About usProductsNewsSalesServiceContact
About usProductsNewsSalesServiceContact Spacer


In accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation (GDPR)

(Pursuant to Article 13(1) of the GDPR)

a) Data controller:

HENNIG CZ, s.r.o., with registered office in Úvaly, Klánovická 334, district of Prague-East, post code 25 082, identification number: 257 06 535, incorporated in the Commercial Register kept by the Municipal Court in Prague, File No. C 62914
(hereinafter also referred to as the "Controller")

b) Data protection officer:

Not appointed

c) Purposes of processing:

(i)    Performance of contracts concluded between the entity and the Controller;
(ii)    Enforcement of legal entitlements;
(iii)    Fulfilment of legal obligations (e.g. archiving);
(iv)    Possible addressing of customers / clients in connection with marketing activities;
(v)    Purposes contained in the consent to the processing of personal data.

Legal basis for processing:

(i)    Performance of contracts or implementation of measures accepted prior to their conclusion;
(ii)    Fulfilment of legal obligations;
(iii)    Legitimate interests of the Controller or a third party;
(iv)    Consent to the processing of personal data if no other legal grounds exist.

d) Legitimate interests of the Controller or a third party:

Processing of the personal data of the customer / client for direct marketing purposes (offer of follow-up and/pr additional services or goods by the Controller).

e) Categories of recipients of personal data:

(i)    External accounting company, tax advisor;
(ii)    Law office;
(iii)    Translation agency;
(iv)    Insurance company;
(v)    External IT specialist;
(vi)    Public authorities.

f) Intent to transfer personal data to a third country or to an international organization:

The Controller has no such intent.

(Pursuant to Article 13(2) of the GDPR)

a) Period of storage of personal data:

In accordance with the time periods indicated in the particular contracts, the Controller's internal regulations or in the applicable legal regulations, whereas it is a period necessary for securing the rights and obligations arising from contractual relations, as well as from the relevant legal regulations.

b) Rights of data subjects with respect to personal data and the Controller:

(i)    To request access;
(ii)    To request rectification of incorrect data;
(iii)    To request erasure;
(iv)    To request restriction of processing;
(v)    To object to processing;
(vi)    To request data portability.

c) Right to withdraw consent:

Where the processing is based on consent, the existence of the right to withdraw consent at any time is given, without affecting the lawfulness of processing based on consent before its withdrawal.

d) Right to lodge a complaint with a supervisory authority:

The data subject has the right to lodge a complaint with a supervisory authority, which is the Office for Personal Data Protection (www.uoou.cz).

e) Statutory/contractual requirement for the provision of data and the consequences of failure to provide data

The provision of personal data is based on both a contractual and a statutory requirement. Any failure to provide personal data may result in a breach of the legal regulations and/or in the impossibility to conclude a contract.

f) Automated decision-making/profiling

Not performed