suspect that personal data has been processed illegally, but you refuse to delete this personal data and instead request that your use be restricted.
We no longer need personal data for processing purposes, but you, as the data subject, request it to determine, enforce or defend legal claims.
You object to processing - processing will be limited to the time necessary to verify that the controller's legitimate reasons outweigh the data subject's legitimate reasons.



In the event of a request to restrict the processing of your personal data, our activities towards you and our contractual relationship may be limited.





Correction and deletion of personal data

As a data subject, you have the right to correct inaccurate or outdated personal data that concerns you.

You can correct your personal data by sending a request to our contact details.

You have the right to cancel or to be forgotten if you:

Personal data is no longer needed for the purpose for which it was collected and processed.
You revoke the consent on the basis of which we process the data and there is no other legal reason for processing.
They are personal data processed illegally.
Personal data was collected under the conditions of granting the child's consent in connection with information society services.



In the event that the right to delete personal data that has been published or passed on by us to third parties is exercised, we take the necessary steps to inform all recipients of your personal data and notices to delete all links.




Your right to cancellation can be exercised only after the expiration of the specified period for determining, exercising or defending legal claims.




Information regarding the correction or deletion of personal data or restrictions on processing

Whenever you request it as the owner of the data, we will inform you about the recipients of your personal data at the moment when your data was made available to them. We will also inform you about corrections, deletions or if the processing of personal data concerning you is restricted.




The right to object

You can only object to certain specific cases, as regards:

Processing of personal data which is necessary for the performance of a task performed in the public interest or in the exercise of public power or for the purposes of our legitimate interests or the interests of a third party (incl. Profiling).

If you object to the relevant reasons, we will inform you of the reasons for processing. If our reasons do not outweigh your interests and rights, or if it is not a reason to determine, exercise or defend legal claims, the processing of personal data will be interrupted.
Processing for direct marketing purposes (incl. Profiling).

In the event that you object and do not wish your data to be further processed for this purpose, there is no need to state the reasons for the termination. Upon receipt of the objection, we will stop using your data for this purpose. However, if we also process the relevant data for another purpose on the basis of a different legal basis, such processing is not affected by the objection.
Processing for the purposes of scientific or historical research or for statistical purposes.

If you object to the relevant reasons, we will inform you of the reasons for processing. The right may be exercised only if it is not processing for the performance of a task carried out in the public interest.



Exclusion from automated decision making, including profiling

As the owner of your personal data, you have the right not to be the subject of any decision based solely on automated processing. It is a protection against a potentially adverse decision that could be made without human intervention.

We hereby confirm to you that, according to legal definitions, there is no automated decision-making in our company, including profiling.

Contact details of the administrator
To exercise the rights of personal data subjects, we accept applications at DHO s.r.o., Cejl 53/115, 602 00 Brno, or by e-mail at info@expanzo.com. The request can be accepted in case of unambiguous identification of the person.




We will process your requests / complaints without undue delay and we will inform you of the settlement within 30 days of receiving the request / complaint.

Overriding / superior interests
Some rights and obligations of DHO s.r.o., may take precedence over the rights of individuals, if in given specific circumstances there is a legitimate interest that outweighs the interest of the individual (priority interest). The overriding interest exists if:

Protect the legitimate business interests of DHO s.r.o., including:

Health, safety or security of individuals.
Intellectual property rights, trade secrets or company name.
Business continuity.
Confidentiality in the proposed sale, merger or acquisition of a business.
Involvement of trusted advisers or advisers for business, legal, tax or insurance purposes.
Prevent or investigate violations of the law, actual or presumed on the basis of justified suspicions (including cooperation with, for example, the Police of the Czech Republic), contracts or the principles of our company.
Otherwise, protect or defend the rights of DHO s.r.o., its employees or others.
public interest
prevention of tax and other fraud
Transfer of personal data to third parties
As part of our activities, your personal data may be provided to:

Entities provided by law, such as courts, the Czech National Bank, executors or insolvency administrators.
Other bodies for the protection of rights (eg courts, contract doctors, investigators, court commissioners, etc.).
To processors who guarantee the technical and organizational security of personal data protection.
With your consent, the other members of the DHO s.r.o. group, and the cooperating business partners.
Expanzo.com users and customers in the case of publicly presented personal data or open data provided by authorities, state administration bodies, the statistical office, in particular data from the Trade Register, the Public Register and the Collection of Documents and the Register of Economic Entities and other business registers.



Personal data is transferred to third parties only to the extent necessary for the fulfillment of the business purpose.




The company DHO s.r.o., cooperates only with processors who provide sufficient guarantees for the introduction of appropriate technical and organs initial measures so that the processing meets the legal requirements and to ensure the protection of the rights not only of our clients but also of our employees.

List of entities that may come into contact with your contact details
Administrator

DHO s.r.o., Bořivojova 878/35, 130 00 Prague 3 (IČ: 28446542)



Processors

Business intermediaries authorized to mediate DHO s.r.o. products.
Public authorities and courts (especially in fulfilling our legal obligations).
Auditors or other independent persons ensuring the fulfillment of legal obligations.
Information technology providers or operators.
Providers of services necessary for the performance of our activities (administrative activities, archiving, legal advice, debt management, etc.).
Health care providers (in the investigation of insurance claims).
Clients of our services in the case of publicly presented contacts and open data.
Rules for data transfer outside the European Union
This article sets out further rules for the transfer of personal data to third parties established in a country where an adequate level of personal data protection is not expected to be provided (a country with an inappropriate situation).




Personal data may be transferred to a third party located in a country with inappropriate status only if:

An agreement has been concluded between DHO s.r.o. and the relevant third party, which provides guarantees that the third party will observe a similar level of protection as set out in our company.
The third party has been certified in accordance with a code of conduct or a certification program that is recognized under applicable law, providing a "reasonable" level of data protection.
The third party has established binding corporate rules or a similar mechanism to control the transfer of personal data, which provides appropriate safeguards under applicable law.
The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between DHO s.r.o., and a third party.
The transfer is necessary for the performance of the contract with the customer, supplier or business partner, or at the request of the customer, supplier or business partner before acceptance of the contract.
In the case of publicly presented contact details of natural and legal persons registered in the public register, or in the case of open data provided by authorities, state administration bodies, the statistical office, in particular data from the Trade Register, Public Registers and the Collection of Documents and the Register of Economic entities and other business registers, or data published in the public interest and for the purpose of preventing tax and other fraud.
The transfer is necessary to protect the vital interest of the individual.
The transfer is necessary for the determination, exercise or defense of legal claims.
The transfer is necessary to satisfy an overriding reason relating to the public interest.
The transfer is required by any law to which DHO s.r.o.




Monitoring and compliance with legal standards
Our company performs internal audits of processes and procedures, which include the processing of personal data, in order to comply with established policies and rules.